Open SwimmingLiu opened 1 year ago
In case anyone is interested in figuring out how the bda
was generated (I was not clear about it yet!)...
It is generated by this file funcaptcha_api.js?onload=loadChallenge
and can be debug by searching this line b3[dK(f_a_ir.m)] = aF[dK(f_a_ir.n)](by)
Hopefully someone good at JS can explain a bit on how it works? The code looks alien to me
Works fine in Europe, thanks!!!
Maybe not working again now? it worked in former few hours. The same exception: "OpenAI: {"detail":"Our systems have detected unusual activity from your system. Please try again later."} (code: 403)"
Now it's 403 again. Could you please take a look. @acheong08
Fixed using @pengzhile's endpoint for now. Will look into how to generate the parameters.
Looks like I might have to do some browser automation
I hope someone can help me figure out what this might mean:
{"ct":"/vfjnTlE3ZVKglS/2rXeoeDwcgCsKl/RgwpfExRQ90DTC+FYeFy4ZSzAsGJ9AiHCZ4NILmiMlF9I9tjTMB3K320yPa8/BRyPAU9fR8eaexyLH9XmXWF9ccO0aOD6fZf12nuUAp60x8ZZaX0mL6pF/F8ZQP0iyzg6dmQ77Xg0HCMCbEJYR9kavnknUSydOKNWtdGHNxNnNuvsxm2Qlpwq0+joshVwwHHJqlOUJHS9cC3dGEmFleWWQXwFz9Vx0EF8GtZJ9122n+CAkG0H6wi1cbbBUsyQWk9kl+KDy3O1t5+FsGf+F9pThpECMgcxPiJuf1aCtUbKIOmvpIHwYAcsWTOV3sNDf9yfJ5GnR7ZEBUGur4oz5UKJrp1B2xFrGfIkl4Vc8kFAFl4aoY5Uhf6k7c5Itj2XOjdbl5kPLlxFiRr+WqVFxexWtisNQrJ9vPwWGNxGGWi926UrkF4rwJV8SgOOPHPUfDobY8ezZRMuiQv8TPV84/LwDp2MuLaEJl0G/kyHMfxAyyLYbYJw3wXJ26pqfhvxasJfEQ2Q+IpNwQrnTx9PAV4C5nk832jujCOXAOnUwl8YBRSl/8pYgl+X/JJs+pgACBbKz9CX/ARAlDy4hzULMDtCpmiGWcOhQIkVOcPRGpEfef/0RGc0XfztcZMeDjaVWXnImELaRdfZ1p+xs1xi3VTelJ9ixETp1QYzj3SgP5Jgw20xQfJygxUE9SHuH6Fqt4/4P3BRoUTHkZh5k2joEGbsKno+Dnps4/+MF2BxAlaTf65R3byfLG3uLVWUv6Cwwj6d5pvmnHjW1aHQ3ulHkQENscC/ur3XtV2GNgxIHu0o1VryKuzVs4jDwQtVxmh1sB2VKV+AxPOp4l0nXIZpbQRsr08Q9BhQoaHrd2EQsW9uvNxCdZumd+JAqm7cirLZsvvv2CpiSfZPVjE95be+PdH7rThr5iSzKodDKSQ6Z/2P/mRkZ4psiWfo/mITbmczmq/9A432PqM3ffo1U1uH3CwOQx06SJGW9Kdu5YC+d7Y55L6dSrPKfcJagN+EOeuQNNr+aGpHJqfobjru0XUsxegARqofhYk9vJMyw9pcg/SZkFQ9PDJo1CbsKlhrIvYeP8U9IgkxaulOhHSlqnLWhJEgauEqT91ncO7VVQk7jDu8dlrrovGkih4dMByZCxJ8EjXnzpoCzeIe8a1PKZj4TQb5RlTifdfCl3Ki4n5EHnelre5O2pij6+XjC8j4ORXrzGVcR33KDgnzu4to8QBVpw9mdt49SSjsQ1NmtDuZt12IqPNQ/OHBHDssDnHlzvompbm6n/279YzvBwRsiEudM9KsG0m5myBOZztsW/t29l21nj0YcAdobBQFTjw1Bc9E1gbcKNJM33dV4afKD6vC1ubn3musUbe7KASjFcTWrdeh/6OGbmFeM+FR53N9ddCc214oat4TQEpV6ZurywcIhUR0JY3xr9HjEaCJTX0TNMkdER4fWv0oVT+B9psCx6NZ+n6zAiMPTHpEu5icQ4dVS/VOZUL5y3TwuC5kau0NQZkXEk+aQ6603yTvp7EIfi3RhT8wO33yWebRXWzQtBWNprK5Sz5Yp69I0hfUMwSd8vZ4SRrlr5ApSN9KwSQttwZAWmq+nuoswh23aEH7fUzRCDa4zdF6GMhMLXJLY4ptLDLSCkVTDZKlqnPwldWsdxvL/dZe3OY6mRg9CQWnNraeEuYh7ZNHEgINKwxvFAqzbWeKSvAeXgz5ERxEFmxD/myv/qAbF+5zitiUjmSHTjkAXHenT8qFnBzJcYlKUDGBErFNNVA/J7eKuv/uVr/NAX6TBEpkcePSxcJtdo2Dn+AevySOujJ30kdhCbuORrnlL6HZg2U7zMYubixcIORb/ftv98rD8VcqOA7KCVmJk/RBno/AyITag0uY2kZKVeFWHIkPKpl7/oBKUoZ1Hy/ijwDJO+Af+H6NINmx3Aa/CalvlQ7xzE3qoK9PPICOV2nfJKDMs5dGXOyQSVr2aCQsPhZqFjZR1z86IvoM2SPRE3Dygf9ozVeSvEI8aB7cF8KXqyZ8y6dKYJFN1no+EJj6cOvj7Q9vhZAEA0CNg4MjLxosmqUtsfXPfdFwLAzmgXGN42b7VPGzwLys+/N/YbiEsIUDJkx3BpmmM7cQhaQPs7HLVG10ei6xw/ll1dUrXTQT6AAgoCmLYqRbhKoIilfzfMV6+JUIQOz4vYOYryseG9kGGiHkP3+mnPZ8hOeMZYorey6T7bQRPmNad3EzZ94yvJJQui2UWFHhL22fI3WZDb0E7rj3WCt0v8Pp3L2Vu5H3xzM6sGBuyXPK5VYVBQy74rIeM1Hv4gCoiNSEfX7mFtIfRM3GNjrbX69t6XePK/I3zSSJFT/j5hlIbEUcTEEwLtzx+o1WTZdLvGOUhAv01CuAFHsjpMkknVVUdVQeAf5GZkdFqd0s2tMPXirvYRZT7aullUHwVknGL2F/SYrrw35g5PW6OvxSqRaU17WXeEFmg1r8pisRMyWyqpowQkBcjdOWgvXSJ/C6bk4YMJFbOkwSqNGs8MMxnFdedDBmn0eKaX9BCcEVEjxhAM73jL7zE+nGhgVg79a/KVSWK2094SKCfSkdnqLMpMx0JsQkULSgacAuzYI5LAJoo+9Jv1BVcm9XQZIuDB3gkrTSeK4i+7JhGlqttSNvtGA9bY+ImnCc/e/oinBoIevpGcN/mHaVLSUOpSGfmfxYQ31SMlysEacTWNknsCpuM3kYikNRHAuIiHOJ3yvXvnPWvyIa1I4oDVOq/9Kwa2zxBK3q4WYbqUKmmI+pU3+0o9f4WzvkPW9Bk4QctHdR/ICzpQY3QH3UwBmFD+09koTuW9fd7Jxp5aVYz1+EiSAkBpER10XIKP5p0Ydsh9HNhzuvJslhgkfhDelQx7QO8BwjSS2DOqfQdLNVpaLqch40qd5POFDfCn+wx+P+q6cyM5TQRMLykc69/Ug5ySCp/+oZqvvUym/gV24kvtRMXTkAlE10t3QtFp7kB4fTKtREJGxesDbVd4FiJ3kLShSrydNgpMl3vdiyclVRzVwQruziXc8sSJ4P2UvobiG14trEylFbtOKmdoll8JKAJ0iDss9m7gkjvDzTXODLU0bQ03N6sHxnnxoRpS22z6AdHO6ikp6ilm9fgkQ2OHOEEnGDpFHOm2WmrfB0uskqioGmmoweKCIp9t71bFX8VUzd+huLeOSxy0ApK0uptfXZ2Wz5H+kGGjEs2/Ci/Cse42BVt7AAnA8+2lrS29s/q7QvBWodeWuVtG3y4d2JOaZ0jRlN2DHnL2GZfkk5YRv8dVwBUfgQnBOaumwyFBlDwpEw3DL5VP/xiOQ2eblMRMicpUvPjsWJjb14shcaM/szroIbysy3W47ayzCKn66yCt1SjRvildJMpFfP4ACmbwdSuoyBuafsfezCjS1V/OmNxplEXG9theOSXT3LCiGMXUB+C0SCI2zOvcKB4SqhylxKp/1cNXO93D48obxz6oKIdIt7ErdfSmNoa225H7psPwDzdRgmg50tdsKqsMcUK8fE6EG1Wb5SvfW9dZVIkBsBDjNyNAZvUo/mgxxgczuqgv+j+qa17R0qancHNJviEFohgxc/n5EuMr7C8p0M8i9V9EE+MtA+XIb+8UV7RFOczGQLch2zecrzrk4uR25z1Zd4oPYus8FZ+Be0TBb1CVbt4CFjgo7e9dbhuv3eRKmgW5W3hBojiTHt8wLh4/loQb1epo6OIoWLkLy1zaHH5hi+fC6udxjuCaXIofLYe2vPymOT93P4r9rnM28eMXRhjR6nNzAUp2k5GehSB529h2Vx2DKukQdvMcZ9DL3dyeSXuOyaJoHC08lYx+T+NLqDUtuHP84hyxW4AUNtqlv+W7EX+0lxMwP7dvZBsfHGB+Zc7br/a6G0tZy5IB+m4pWHRyr2vO7/OeHHmrxkFMZ7PApcX/whC773R6Y7ZSZizazGV9DyBoARft1gzzJXd/I5VePN1Tf5Hmz57qU7rytdfVoGpOMHxZLJEhelh2/MZphJOSBjij8iwbKIAWBoJMQFFbni/Il1EGKP/340fc6UGxDDWOK0R0Lho9cxSDiSZIEdPM7mZfPcH7SE+Oi7mxzUef8yGPhfggZUTm3e3dUBEng8ETuO24umvJbM8uYtrV0KlBsZ9Ib4PRaPBZfUtCC02g76PJIBCp5uTtOmeXCWwfRmNdoqTKaNfsZpDZGt2m663CMT3JFwG9oAIcU40WAh7vDUJgS+KtML4f1VdRQejO33itMr1fLgsH4jCXbiuQtkynNIOopB5SfAXl+OgaoaijmZ1mJhmGnQeRg8fex+pO78SAYC2ATQv+YjMzRwslOkeFOjSNAqkq30nZCvY4mEZic51ZyWLxoeH41lua12WNRji2e9Veo7RBlIfUF3kUWAGrE3uE9mXu/1Z7d8FfoIfPuPzb5yRmRdxpRZXP4f73fyXN0eSQuZdtYQNjivp1+3RFYhVR3XlhJttOLsd0VrbFkuqKJu2bgyMjJLeSptvjsTAOdfD1+XPXoMXEexrZB9P9P6SIRWxJmEBSD1AXArtU/+UmdJX1psFujHxAPWan241I655GkzFtavjdPuFmc8FOWYJad6gx+JqBDDcFF1orN8AEk+H5b63rK4PSrsKFj3dBwNy0EKddOTDmqxNr6gZtpLOlvMNW1d5So/lZfFCtGur07/yVTyryhE2ii5YknbrGMh0zkobUh5l+6p7KJetBDpsfr11FZL4CpdG+/fAziIKx+4tK3JY2cccG779q7nQ1MG9VlNMVCgkeHvhCBjgmX9Q/UjSG46Zz/QI+f3t7HUOrZ3amB4HBmt5gTHA68h/Y5JcrZ9JRAH+Cuf1k+UMnIkdC4+Ecw3QrCIIeYYiP0eIv5Be7PCpo1CPOuRiSvM9WVc12olEO0Sg4AjpOc01IEIJhGyxIm3++tE9JJRT/74iBcfqI+E5ueNz4ZnCtMLLfgSZHJGLc1CZzZHOtB12Gse1DEcjopo3bXaQHqqn6yIy1oqAO7hNa6goOoi34Rv99Pmbrs1vOv6PJE7TR0yrXS+IB9LciXL6nlVFuBlAg/4k+Aw7IPkdbXfn3W5GeaxmlRxy5jmpi7ZFFcAYcl60Ch5BvaCMQRRzjZgGnK77kQR1aCMQhRUcgeBAvDjz/uq3Mceer+tG5QqlyhjSjhRwNa7FyqS6ebsuOJ4dL3Wh9m+XVPFNmlsbdDduuWxtgNCHJenfbWM4R+FDrSicwWDiMESCVlUXAgQgHbRPB2afzQHWrwaZCNBwuyfVzcaPfWntLfRzz44doxR4rO1GHp1kf9EwbFvy6vPYwftexdmR7KYzB345b8bBPMKQo8dmMlIfZV9/8ZsbLOeZzoguogQtTFlfpg9AVFSMKowLXr7XitacWKREM+v10eelCNqQlyePbO/548isYWiuxvrFw8mxDd2MYsnetkbGs37PPDqm9pyIdSXWBll99kfbXU9HHaPW7CLIel+NFqVK+VLy2w5tWct63EYSPj0kiWPcQR2FwMqHR485ZwBX8qB/kd1kwpK5Ah9h4Xw+1KO59s3jaeJsYxwFbBH2mj7knBks1MQeoRPGNJWfQijat0OtaI016x/ntFRagWkCt6OaFQySTM1P/VUJZYtsbdcUwCtSZVxI9KzZG4JdipRBsUxBURs9rtDWzSEqQwuwzq9lukoqxuZXU3jBW+h5+tXMWh9g1fYUSLTvfVdKQomrT3Cvr2Uhi4vBcaX01oFfKQK7WmFXc1RajSl1p3BECPCxu1uQnPSrpAc2iMoi4piKJ0eS3lH1AY74NsJoHgRNznv0krWKxe93fxL9wGV90/jxMMEJl+Y8U2XF75fdxt2dDzATCjxJVGsVZg2FC0nxLTcNLJNyhjfZBQGxB/CaqxjAAso9So5AzlhVEyMNnO6d6frRYq7WURR+5pL0c6YcUQU28mQL2wxjdgw83OYpO+z9Ik8G7GWBgvek8j2JprAQ6xsYoxs71J7Mnn5PbX/8i68dlOQI7ucmoUh4t9z22GMZDXXXHhfpa4YWsNR7Ooz4EzfZRAp3jhSPsV4FsLoj8O9vAG5KOmMV0E+K0/5hQkvD9lozzs9ZkiPXwcsF6BOf2r5/DjCZRFQxoc0fLGKZ3kDtUa1euxUsTpqZ2MoZevPkXY09ff0bAXGEG8EWapTHLTkWTy+zx4SU41WFNjSvXuX6x2D8f/oGg/ER1WV80nbZ0PjyncyG7VqC8QNgTHdq4DzW38/19PRor8BU/PEZT8V6pvqK2mHQIFci75/c6yj5c/KDyJ6orftgccn//KtCDYDngZYdTSoiQI0rec6r9UltfX4","iv":"105fe368222748c1264b91bc33b007db","s":"7b9a4247f3ba1451"}
To think I found the answer in a roblox repo https://github.com/search?q=repo%3Anoahcoolboy%2Ffuncaptcha+encrypt&type=code
Here is the simplified NodeJS code to generate a BDA:
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const crypto_1 = require("crypto");
const alphabet = "abcdefghijklmnopqrstuvwxyz";
let md5 = (0, crypto_1.createHash)("md5");
function encrypt(data, key) {
let salt = "";
let salted = "";
let dx = Buffer.alloc(0);
salt = Array(8)
.fill(0)
.map((v) => alphabet[Math.floor(Math.random() * alphabet.length)])
.join(""); // 8 random letters
data =
data +
Array(17 - (data.length % 16)).join(String.fromCharCode(16 - (data.length % 16))); // Padding (pkcs7?)
