FlareSolverr / FlareSolverr

Proxy server to bypass Cloudflare protection
MIT License
7.93k stars 674 forks source link

Review hcaptcha-solver solver #31

Open ngosang opened 3 years ago

ngosang commented 3 years ago

Enable it and do some tests to see if still works.

https://github.com/FlareSolverr/FlareSolverr#hcaptcha-solver https://github.com/JimmyLaurent/hcaptcha-solver

https://github.com/hitthemoney/hcaptcha-solver

abeloin commented 3 years ago
ccharlot commented 3 years ago

For me it's working perfectly jackett + flaresoverr with hcaptch-solver (with YGG)

medinaflav commented 3 years ago

For me it's working perfectly jackett + flaresoverr with hcaptch-solver (with YGG)

with docker ?

abeloin commented 3 years ago

@ccharlot Could you provide the logs when there is an hcaptcha, it should start with this:

INFO REQ-1 Cloudflare detected
INFO REQ-1 Waiting to receive captcha token to bypass challenge...

then it should end with either:

REQ-1 Successful response in 17.014 s

or

ERROR REQ-1 Token solver failed to return a token.

If you don't see this line, it mean that cloudflare didn't ask for an hcaptcha:

Waiting to receive captcha token to bypass challenge...
ccharlot commented 3 years ago

@ccharlot Could you provide the logs when there is an hcaptcha, it should start with this:

INFO REQ-1 Cloudflare detected
INFO REQ-1 Waiting to receive captcha token to bypass challenge...

then it should end with either:

REQ-1 Successful response in 17.014 s

or

ERROR REQ-1 Token solver failed to return a token.

If you don't see this line, it mean that cloudflare didn't ask for an hcaptcha:


Waiting to receive captcha token to bypass challenge...
``

Here it is :

020-12-16T11:45:18.534Z INFO REQ-193 Cloudflare detected
2020-12-16T11:45:18.560Z DEBUG REQ-193 Waiting for Cloudflare challenge...
2020-12-16T11:45:23.650Z DEBUG REQ-193 Validating HTML code...
2020-12-16T11:45:23.718Z INFO REQ-193 Successful response in 6.688 s
2020-12-16T11:45:24.701Z INFO REQ-194 Incoming request: POST /v1
2020-12-16T11:45:24.701Z INFO REQ-194 Params: {"maxTimeout":60000,"cmd":"request.get","url":"https://www2.yggtorrent.si/ (info removed)","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"}
2020-12-16T11:45:24.702Z DEBUG REQ-194 Launching headless browser...
2020-12-16T11:45:25.185Z DEBUG REQ-194 Using custom UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
2020-12-16T11:45:25.186Z DEBUG REQ-194 Adding custom headers: {}
2020-12-16T11:45:25.186Z DEBUG REQ-194 { headers: [Function (anonymous)] }
2020-12-16T11:45:25.188Z DEBUG REQ-194 Navigating to... https://www2.yggtorrent.si/engine/search? (info removed)
2020-12-16T11:45:27.832Z DEBUG REQ-194 {
  headers: {
    'upgrade-insecure-requests': '1',
    'user-agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36'
  }
}
ccharlot commented 3 years ago

For me it's working perfectly jackett + flaresoverr with hcaptch-solver (with YGG)

with docker ?

Yes

ccharlot commented 3 years ago

OK... it seems that until now, there was no captcha, so it was working... but now there is one, and I get an error :

Here is lastest log :

