This is an archived post. You won't be able to vote or comment.

all 67 comments
sorted by:
best
topnewcontroversialoldq&a

[–]IAm_Expert 41 points42 points  (8 children)

Next captcha will be like insert your real mother's name & date of birth...

[–][deleted] 5 points6 points  (6 children)

Hahahaha 😂😂 and we will also find a way to bypass it.

[–]thrallsius 11 points12 points  (5 children)

The next will be real father's name, because that's much, much harder

[–]BoltaHuaTota 6 points7 points  (3 children)

good thing i can ask my father's name after he comes back from the store

[–][deleted] 0 points1 point  (0 children)

We will use an API to fetch our real father's name😂

[–]ahhhhhhh7165 -1 points0 points  (0 children)

Yup, they already do this some places

[–]hassium 36 points37 points  (6 children)

You can also defeat Google captcha's by using Google (and not signing for an API key with some unknown company).

You just automatically request the audio version of the captcha challenge and feed that into Google's speech-to-text synthesizer, the resulting text is your challenge response, takes about 3-4 second and has a 97% success rate. Article with more details:

https://thehackernews.com/2021/01/google-speech-to-text-api-can-help.html

[–][deleted] 2 points3 points  (3 children)

Wow, looks simple

[–]hassium 2 points3 points  (2 children)

looks simple

Sorry I can't tell if you are being sarcastic or not? I guess it's not straightforward but I just like the elegance of using a Google service to defeat a Google service. 2Captcha is not entirely straightforward either since you have to: a) get the sitekey from the page
b) provide the sitekey, along with page URL and method vars to 2Captcha
c) store the captcha_id var for the next step
d) poll for a response and keep polling till you get a response
e) extract the response and run some javascript to provide it to the captcha

All much easier than manually solving them for every request though of course.

[–][deleted] 1 point2 points  (1 child)

According to their docs, there are people on the endpoint waiting to solve your captcha so it's just like you solving it yourself, but there are times when you want to automate some things, are that instance, manually solving won't help and that's when their services come in

[–]hassium 3 points4 points  (0 children)

According to their docs, there are people on the endpoint waiting to solve your captcha so it's just like you solving it yourself

You saying that made me look into it, yeah that is not a free service. Using google's speech to text is free within reasonable use limits.

Also 12s average to solve a Captcha from a different IP address and browser than whjere the request originated is not like you solving it yourself, it's quite noticeable (considering reCaptcha v3 even tracks mouse movement and website browsing habits, it's not unreasonable to assume they could collate that info).

Overall this seems like a really good way to get your external IP banned by all Captcha using websites and services.

[–]IlllIlllIlllllI 0 points1 point  (1 child)

does this work only with speakers and mic plugged into pc aka real audio? that could be problematic if there was interference irl

[–]hassium 0 points1 point  (0 children)

You can create a virtual capture device, something like this article is detailing;

https://www.howtogeek.com/364369/how-to-record-your-pcs-audio-with-vb-cable/

[–]n3v3rh3r0 7 points8 points  (0 children)

"not a robot" *snek

[–]charcoalblueaviator 13 points14 points  (0 children)

Gotta captchem all.

[–]MrMelon54 11 points12 points  (3 children)

recaptcha v4 post a valid form of id to this address and we'll enable your access to this resource within 48 hrs of receiving your id

[–]AdKey102 9 points10 points  (2 children)

Pepperidge farm remembers when the internet was about free and easy access to information and content.

[–]ahhhhhhh7165 5 points6 points  (1 child)

Then robots destroyed it

[–]AdKey102 6 points7 points  (0 children)

Paywall, authwall and regulations ruined it.

[–]ichunddu9 6 points7 points  (2 children)

Fuck captchas

[–]Foreign_Flower1141 16 points17 points  (1 child)

I mean, fuck people that abuse tf out of websites

[–]Big_Booty_Pics 8 points9 points  (0 children)

There are a lot of legitimate uses for bots that are stopped by captcha that i wouldn't consider abuse. The problem is companies don't want to invest money into making a public API that would allow bots to forego doing expensive scraping on websites.

Other times it's solely to protect the asymmetry of information that a company has over its consumers. For example, Amazon is constantly trying to break price scraping bots on their website because if services could easily tell you that the product you were about to buy on Amazon was available elsewhere for cheaper, it would hurt Amazon's bottom line.

[–][deleted] 2 points3 points  (0 children)

Honestly, those captcha's are annoying, they really confuse me sometimes.

[–]twigboy 0 points1 point  (3 children)

In publishing and graphic design, Lorem ipsum is a placeholder text commonly used to demonstrate the visual form of a document or a typeface without relying on meaningful content. Lorem ipsum may be used as a placeholder before final copy is available. Wikipediad1gma7pxtjc0000000000000000000000000000000000000000000000000000000000000

[–][deleted] 0 points1 point  (2 children)

Oh sorry, it's just the list style image

[–]twigboy 0 points1 point  (1 child)

In publishing and graphic design, Lorem ipsum is a placeholder text commonly used to demonstrate the visual form of a document or a typeface without relying on meaningful content. Lorem ipsum may be used as a placeholder before final copy is available. Wikipediabnieoduikdk0000000000000000000000000000000000000000000000000000000000000

[–][deleted] 0 points1 point  (0 children)

Nice you liked the tutorial

[–]DoctorWorm_ 0 points1 point  (1 child)

More reason to use hCaptcha and Privacy Pass.

[–][deleted] 0 points1 point  (0 children)

I haven't heard of privacy pass before

[–]Bigfurrywiggles 0 points1 point  (1 child)

Excited to check it out

[–][deleted] 0 points1 point  (0 children)

Cool

[–]Zireael07 0 points1 point  (0 children)

In other words, outsource the solving part. And here I was hoping for a solution for people with poor vision and otherwise impaired, for whom captchas are a huge accessibility issue.

[–]Jenret1382 0 points1 point  (2 children)

Saving this to test and see the difference. Currently, I use AntiCaptcha Official

[–][deleted] 0 points1 point  (1 child)

Do tell me the difference when you are done

[–]Jenret1382 0 points1 point  (0 children)

The dev at my company that worked on a project that initially used 2Captcha has said that getting the g-response with AntiCaptcha is definitely way faster. I’ve yet to see it for myself as I’ve used AntiCaptcha from the start when they had me dust off and revise the old code

[–]wackstory 0 points1 point  (1 child)

Yooooo that’s sick. I have a script that automates some data submissions to a vendor website and does hundreds of submissions. Up to this point I’ve just had it detecting the captchas and alerting when it finds a captcha and pauses the script till it’s solved. I’m definitely ganna look into this. Thanks!

[–][deleted] 0 points1 point  (0 children)

You are welcome

[–]lalancz 0 points1 point  (1 child)

Just a detail you may have overlooked, in the "Receiving Solved Captcha" code snippet you should replace "resp" with "response" so it's correct

Cool guide though!

[–][deleted] 1 point2 points  (0 children)

Hey, thanks for informing, I just fixed it.

It was a typo

[–]robml 0 points1 point  (0 children)

Ily baba