for (let x = 0; x < 3; x++) {
dx = md5
.update(Buffer.concat([
Buffer.from(dx),
Buffer.from(key),
Buffer.from(salt),
]))
.digest();
salted += dx.toString("hex");
md5 = (0, crypto_1.createHash)("md5");
}
let aes = (0, crypto_1.createCipheriv)("aes-256-cbc", Buffer.from(salted, "hex").slice(0, 32), Buffer.from(salted, "hex").slice(32, 32 + 16));
aes.setAutoPadding(false);
return JSON.stringify({
ct: aes.update(data, null, "base64") + aes.final("base64"),
iv: salted.substring(64, 64 + 32),
s: Buffer.from(salt).toString("hex"),
});
}
console.log(encrypt(`[{"key":"api_type","value":"js"},{"key":"p","value":1},{"key":"f","value":"16676487049c5ca1f9ed95f157118e34"},{"key":"n","value":"MTY4NzcwNDY4OQ=="},{"key":"wh","value":"69789b20711be96e029340977e1223f4|72627afbfd19a741c7da1732218301ac"},{"key":"enhanced_fp","value":[{"key":"webgl_extensions","value":"ANGLE_instanced_arrays;EXT_blend_minmax;EXT_color_buffer_half_float;EXT_disjoint_timer_query;EXT_float_blend;EXT_frag_depth;EXT_texture_compression_bptc;EXT_texture_compression_rgtc;EXT_texture_filter_anisotropic;EXT_sRGB;KHR_parallel_shader_compile;OES_element_index_uint;OES_fbo_render_mipmap;OES_standard_derivatives;OES_texture_float;OES_texture_float_linear;OES_texture_half_float;OES_texture_half_float_linear;OES_vertex_array_object;WEBGL_color_buffer_float;WEBGL_compressed_texture_astc;WEBGL_compressed_texture_etc;WEBGL_compressed_texture_etc1;WEBGL_compressed_texture_s3tc;WEBGL_compressed_texture_s3tc_srgb;WEBGL_debug_renderer_info;WEBGL_debug_shaders;WEBGL_depth_texture;WEBGL_draw_buffers;WEBGL_lose_context;WEBGL_multi_draw"},{"key":"webgl_extensions_hash","value":"e9b895637474b1973cef1f7f4328d572"},{"key":"webgl_renderer","value":"WebKit WebGL"},{"key":"webgl_vendor","value":"WebKit"},{"key":"webgl_version","value":"WebGL 1.0 (OpenGL ES 2.0 Chromium)"},{"key":"webgl_shading_language_version","value":"WebGL GLSL ES 1.0 (OpenGL ES GLSL ES 1.0 Chromium)"},{"key":"webgl_aliased_line_width_range","value":"[1, 7.375]"},{"key":"webgl_aliased_point_size_range","value":"[1, 255]"},{"key":"webgl_antialiasing","value":"yes"},{"key":"webgl_bits","value":"8,8,24,8,8,0"},{"key":"webgl_max_params","value":"16,64,16384,1024,16384,32,16384,32,16,32,1024"},{"key":"webgl_max_viewport_dims","value":"[16384, 16384]"},{"key":"webgl_unmasked_vendor","value":"Google Inc. (Intel)"},{"key":"webgl_unmasked_renderer","value":"ANGLE (Intel, Mesa Intel(R) Xe Graphics (TGL GT2), OpenGL ES 3.2)"},{"key":"webgl_vsf_params","value":"23,127,127,23,127,127,23,127,127"},{"key":"webgl_vsi_params","value":"0,31,30,0,31,30,0,31,30"},{"key":"webgl_fsf_params","value":"23,127,127,23,127,127,23,127,127"},{"key":"webgl_fsi_params","value":"0,31,30,0,31,30,0,31,30"},{"key":"webgl_hash_webgl","value":"ab8bb1a3f75e1f1792e3faa7f00b722f"},{"key":"user_agent_data_brands","value":"Not.A/Brand,Chromium,Brave"},{"key":"user_agent_data_mobile","value":false},{"key":"navigator_connection_downlink","value":null},{"key":"navigator_connection_downlink_max","value":null},{"key":"network_info_rtt","value":null},{"key":"network_info_save_data","value":null},{"key":"network_info_rtt_type","value":null},{"key":"screen_pixel_depth","value":24},{"key":"navigator_device_memory","value":1},{"key":"navigator_languages","value":"en-US"},{"key":"window_inner_width","value":0},{"key":"window_inner_height","value":0},{"key":"window_outer_width","value":1128},{"key":"window_outer_height","value":724},{"key":"browser_detection_firefox","value":false},{"key":"browser_detection_brave","value":true},{"key":"audio_codecs","value":"{\"ogg\":\"probably\",\"mp3\":\"probably\",\"wav\":\"probably\",\"m4a\":\"maybe\",\"aac\":\"probably\"}"},{"key":"video_codecs","value":"{\"ogg\":\"probably\",\"h264\":\"probably\",\"webm\":\"probably\",\"mpeg4v\":\"\",\"mpeg4a\":\"\",\"theora\":\"\"}"},{"key":"media_query_dark_mode","value":true},{"key":"headless_browser_phantom","value":false},{"key":"headless_browser_selenium","value":false},{"key":"headless_browser_nightmare_js","value":false},{"key":"document__referrer","value":""},{"key":"window__ancestor_origins","value":["https://chat.openai.com"]},{"key":"window__tree_index","value":[0]},{"key":"window__tree_structure","value":"[[]]"},{"key":"window__location_href","value":"https://tcr9i.chat.openai.com/v2/1.5.2/enforcement.64b3a4e29686f93d52816249ecbf9857.html#35536E1E-65B4-4D96-9D97-6ADB7EFF8147"},{"key":"client_config__sitedata_location_href","value":"https://chat.openai.com/"},{"key":"client_config__surl","value":"https://tcr9i.chat.openai.com"},{"key":"mobile_sdk__is_sdk"},{"key":"client_config__language","value":null},{"key":"navigator_battery_charging","value":true},{"key":"audio_fingerprint","value":"36.3949139806391"}]},{"key":"fe","value":["DNT:unknown","L:en-US","D:24","PR:1","S:2256,1504","AS:2256,1504","TO:-480","SS:true","LS:true","IDB:true","B:false","ODB:true","CPUC:unknown","PK:Linux x86_64","CFP:-1990083474","FR:false","FOS:false","FB:false","JSF:Andale Mono,Arial,Arial Black,Calibri,Cambria,Comic Sans MS,Courier,Courier New,Georgia,Helvetica,Impact,MS Gothic,MS PGothic,Times,Times New Roman,Trebuchet MS,Verdana","P:Brave PDF Viewer,JavaScript document plug-in,euAn6d1,g3EpUSRI","T:0,false,false","H:3","SWF:false"]},{"key":"ife_hash","value":"4932422eb567a9fa3082f32e495e8f80"},{"key":"cs","value":1},{"key":"jsbd","value":"{\"HL\":7,\"NCE\":true,\"DT\":\"\",\"NWD\":\"false\",\"DOTO\":1,\"DMTO\":1}"}]`,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36' + <time>))
Even simpler:
const fun = require("funcaptcha");
async function main() {
const token = await fun.getToken({
pkey: "35536E1E-65B4-4D96-9D97-6ADB7EFF8147", // The public key
surl: "https://tcr9i.chat.openai.com ", // OPTIONAL: Some websites can have a custom service URL
headers: {
// OPTIONAL
// You can pass custom headers if you have to, but keep
// in mind to pass a user agent when doing that
"User-Agent":
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36",
},
site: "https://chat.openai.com", // OPTIONAL: The site parameter, usually not required
});
console.log(token);
}
main();
I'll be writing up an open source endpoint for fetching the BDA and stuff soon
Great
I'll be writing up an open source endpoint for fetching the BDA and stuff soon
I've written a golang implementa tion of js funcaptcha. It work for me.
I'm not sure but I think it seems to break down again now.
With the same exception of "OpenAI: {"detail":"Our systems have detected unusual activity from your system. Please try again later."} (code: 403)"
@acheong08 Could you check this when you are free? Thanks a lot.
Now it's 403 again. Could you please take a look.Thanks a lot. @acheong08
looks like browser automation is the only sane way
It works again! Thank you.