2020-12-16T16:00:24.631Z INFO REQ-1 Cloudflare detected
2020-12-16T16:00:24.679Z DEBUG REQ-1 Waiting for Cloudflare challenge...
2020-12-16T16:00:30.375Z DEBUG REQ-1 Validating HTML code...
2020-12-16T16:00:34.997Z INFO REQ-1 Waiting to receive captcha token to bypass challenge...
StatusCodeError: 404 - "nonsense\n"
    at new StatusCodeError (/home/node/flaresolverr/node_modules/request-promise-core/lib/errors.js:32:15)
    at Request.plumbing.callback (/home/node/flaresolverr/node_modules/request-promise-core/lib/plumbing.js:104:33)
    at Request.RP$callback [as _callback] (/home/node/flaresolverr/node_modules/request-promise-core/lib/plumbing.js:46:31)
    at Request.self.callback (/home/node/flaresolverr/node_modules/request/request.js:185:22)
    at Request.emit (node:events:329:20)
    at Request.<anonymous> (/home/node/flaresolverr/node_modules/request/request.js:1154:10)
    at Request.emit (node:events:329:20)
    at IncomingMessage.<anonymous> (/home/node/flaresolverr/node_modules/request/request.js:1076:12)
    at Object.onceWrapper (node:events:435:28)
    at IncomingMessage.emit (node:events:341:22) {
  statusCode: 404,
  error: 'nonsense\n',
  options: {
    uri: 'https://assets.hcaptcha.com/c/500c658/hsl.js',
    method: 'GET',
    callback: [Function: RP$callback],
    transform: undefined,
    simple: true,
    resolveWithFullResponse: false,
    transform2xxOnly: false
  },
  response: <ref *1> IncomingMessage {
    _readableState: ReadableState {
      objectMode: false,
      highWaterMark: 16384,
      buffer: BufferList { head: null, tail: null, length: 0 },
      length: 0,
      pipes: [],
      flowing: true,
      ended: true,
      endEmitted: true,
      reading: false,
      constructed: true,
      sync: false,
      needReadable: false,
      emittedReadable: false,
      readableListening: false,
      resumeScheduled: false,
      errorEmitted: false,
      emitClose: true,
      autoDestroy: false,
      destroyed: false,
      errored: null,
      closed: false,
      closeEmitted: false,
      defaultEncoding: 'utf8',
      awaitDrainWriters: null,
      multiAwaitDrain: false,
      readingMore: false,
      decoder: null,
      encoding: null,
      [Symbol(kPaused)]: false
    },
    _events: [Object: null prototype] {
      end: [Array],
      close: [Array],
      data: [Function (anonymous)],
      error: [Function (anonymous)]
    },
    _eventsCount: 4,
    _maxListeners: undefined,
    socket: TLSSocket {
      _tlsOptions: [Object],
      _secureEstablished: true,
      _securePending: false,
      _newSessionPending: false,
      _controlReleased: true,
      secureConnecting: false,
      _SNICallback: null,
      servername: 'assets.hcaptcha.com',
      alpnProtocol: false,
      authorized: true,
      authorizationError: null,
      encrypted: true,
      _events: [Object: null prototype],
      _eventsCount: 10,
      connecting: false,
      _hadError: false,
      _parent: null,
      _host: 'assets.hcaptcha.com',
      _readableState: [ReadableState],
      _maxListeners: undefined,
      _writableState: [WritableState],
      allowHalfOpen: false,
      _sockname: null,
      _pendingData: null,
      _pendingEncoding: '',
      server: undefined,
      _server: null,
      ssl: [TLSWrap],
      _requestCert: true,
      _rejectUnauthorized: true,
      parser: null,
      _httpMessage: [ClientRequest],
      [Symbol(res)]: [TLSWrap],
      [Symbol(verified)]: true,
      [Symbol(pendingSession)]: null,
      [Symbol(async_id_symbol)]: 491,
      [Symbol(kHandle)]: [TLSWrap],
      [Symbol(kSetNoDelay)]: false,
      [Symbol(lastWriteQueueSize)]: 0,
      [Symbol(timeout)]: null,
      [Symbol(kBuffer)]: null,
      [Symbol(kBufferCb)]: null,
      [Symbol(kBufferGen)]: null,
      [Symbol(kCapture)]: false,
