search

Hecate2 / Ignareo-ISML-auto-voter

Ignareo the Carillon, a web crawler/spider template of ultimate high concurrency built for leprechauns. Carillons as the best web spiders; Long live the golden years of leprechauns! (ISML=international saimoe; 2022 ISML is last ISML)
MIT License
187 stars 13 forks source link

Hcaptch is used in the verification code. How to solve it #28

Open PHslw opened 2 years ago

Hecate2 commented 2 years ago

Yes I know that but I have not yet written any code for it. I write my codes for my personal interest (telling people that saimoes are just bootcamps for programmers) instead of actually vote for Chtholly. You may search for hcaptcha in GitHub and you would see production-ready codes to solve them. So hcaptcha is much much much easier than the original ISML captchas.

PHslw commented 2 years ago

Yes I know that but I have not yet written any code for it. I write my codes for my personal interest (telling people that saimoes are just bootcamps for programmers) instead of actually vote for Chtholly. You may search for hcaptcha in GitHub and you would see production-ready codes to solve them. So hcaptcha is much much much easier than the original ISML captchas.

I also write code. I'm interested in the verification of this website. When you enter voiting, you will get voiting token. Browser post a canvas fingerprint to the server will get a cookie: CI Session. When you submit, you will bring a cookie: CI Session and voting Token and h-captcha-response. I wonder when they were linked? When did IP and device bind?

Hecate2 commented 2 years ago

IP is checked by ISML server, and you cannot really detect any js or cookie about your IP. The information about your devices is included in the canvas figerprint. If you use the same browser and same machine, the fingerprint would surely be the same. That is why we randomly modify fingerprints. And maybe you can solve hcaptcha when waiting for submission (instead of solving it after the submitting POST request). I have not tried it yet.

PHslw commented 2 years ago

One of my conjectures is that a ticket contains IP and canvas fingerprints, CI_ Session promised that they would put in the same ticket. When an IP or a canvas fingerprint is found in multiple tickets during ticket check-in, it is a duplicate ticket. Thank you for your reply

Hecate2 commented 2 years ago

One of my conjectures is that a ticket contains IP and canvas fingerprints, CI_ Session promised that they would put in the same ticket. When an IP or a canvas fingerprint is found in multiple tickets during ticket check-in, it is a duplicate ticket. Thank you for your reply

I agree; and I am also Chinese