Closed Only1P closed 1 year ago
Ok so, DDoS Guard. Great. Thankfully I found this promising bypass so it's just a matter of porting the main logic over into modules/api.py. Actually looks like a decent system, as in it's not some captcha bs or dark magic, its just testing if the "browser" will execute scripts and respond accordingly to the challenge in the page.
Still needs testing, but I'm not sure how I could manually force a DDoS-Guard challenge to be requested. At the very least now if there is a challenge and the bypass fails, the user gets a more useful error message saying that a browser challenge was needed and the bypass failed.
Released in version 10.0, hopefully it actually works lol
login_broken.zip