      [Symbol(kBytesRead)]: 0,
      [Symbol(kBytesWritten)]: 0,
      [Symbol(connect-options)]: [Object],
      [Symbol(RequestTimeout)]: undefined
    },
    httpVersionMajor: 1,
    httpVersionMinor: 1,
    httpVersion: '1.1',
    complete: true,
    rawHeaders: [
      'Date',
      'Wed, 16 Dec 2020 16:00:36 GMT',
      'Content-Type',
      'text/html',
      'Transfer-Encoding',
      'chunked',
      'Connection',
      'close',
      'Set-Cookie',
      '__cfduid= (removed) ; expires=Fri, 15-Jan-21 16:00:35 GMT; path=/; domain=.hcaptcha.com; HttpOnly; SameSite=Lax; Secure',
      'x-amz-meta-md5',
      '0377438312a93cf85307e3fa0fe437cf',
      'x-amz-meta-privilege',
      '755',
      'Last-Modified',
      'Mon, 20 Aug 2018 21:31:04 GMT',
      'x-amz-error-code',
      'NoSuchKey',
      'x-amz-error-message',
      'The specified key does not exist.',
      'x-amz-error-detail-Key',
      'c/500c658/hsl.js',
      'x-amz-request-id',
      '00C9447B8EE208EA',
      'x-amz-id-2',
      '70vTT7DxSNhYkrC7+bGjsPrPqkeJj+jSZONuuoDk8MJ61yKVBxGrDB1Ae8n6obK8HFPoJF1c1UI=',
      'CF-Cache-Status',
      'EXPIRED',
      'cf-request-id',
      '070de13c4b0000cd8fff95f000000001',
      'Expect-CT',
      'max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"',
      'Strict-Transport-Security',
      'max-age=2592000; includeSubDomains; preload',
      'X-Content-Type-Options',
      'nosniff',
      'Server',
      'cloudflare',
      'CF-RAY',
      '60299e407e95cd8f-CDG'
    ],
    rawTrailers: [],
    aborted: false,
    upgrade: false,
    url: '',
    method: null,
    statusCode: 404,
    statusMessage: 'Not Found',
    client: TLSSocket {
      _tlsOptions: [Object],
      _secureEstablished: true,
      _securePending: false,
      _newSessionPending: false,
      _controlReleased: true,
      secureConnecting: false,
      _SNICallback: null,
      servername: 'assets.hcaptcha.com',
      alpnProtocol: false,
      authorized: true,
      authorizationError: null,
      encrypted: true,
      _events: [Object: null prototype],
      _eventsCount: 10,
      connecting: false,
      _hadError: false,
      _parent: null,
      _host: 'assets.hcaptcha.com',
      _readableState: [ReadableState],
      _maxListeners: undefined,
      _writableState: [WritableState],
      allowHalfOpen: false,
      _sockname: null,
      _pendingData: null,
      _pendingEncoding: '',
      server: undefined,
      _server: null,
      ssl: [TLSWrap],
      _requestCert: true,
      _rejectUnauthorized: true,
      parser: null,
      _httpMessage: [ClientRequest],
      [Symbol(res)]: [TLSWrap],
      [Symbol(verified)]: true,
      [Symbol(pendingSession)]: null,
      [Symbol(async_id_symbol)]: 491,
      [Symbol(kHandle)]: [TLSWrap],
      [Symbol(kSetNoDelay)]: false,
      [Symbol(lastWriteQueueSize)]: 0,
      [Symbol(timeout)]: null,
      [Symbol(kBuffer)]: null,
      [Symbol(kBufferCb)]: null,
      [Symbol(kBufferGen)]: null,
      [Symbol(kCapture)]: false,
      [Symbol(kBytesRead)]: 0,
      [Symbol(kBytesWritten)]: 0,
      [Symbol(connect-options)]: [Object],
      [Symbol(RequestTimeout)]: undefined
    },
    _consuming: true,
    _dumped: false,
    req: ClientRequest {
      _events: [Object: null prototype],
      _eventsCount: 5,
      _maxListeners: undefined,
      outputData: [],
      outputSize: 0,
      writable: true,
      destroyed: false,
      _last: true,
      chunkedEncoding: false,
      shouldKeepAlive: false,
      _defaultKeepAlive: true,
      useChunkedEncodingByDefault: false,
      sendDate: false,
      _removedConnection: false,
      _removedContLen: false,
      _removedTE: false,
      _contentLength: 0,
      _hasBody: true,
      _trailer: '',
      finished: true,
      _headerSent: true,
      _closed: false,
