Unable to login to Epic: 'Incorrect response' for captcha

[zcr268]

Unable to login to Epic

This error is reported every time login

This error is reported every time after manual input verification.

[0x11901]

same issue.

[Mow910]

Same error.

[GAS85]

Probably not connected to this Repo at all... Seems EPIC is down.

[unkindlykiller]

same issue and seems same as #260

[slimshizn]

Epic is no longer down from before, and no longer works with this app.

[CorneliousJD]

Having same issue, tried manually logging in and solving captchas and getting incorrect responses.

[slimshizn]

Just remove Epic for now, this isn't even being responded to.

On Fri, Dec 8, 2023, 9:43 AM CorneliousJD @.***> wrote:

Having same issue, tried manually logging in and solving captchas and getting incorrect responses.

— Reply to this email directly, view it on GitHub https://github.com/vogler/free-games-claimer/issues/261#issuecomment-1847300787, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFTK4Q7EBIG2OS6YQP64S6LYIMRP7AVCNFSM6AAAAABADYPCSOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNBXGMYDANZYG4 . You are receiving this because you commented.Message ID: @.***>

[coodrag]

Same error. