Posted on • Originally published atalkeshghorpade.me
Bypassing Captcha using 2Captcha and Javascript
What are Captchas?
Anyone who has used the internet must be aware of CAPTCHA. It's an online service to know that a human is interacting or browsing the internet, and not a robot or automated software.
CAPTCHA stands for Completely Automated Public Turing test to
tell Computers and Humans Apart.
Without CAPTCHAs, it would be difficult to determine the difference between an automatic action performed by a bot, and a manual action performed by a human.
One of the most popular CAPTCHAs we see requires the user to enter the letters as shown below in the image.
But, in recent years CAPTCHAs have evolved in various ways like identifying picture recognition, mini-games, checkbox selection, and many more.
With new ways, CAPTCHAs have become one of the most frustrating and ineffective user interface features. Let's explore 2Captcha that aims to solve this problem.
What is 2Captcha?
2Captcha is a human-powered image and CAPTCHA recognition service. The service aims is to help users solve CAPTCHAs quickly and accurately.
2Captcha also pays you to solve captcha problems. The captchas usually contain distorted text within an image. A user is expected to type the answer to gain access to the website and get verified that they are not Robots.
2Captcha solves a variety of captchas. For integrating 2Captcha into our system, we can refer their API endpointshere. Different types of captchas like hCaptcha, reCaptcha, image captcha, normal captcha, text captcha can be resolved using 2Captcha services. We can refer to the full list of supported captchashere.
Integrate 2Captcha
Account Setup
If you are already registered on 2Captcha, we can skip this step. If not we need to first register on 2Captcha using thislink.
Once registered, we will get our API key which will be used during the integration process. To use the services of 2Captcha, we need to pay a token amount for captcha requests and processing.
Resolve Captcha using 2Captcha and Javascript
We will set up a new project for this integration. Open the IDE of your choice and create a new applicationsolve-captcha.
- On Mac, we can execute the below command in the terminal.
mkdir solve-captchacd solve-captchanpm init -yIn the last step, we have initialized the project usingnpm, which addspackage.json directly.
- Create index.js file
We then add a new file,index.js to the root directory of the project. On the terminal, we can execute
touch index.js- Install 2Captcha and Axios
We can find the Javascript package for 2Captchahere.Axios is a Promise-based HTTP client for the browser and node.js.
We can execute the below command to add these two packages to our application.
npm i 2captcha axios- geeksforgeeks.org reCAPTCHA
Few websites use captcha when new users sign-up on their platform. We will use [geeksforgeeks (https://www.geeksforgeeks.org/) in our integration example.
This is how the sign-up modal of geekforgeeks appears.
As seen above, geeksforgeeks is using Google's reCAPTCHA for identifying genuine users. Google reCAPTCHA integration is done using sitekey. We can find geeksforgeeks sitekey as mentioned in [2Captcha's API documentation (https://2captcha.com/2captcha-api#solving_recaptchav2_new).
In short, we search forwww.google.com/recaptcha/api2/anchor or finddata-sitekey parameter. We copy the value of thek parameter of the link or copy the value of thedata-sitekey parameter. sitekey of geeksforgeeks is6LexF0sUAAAAADiQjz9BMiSrqplrItl-tWYDSfWa.
- Javascript and 2Captcha
We start adding changes to the index.js file.
constaxios=require("axios");constcaptcha=require("2captcha");varFormData=require("form-data");a. We first require the necessary packages for integration.
- axios is used for HTTP requests.
- 2captcha is used for solving captcha.
- FormData is used to submit the sign-up data.
b. Initialize 2Captcha solver using 2Captcha API KEY
constsolver=newcaptcha.Solver("<Our API key>");c. Solve Google's reCAPTCHA using the 2Captcha solver method.
The 2captcha package exposes a methodrecaptcha to resolve reCAPTCHA. It expectssitekey andpageurl as parameters.
const{data}=awaitsolver.recaptcha("6LexF0sUAAAAADiQjz9BMiSrqplrItl-tWYDSfWa","https://www.geeksforgeeks.org/");d. Submit form data.
Once we get therecaptcha method response, we create form data to pass the necessary data to geeksforgeeks auth endpoint.
varbodyFormData=newFormData();bodyFormData.append("reqType","Register");bodyFormData.append("email","12sam1234@sam.co");bodyFormData.append("pass","sam1234!@#$");bodyFormData.append("institute","big data");bodyFormData.append("g-recaptcha-response",data);bodyFormData.append("to","https://auth.geeksforgeeks.org/?to=https://www.geeksforgeeks.org/");We use Axios to submit the above-generated form data.
axios({method:"post",url:"https://auth.geeksforgeeks.org/auth.php",data:bodyFormData,headers:{"Content-Type":"application/x-www-form-urlencoded","Accept":"application/json, text/javascript, */*; q=0.01"},}).then(function(response){console.log("In success");console.log(response.data);}).catch(function(response){console.log("In failure");console.log(response);});The whole index.js file will look as below:
constaxios=require("axios");constcaptcha=require("2captcha");varFormData=require('form-data');constsolver=newcaptcha.Solver("<My API key>");constbypassWebsiteCaptcha=async()=>{console.log("Initiate captcha process");try{const{data}=awaitsolver.recaptcha("6LexF0sUAAAAADiQjz9BMiSrqplrItl-tWYDSfWa","https://www.geeksforgeeks.org/");varbodyFormData=newFormData();bodyFormData.append("reqType","Register");bodyFormData.append("email","12sam1234@sam.co");bodyFormData.append("pass","sam1234!@#$");bodyFormData.append("institute","big data");bodyFormData.append("g-recaptcha-response",data);bodyFormData.append("to","https://auth.geeksforgeeks.org/?to=https://www.geeksforgeeks.org/");axios({method:"post",url:"https://auth.geeksforgeeks.org/auth.php",data:bodyFormData,headers:{"Content-Type":"application/x-www-form-urlencoded","Accept":"application/json, text/javascript, */*; q=0.01"},}).then(function(response){console.log("In success");console.log(response.data);}).catch(function(response){console.log("In failure");console.log(response);});}catch(err){console.log("In catch");console.log(err);}};bypassWebsiteCaptcha();NOTE
We have added step 5.c and 5.d inside atry..catch block.
e.Execute index.js
Run the below command and verify the response
node indexOur response should look like below:
Alkeshs-MacBook-Pro:solve-captcha alkeshghorpade$node indexInitiate captcha processIn success{"extra":"<div class=\"alert alert-info\">An email has been sent to your given address. Please click thelinkinthe mail tocontinue.<\/div>","code":2000}This means we have successfully bypassed the captcha. We can refer to the full-code repositoryhere.
NOTE
Many websites like geekforgeeks are using captchas. This blog is solely for educational purposes. Please don't use the above steps for anything malicious.
Top comments(0)
Some comments may only be visible to logged-in visitors.Sign in to view all comments.
For further actions, you may consider blocking this person and/orreporting abuse