      socket: [TLSSocket],
      _header: 'GET /c/500c658/hsl.js HTTP/1.1\r\n' +
        'host: assets.hcaptcha.com\r\n' +
        'Connection: close\r\n' +
        '\r\n',
      _keepAliveTimeout: 0,
      _onPendingData: [Function: noopPendingOutput],
      agent: [Agent],
      socketPath: undefined,
      method: 'GET',
      maxHeaderSize: undefined,
      insecureHTTPParser: undefined,
      path: '/c/500c658/hsl.js',
      _ended: true,
      res: [Circular *1],
      aborted: false,
      timeoutCb: null,
      upgradeOrConnect: false,
      parser: null,
      maxHeadersCount: null,
      reusedSocket: false,
      host: 'assets.hcaptcha.com',
      protocol: 'https:',
      [Symbol(kCapture)]: false,
      [Symbol(kNeedDrain)]: false,
      [Symbol(corked)]: 0,
      [Symbol(kOutHeaders)]: [Object: null prototype]
    },
    request: Request {
      _events: [Object: null prototype],
      _eventsCount: 5,
      _maxListeners: undefined,
      uri: [Url],
      method: 'GET',
      readable: true,
      writable: true,
      explicitMethod: true,
      _qs: [Querystring],
      _auth: [Auth],
      _oauth: [OAuth],
      _multipart: [Multipart],
      _redirect: [Redirect],
      _tunnel: [Tunnel],
      _rp_resolve: [Function (anonymous)],
      _rp_reject: [Function (anonymous)],
      _rp_promise: [Promise],
      _rp_callbackOrig: undefined,
      callback: [Function (anonymous)],
      _rp_options: [Object],
      headers: {},
      setHeader: [Function (anonymous)],
      hasHeader: [Function (anonymous)],
      getHeader: [Function (anonymous)],
      removeHeader: [Function (anonymous)],
      localAddress: undefined,
      pool: {},
      dests: [],
      __isRequestRequest: true,
      _callback: [Function: RP$callback],
      proxy: null,
      tunnel: true,
      setHost: true,
      originalCookieHeader: undefined,
      _disableCookies: true,
      _jar: undefined,
      port: 443,
      host: 'assets.hcaptcha.com',
      path: '/c/500c658/hsl.js',
      httpModule: [Object],
      agentClass: [Function: Agent],
      agent: [Agent],
      _started: true,
      href: 'https://assets.hcaptcha.com/c/500c658/hsl.js',
      req: [ClientRequest],
      ntick: true,
      response: [Circular *1],
      originalHost: 'assets.hcaptcha.com',
      originalHostHeaderName: 'host',
      responseContent: [Circular *1],
      _destdata: true,
      _ended: true,
      _callbackCalled: true,
      [Symbol(kCapture)]: false
    },
    toJSON: [Function: responseToJSON],
    caseless: Caseless { dict: [Object] },
    body: 'nonsense\n',
    [Symbol(kCapture)]: false,
    [Symbol(kHeaders)]: {
      date: 'Wed, 16 Dec 2020 16:00:36 GMT',
      'content-type': 'text/html',
      'transfer-encoding': 'chunked',
      connection: 'close',
      'set-cookie': [Array],
      'x-amz-meta-md5': '0377438312a93cf85307e3fa0fe437cf',
      'x-amz-meta-privilege': '755',
      'last-modified': 'Mon, 20 Aug 2018 21:31:04 GMT',
      'x-amz-error-code': 'NoSuchKey',
      'x-amz-error-message': 'The specified key does not exist.',
      'x-amz-error-detail-key': 'c/500c658/hsl.js',
      'x-amz-request-id': '00C9447B8EE208EA',
      'x-amz-id-2': '70vTT7DxSNhYkrC7+bGjsPrPqkeJj+jSZONuuoDk8MJ61yKVBxGrDB1Ae8n6obK8HFPoJF1c1UI=',
      'cf-cache-status': 'EXPIRED',
      'cf-request-id': '070de13c4b0000cd8fff95f000000001',
      'expect-ct': 'max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"',
      'strict-transport-security': 'max-age=2592000; includeSubDomains; preload',
      'x-content-type-options': 'nosniff',
      server: 'cloudflare',
      'cf-ray': '60299e407e95cd8f-CDG'
    },
    [Symbol(kHeadersCount)]: 40,
    [Symbol(kTrailers)]: null,
    [Symbol(kTrailersCount)]: 0,
    [Symbol(RequestTimeout)]: undefined
  }
abeloin commented 3 years ago

