buzzy
commented
1 year ago I can give you the working curl line and the golang code I am using, if that would help?
Open buzzy opened 1 year ago
buzzy
commented
1 year ago I can give you the working curl line and the golang code I am using, if that would help?
Danny-Dasilva
commented
1 year ago I can give you the working curl line and the golang code I am using, if that would help?
Yes that would help
buzzy
commented
1 year ago #This gives error 429, meaning blocked by Cloudflare
curl -v 'https://degoo.com/me/login' \
-H 'Content-Type: application/json' \
--data-raw '{"Email":"test@gmail.com","Password":"xxx"}'
#This is getting a response from the back-end server, meaning bypassed Cloudflare
./curl_chrome104 -v 'https://degoo.com/me/login' \
-H 'Content-Type: application/json' \
--data-raw '{"Email":"test@gmail.com","Password":"xxx"}'Here is my golang code to replicate. Worked before, but not any more.
response, err := client.Do("https://degoo.com/me/login", cycletls.Options{
Headers: map[string]string{
"Content-Type": "application/json",
},
Body: `{"Email":"test@gmail.com","Password":"xxx"}`,
Ja3: "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-17513-21,29-23-24,0",
UserAgent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
}, "POST")
qizhoumeng
commented
1 year ago Hello, have you encountered 408 problems? When I am a post, the body returns 408 when passing parameters
buzzy
commented
1 year ago Hello, have you encountered 408 problems? When I am a post, the body returns 408 when passing parameters
When you post to Cloudflare?
qizhoumeng
commented
1 year ago Hello, have you encountered 408 problems? When I am a post, the body returns 408 when passing parameters
When you post to Cloudfront?
post akamai
buzzy
commented
1 year ago Hello, have you encountered 408 problems? When I am a post, the body returns 408 when passing parameters
When you post to Cloudfront?
post akamai
No, I have never gotten 408. I don't think it's the same as my issue.
mnickw
commented
1 year ago You need to bypass http2 fingerprint too, CycleTLS doesn't spoof that. https://tls.peet.ws/
buzzy
commented
1 year ago You need to bypass http2 fingerprint too, CycleTLS doesn't spoof that. https://tls.peet.ws/
So this is something new that Cloudflare added recently? CycleTLS was the only thing needed until a few months ago to trick Cloudflare.
And why would that be needed if I use HTTP 1.1 for the request? Looks like only HTTP2 can be fingerprinted? Also, why would curl-impersonate still work then? It only does fa3 fingerprinting and no HTTP2 fingerprint.
Thanks!
ChrisMcMStone
commented
1 year ago Hi @buzzy, I'm interested to know how you're getting on with fixing this. Since your problem seems CycleTLS specific if curl-impersonate is working, have you tried running your requests with the uTLS: https://github.com/refraction-networking/utls?
Danny-Dasilva
commented
8 months ago Looking into this
SuperShao
commented
3 months ago Description
I have been using this library for a long time to bypass Cloudflares ja3 protection. It has been working without any problems. But when I tried it recently, CycleTLS is not fooling Cloudflare any more. Seems something changed.
I can still use the "curl-impersonate" tool without any problems. When I use the exact same ja3 fingerprint and useragent as the working "curl-impersonate", Cloudflare still catches CycleTLS as "fake client".
Not sure how I should debug this any further as it was working fine before. What do you need from me?
Issue Type
Bug
Operating System
Linux
Node Version
None
Golang Version
Other
Relevant Log Output
cycletls.Response{RequestID:"cycleTLSRequest", Status:429, Body:"", Headers:map[string]string{"Cf-Ray":"7846e20a5d97c293-VIE", "Content-Length":"0", "Date":"Wed, 04 Jan 2023 20:56:49 GMT", "Server":"cloudflare"}} Cloudflare gives error 429 when catching "fake clients". Don't let their documentation fool you about "too many requests".Description
I have been using this library for a long time to bypass Cloudflares ja3 protection. It has been working without any problems. But when I tried it recently, CycleTLS is not fooling Cloudflare any more. Seems something changed.
I can still use the "curl-impersonate" tool without any problems. When I use the exact same ja3 fingerprint and useragent as the working "curl-impersonate", Cloudflare still catches CycleTLS as "fake client".
Not sure how I should debug this any further as it was working fine before. What do you need from me?
Issue Type
Bug
Operating System
Linux
Node Version
None
Golang Version
Other
Relevant Log Output
cycletls.Response{RequestID:"cycleTLSRequest", Status:429, Body:"", Headers:map[string]string{"Cf-Ray":"7846e20a5d97c293-VIE", "Content-Length":"0", "Date":"Wed, 04 Jan 2023 20:56:49 GMT", "Server":"cloudflare"}} Cloudflare gives error 429 when catching "fake clients". Don't let their documentation fool you about "too many requests".
I encountered the same problem as you. At first, there was no problem. After waiting for two minutes, it was all 429. I tested the IP and found no problem. My UA and JA3 are also different. It's strange how they were detected. Have you solved it?
Description
I have been using this library for a long time to bypass Cloudflares ja3 protection. It has been working without any problems. But when I tried it recently, CycleTLS is not fooling Cloudflare any more. Seems something changed.
I can still use the "curl-impersonate" tool without any problems. When I use the exact same ja3 fingerprint and useragent as the working "curl-impersonate", Cloudflare still catches CycleTLS as "fake client".
Not sure how I should debug this any further as it was working fine before. What do you need from me?
Issue Type
Bug
Operating System
Linux
Node Version
None
Golang Version
Other
Relevant Log Output