Open alohadude3 opened 1 year ago
Same here. Started about 3 days ago. Discord push message says "sign OK" but actually it did not sign. If I try to sign in manually with hoyolab, an image verification pops up.
I think that it might be some kind of anti-bot thing because when I use an alt to sign in manually there is no verification. So the solution might be to try manual for a couple of days I guess
I guess so. In this case the bot should return an error message to indicate the failure of signing in. However, it send an "OK" message to the discord server. This should be fixed I believe. Mihoyo added intensive anti-bot verification on the CN server which made auto sign-in nearly impossible. Hopefully, this won't happen to the international server.
Might be a bit hard to fix the "OK" message, as this is what HoYoLAB is returning from the API request. HoYoLAB is telling us that the check-in worked when it didn't.
Can we maybe add user-agent, and x-http-referrer reader to the scripts and. The end-server are probably checking for user agents and referrer like mentioned here: https://github.com/canaria3406/hoyolab-auto-sign/issues/11#issuecomment-1588510392
My account started to require captchas this day after succesfully checking in with the script for 12 days
I will try to add the code to the header
below to my scripts, and will report the result here tomorrow:
const header = {
Cookie: token,
'x-rpc-app_version': '2.34.1',
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36',
'x-rpc-client_type': '4',
'Referer': 'https://webstatic.mihoyo.com/',
'Origin': 'https://webstatic.mihoyo.com'
};
this change to header worked for me
this change to header worked for me
My account still requires captcha even after putting those header in the script.
The verification process probably done randomly or after certain days passed after checking-in without a user-agent/referrer, just a speculation though, cannot confirm anything...
Probably we want to push in the header changes to main anyway, just to make the script more like a human action to hoyoverse server logs.
yeah i agree, do u wanna do the pull request? i dont wanna take credit for ur work lmao
I've opened one at https://github.com/canaria3406/hoyolab-auto-sign/pull/17 please have a look
Today, the script successfully checked in my genshin account without captcha verification.
Will report here again if the captcha came back.
{
"retcode": 0,
"message": "OK",
"data": {
"code": "ok",
"first_bind": false,
"gt_result": {
"risk_code": 5001,
"gt": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"challenge": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"success": 1,
"is_risk": true
}
}
}
This is an example of API response.
Based on current testing results:
If the script fails because of captcha, it returns risk_code=5001
or 5003
, success = 1
, is_risk=true
.
If the script executes successfully, it returns risk_code=0
, success=0
, is_risk=false
.
I am temporarily using is_risk=true
or false
to determine whether captcha is acting, but need more tests.
(Also, thanks for submitting #17)
A commit in a similar python project seems to include some challenge parameters in the header: https://github.com/thesadru/genshin.py/commit/2d6f7d19485edb33c1529d50babd89dde64353c8 Though I'm not sure where you would get the actual solved challenge parameter from.
seems to be working once again by doing nothing. although the captcha in the browser still showed up when you claim check in manually
It´s broken for me again :( (Broke today)
(Telegramm) Check-in completed for (me) Genshin: Auto check-in failed due to CAPTCHA blocking. Please stop this script immediately and perform manual check-in for at least one week before attempting to use this script again.
After I manually collected it, it´s giving me the same message.
Not working for me today, and using updated HTTP Headers from the Pull request #17 . I just started using this a few days ago so I have never ran the code without the HTTP headers.
HSR is functional, Genshin is encountering the CAPTCHA even after manually collecting.
Edit: Update on Functionality. After 1 day of manually collecting the rewards by preforming the CAPTCHA/Check in on my phone for Genshin, the script worked for both Genshin and HSR the next day. I Will update this comment.
I don't fully understand tokens/http headers, but it seems like if the exact same HTTP check in request 2 days in a row (perhaps also same time of day) occurs, then the CAPTCHA is triggered for Checkin.
Mine also started breaking today.
I can see some repo (like one mentioned above) might able to successfully bypass the geetest captcha, but i would not want to do it. Pretty sure it's borderline against their ToS.
Will report here again if i find another solution.
Pretty sure it's borderline against their ToS.
The entire script already is.
I needed to change const bannedCheck = hoyolabResponse.data?.gt_result?.is_risk;
to const bannedCheck = hoyolabResponse.data.data?.gt_result?.is_risk;
(add one more data
) because the first one returns undefined, there are two data nodes and we need to get the deepest one.
...
[Symbol(kUniqueHeaders)]: null
},
data: {
retcode: 0,
message: 'OK',
data: { code: 'ok', first_bind: false, gt_result: [Object] }
}
}
The script seems to be no longer working for Genshin (Still works for Honkai and Star Rail).