@ccharlot hcaptcha isn't called in the log provided. There is no Waiting to receive captcha token to bypass challenge...

When accessing a site with cloudflare protection, you usually get the "Cloudflare protection please wait 5 sec" then it switch to the site. Flaresolverr bypass this without any plugins.

But sometime, when cloudflare doesn't like you, it will present you with a visual challenge(hcaptcha) that you have to solve. In that case the hcaptcha-solver will be use.

abeloin commented 3 years ago

@ccharlot The StatusCodeError: 404 - "nonsense\n" mean that it is broken and not working

abeloin commented 3 years ago

With PR12 it does seem to return a good value sometime, but the code doesn't find submit form. No '#challenge-form [type=submit]' element detected.

ngosang commented 3 years ago

This solver works picking random images so it will fail in a lot of requests and it's hard to know if it's working or not. The goal is to know if the code to click the images and the submit the form is right. If it's working we can enable it by default because it's better than nothing and it's free. In a real use case with Sonarr/Radarr + Jackett it's really useful because those apps make a new request each 15 minutes. Eventually one of the requests is going to work and Jackett saves the cookie forever (until it stops working).

In this site I always get the hCaptcha challenge. We can use it for testing captcha solvers. https://pirateiro.com/torrents/?search=

abeloin commented 3 years ago

I don't think it will work with cloudflare properly because of the way they tie in hcaptcha.

See this for more info: https://github.com/scaredos/cfresearch

ngosang commented 3 years ago

With the fix from https://github.com/JimmyLaurent/hcaptcha-solver/pull/12 I'm able to get a valid hCaptcha solution. The issue is the current logic in FlareSolverr to send the form to Cloudflare is not working as described in https://github.com/scaredos/cfresearch I'm going to need help here.

mcourant commented 3 years ago

Hi,

I have been using this tool for 1 year and I wanted to know what are the next steps? I have the same mistakes as you.

Cloudflare Error: hcaptcha-solver is not able to solve the new hCaptcha challenge. This issue is already reported #31.

Thanks a lot.

groenator commented 3 years ago

My container is behind VPN, all I did was changing the VPN location to Netherlands. I tried other location but they failed. I am not sure why only works when using Netherlands.

On Sat, 5 Jun 2021, 18:39 mcourant, @.***> wrote:

Hi,

I have been using this tool for 1 year and I wanted to know what are the next steps? I have the same mistakes as you.

Cloudflare Error: hcaptcha-solver is not able to solve the new hCaptcha challenge. This issue is already reported #31 https://github.com/FlareSolverr/FlareSolverr/issues/31.

Thanks a lot.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/FlareSolverr/FlareSolverr/issues/31#issuecomment-855271757, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABJRLJW4ZZP3XULJUTD5MQLTRJOLNANCNFSM4U2M76FQ .