Is there a way to create an account via this API?

[DanMossa]

Was just wondering if there's an API to create a SnapChat account.

[hako]

There is, I've opened a pull request to #57 this requires the captcha to be passed though not phone number verification. Here is an example

[DanMossa]

@hako Sorry but I'm super retarded. So at the moment, it's not complete, correct? Cause I used the code you gave and a few errors came up.

[hako]

What were the errors came up? also my fork does not have the header fix yet and it still needs some refactoring. If you apply the fix, the registration still works.

1. git clone https://github.com/hako/php-snapchat and switch to the snaptcha branch
   • git checkout snaptcha
2. apply the header fix to snapchat_agent.php or download the patch here
3. download the example
4. change the $email and $username to whatever you want to register.
5. run php [example file].php

You should get a zip file full of images where you have to unzip and select which ones is are the ghosts.

Enter 1 for a ghost 0 for no ghost until it's 9 digits long.

And you should be registered.

It's not the best of examples, but i'll eventually clean everything up when I'm able to get some spare time.

[liamjack]

@hako : After how many new accounts do you start getting the snaptcha on registration ? Is the snaptcha only required on registration or can they make it required for login aswell ?

[hako]

The snaptcha is only required on registration. I don't know if there is an exact limit of accounts you can create yet.

[Snowlav]

As of this moment there is no limit for registration of accounts per IP / Device ID

[Snowlav]

Does anyone know if the snaptcha images are generated on the spot, or are they pre-designed and loaded from a database of some sort?

[liamjack]

Thanks to @hako and his image of Snaptcha we can see the following :

Here's another from Techcrunch :

These are not computer generated (take a look at the positioning, the fact that the ghost is behind an umbrella, positioned correctly at the end of a fishing rod... This is "art"), some "graphic artist" spent a lot of time doing these, which means there is a limited amount. Collect them all, md5 the image file, store in a database with a simple boolean called ghost : 0 = No ghost, 1 = Ghost. Your Snaptcha completion is now automatic.

This will work until Snapchat randomizes a few pixels, meaning that the md5 will change radically even though you have 99.9% the same image, so then an upgrade to "image recognition" will be required.

Worst case scenario you have to use Amazon's Mechanical Turk to have some humans tell you if a ghost is in the image or not, depends on your motivation and your budget.

[Snowlav]

I don't know if it's relevant but the current images snapchat uses for their captcha are different.

They seem pc generated to me and are even manually hard to solve at times haha.

[liamjack]

@Snowlav : Oh sorry then, I haven't had one recently :P Ok, well now we need to make a ghost detection script. Should be simple enough though seeing that the ghost is always the same sprite, it's just rotated, enlarged / reduced, a bit of PHP code should be able to handle this right ?

[liamjack]

I have forced a captcha upon myself for research reasons, and indeed these are very computer generated.

Here are some screenshots of 19 different captchas (because there seems to be no rate limiting on captchas, you can fail continuosly and Snapchat will keep on feeding you with a new load of captcha images until you get it right) : https://imgur.com/a/jRwlS

And here are all the decompressed ZIP files that were received with each request containing 21 captcha sets, each composed of 9 computer generated 180x180 PNG images, thats a grand total of 189 different images : http://files.lab.cuonic.com/ZDg5MWFjM

As you can see some of these are humanly impossible, I had to retry 3 times on a genuine attempt to get it right, so good luck getting a bot to identify the ghost !

[Snowlav]

In a lot of pics the ghost is the only white things, is it possible to look for a certain area size of a white color-range?

[liamjack]

@Snowlav The problem is there is also a duck, other white objects, and the size varies, the shape of the ghost isn't consistent, it can be deformed.

[Snowlav]

Hmm yes that's correct.. How long would it take if you gave snapchat a random string, and kept feeding it until it corresponds to the answer. Since there is no rate limit on failing.

[liamjack]

Good question, the problem is that the string gives 512 different possibilities, but the answer changes every time, so it could take ages.

[Snowlav]

is there a way of "checking" your input before snapchat actually "processes" it? For example, check the server response of a string, but snapchat does nothing with the server response. Might sound retarded haha, just wondering.

[liamjack]

Well no otherwise it would mean that they have a gigantic security vulnerability being able to try all the possibilities before actually posting off. :ghost:

[Snowlav]

sounds like snapchat to me :laughing:

[liamjack]

They're getting better ;)

[Snowlav]

Unfortunately ! haha, they are throwing up challenges for us now. Do you see any possibility in defeating the snaptcha ?

[liamjack]

Get loads of them and find a way of mass analyzing the images where there is a ghost to find something that will enable an algorithm to detect the ghost images

Something like this : https://en.wikipedia.org/wiki/Pattern_recognition

[Snowlav]

sounds like a fun project, I guess I could try to code something to just scrape those packages of pics.

[liamjack]

Scrape a load of captcha image zips, manually comb out the Ghost images, then analyze. Simple :P

[Snowlav]

do you have skype / g hangouts ?

[liamjack]

XMPP : cuonic [@] rows [.] io

On 06/01/2015 12:51, Snowlav wrote:

do you have skype / g hangouts ?

— Reply to this email directly or view it on GitHub https://github.com/JorgenPhi/php-snapchat/issues/73#issuecomment-68856538.

[Snowlav]

XMPP .. never used that, what client would you recommend for windows?

[liamjack]

Pidgin : https://pidgin.im/download/

On 06/01/2015 12:59, Snowlav wrote:

XMPP .. never used that, what client would you recommend for windows?

— Reply to this email directly or view it on GitHub https://github.com/JorgenPhi/php-snapchat/issues/73#issuecomment-68857118.

[Snowlav]

I'm snowlav [@] rows [.] io When I talk it says "no permission" under your name