Catch the security flaw #2

Consider a fictional web site that lets you create new accounts (as shown below).

 

This site implements CAPTCHA to prevent a malicious user from creating large number of false accounts by running an automated script.

The following code is used to implement the CAPTCHA. What do you think is the flaw here?

public partial class _Default : System.Web.UI.Page

{

    protected void Page_Load(object sender, EventArgs e)

    {

        if (!IsPostBack)

        {

            int randomValue = GetRandomCaptchaValue();

            imgCaptcha.ImageUrl = GenerateImage(randomValue);

            // hdnCaptchaValue is a hidden variable.

            // <asp:HiddenField ID="hdnCaptchaValue" runat="server" />

hdnCaptchaValue.Value = GenerateHash(randomValue.ToString());

        }

 }

 

protected void btnSubmit_Click(object sender, EventArgs e)

    {

        if (GenerateHash(txtImageValue.Text).CompareTo(hdnCaptchaValue.Value) == 0)

        {

            // Code to create the account

        }

        else

        {

            lblCaptcha.Text = "The value entered is not correct.";

        }

    }

 

public static string GenerateHash(string text)

    {

        string hash = string.Empty;

        System.Text.UnicodeEncoding uEncode = new System.Text.UnicodeEncoding();

           

        System.Security.Cryptography.SHA512Managed sha = new System.Security.Cryptography.SHA512Managed();

        Byte[] hashBuffer = sha.ComputeHash(uEncode.GetBytes(text));

        return Convert.ToBase64String(hashBuffer);

     }

private int GetRandomCaptchaValue()

    {

        Random random = new System.Random();

        return random.Next(100001, 999999);

    }

/// <summary>

    /// This method generates an image using Bitmap class and then saves it in webroot.

    /// It returns the URL of the image.

    /// </summary>

    /// <param name="captchaValue">URL of the image</param>

    /// <returns></returns>

    private string GenerateImage(int captchaValue)…