Bypass Onlyfans Captcha?

[DaBossCoda]

I'm trying to create a script that can create a new OnlyFans account.

However the endpoint https://onlyfans.com/api2/v2/users/register seems to require a captcha and even though I've combined my script with a captcha service; OnlyFans strill throws the error: {'error': {'code': 102, 'message': 'Captcha wrong'}}.

Has anyone been able to successfully bypass OnlyFan's captcha?

I've got a valid sign, time, user-agent and xbc in my header requests (which works with requests to https://onlyfans.com/api2/v2/init) and i'm pretty certain that the captcha response being submitted with the payload is correct...

[maass78]

Any progress on this?

I have the same problem, as far as I understand, there are 2 captchas at once. Only I do not register an account, but login to it.

6LddGoYgAAAAAHD275rVBjuOYXiofr1u4pFS5lHn - Enterprise V2 captcha 6LcvNcwdAAAAAMWAuNRXH74u3QePsEzTm6GEjx0J - Enterprise V3 captcha

When I figured out the captcha, I didn't have the x-bc and sign headers yet, and the server responded with {"error":{"code":401,"message":"Please refresh the page"}}. Now that I've dealt with sign and x-bc, the server responds with {"error":{"code":102,"message":"Captcha wrong"}}

Request body - {"email":"email","password":"password","e-recaptcha-response":"v3recaptchaResponse","ec-recaptcha-response":"v2recaptchaResponse","encodedPassword":"base64encodedPassword"}

[OFfriend]

How many accounts do you need? Maybe a Tampermoney script is good enough? {"error":{"code":401,"message":"Please refresh the page"}} means you send a wrong x-bc header.

[mrxsal]

I've been trying to bypass this for a while now with a selenium script, but without luck. Initially, there are no captchas, but upon pressing the login button, an invisible (V3 Enterprise) captcha is initialized. If not passed, it falls back to a V2 enterprise captcha ("I am not a Robot"). Using an anti-captcha service does return a key, but is not accepted by OnlyFans (returns "Captcha Wrong"error). Interestingly, both the V2 and V3 keys are sent in the corresponding login call.

If anyone is able to solve this and let me know I would be very grateful.

[maass78]

How many accounts do you need? Maybe a Tampermoney script is good enough? {"error":{"code":401,"message":"Please refresh the page"}} means you send a wrong x-bc header.

I need a lot of accounts, so a script won't be enough. Problem {"error":{"code":401,"message":"Please refresh the page"}} is already solved. Аnyway thanks

[maass78]

I've been trying to bypass this for a while now with a selenium script, but without luck. Initially, there are no captchas, but upon pressing the login button, an invisible (V3 Enterprise) captcha is initialized. If not passed, it falls back to a V2 enterprise captcha ("I am not a Robot"). Using an anti-captcha service does return a key, but is not accepted by OnlyFans (returns "Captcha Wrong"error). Interestingly, both the V2 and V3 keys are sent in the corresponding login call.

If anyone is able to solve this and let me know I would be very grateful.

same problem

[idontreallyneedagithubaccount]

I think i can add something to this issue, OnlyFans currently enforces the solving of a V2 Recaptcha Enterprise after 3 calls to the API, no matter how high the score of the V3 Enterprise is. This limit is enforced IP-wise, and after solving a V2 Enterprise ReCaptcha and sending the request to the API with the valid recaptcha response key, the cycle repeats