It is not xenforo related, but the last release of hacking program supports XF.
Here U can buy new release
http://go****biz.com/showthread.php?t=31526
Instead of asterisks please insert a word "fu ck". Russian language, google translate will help.
P.S. I am not hacker, i'm only admin of one of XF forums.
Now I switched off recaptcha and using q-a.
P.P.S. The algorithm of registration is close to next:
- Bot make Registration
- I received a letter of registration, but the "Who's Online" tells that he does not finish the registration and so in this situation a session is not closed
- guests appears with other browser name (really that is only a parameter in this programm) but with the
same IP address it lights up that he has already authorized.
- I go to the admin panel, the user is registered.
It seems small changes in XF code can close this hole.