It works again! Thank you.
breaks down again @acheong08
yes, everytime I try to use this repo, this error occurs again xD
It's working for now. I'm working on another implementation as well. Using endpoint provided by @linweiyuan via browser automation
Thanks to @flyingpot and @linweiyuan, I've got a local version working again.
Method: Browser debug: https://linweiyuan.github.io/2023/06/24/%E5%A6%82%E4%BD%95%E7%94%9F%E6%88%90-GPT-4-arkose-token.html
Go implementation of ALFCCJS.encrypt by @flyingpot
The TL;DR of why the original funcaptcha implementation doesn't work anymore is due to added fingerprints and capi parameters in the form
Edit: It seems it works locally but not on my server? Perhaps server blacklisted?
I'll try hosting a separate endpoint to fetch the token and see if anything changes
Edit 2: Might have just been a typo
Edit: Forgot a timestamp
ChatGPT-Proxy-V4 works fine
This should keep working: https://github.com/acheong08/ChatGPT-Proxy-V4/releases/tag/1.6.2
I missed a timestamp on the previous version
Edit: https://github.com/acheong08/ChatGPT-Proxy-V4/releases/tag/1.6.3 (Missed actually updating the timestamp)
There are now two mysteries to me left:
{
"key": "wh",
"value": "8bd9d6f9d9631d44e00e0d08202329b4|5ab5738955e0611421b686bc95655ad0"
}
and
{ "key": "f", "value": "68bcbb9730494c5eef591ebf0b2ff666" }
in bx
@linweiyuan any hints?
(These two variables don't seem to have an effect though. They're MD5 hashes of something)
Need to check.
Per my tests, from yesterday night till now (UTC+08:00), if I pass null or just "abc" for arkose_token, still work, with different account, different IPs.
Did they relax security again?
Confirmed: Passing anything as arkose token works.
Bruh they keep trolling us
Honeypot.
Is OpenAI debugging or phishing? They have bad records on banning accounts.
As @linweiyuan pointed out, there is a possibility that this is a honeypot (they keep track of invalid access but do nothing for now, then ban later on)
Just in case, I have opted to continue passing along a valid arkose_token
Another possibility is that they are updating the captcha since we've already figured it out
Maybe failed again? (same 403 Error) @acheong08 Could you please check when you are free? Thanks a lot.
yes this is happening again... cat & mouse game with openai
Fixed
Seems like I fixed it but forgot to bump dependency version
Seems like I fixed it but forgot to bump dependency version
Works now, thanks a lot!
Not working again! 😵💫
There are now two mysteries to me left:
{ "key": "wh", "value": "8bd9d6f9d9631d44e00e0d08202329b4|5ab5738955e0611421b686bc95655ad0" }
and
{ "key": "f", "value": "68bcbb9730494c5eef591ebf0b2ff666" }
in bx
@linweiyuan any hints?
(These two variables don't seem to have an effect though. They're MD5 hashes of something)
This can be retrieved by the following funcapture's js function (new ArkoseEnforcement()).fc_fp.getFP
We can get them by running the following codes in the browser's console.
Not sure if it is possible to run this function in a headless browser and get those values from there. 😵💫
The f: https://github.com/flyingpot/funcaptcha/blob/main/fingerprint.go#L347-L364
The wh: getWindowHash()|getWindowProtoChainHash() (have not find out them yet)
What does it say in english?
“Please answer this question to prove that you are a real person.”
They want to fuck us up, its a limit of 25 messages per 3 hours, why they now start this shit ...
I have tried using a proxy IP pool, but after each IP obtains a certain quantity of
arkose_token
(which is actually not a large amount), manual completion of the captcha is always required.Previously, an
arkose_token
could be used repeatedly for a certain period of time or number of times. However, now it can only be used once.Therefore, for a large number of requests, the problem can only be solved if the IP pool is extremely large. Additionally, the traffic consumed per request due to the
bda
issue will also be very costly.
So I guess its over now ... well it was a hell of a ride with you guys, and you did a great job
Is there an existing issue for this?
What happened?
Steps to reproduce the problem
Try to run ask() with V1 API.
What should have happened?
Is should work:)
Version where the problem happens
Tried 6.3.4(latest)
What Python version are you running this with?
3.9
What is your operating system ?
Linux
Command Line Arguments
Console logs
Additional information
No response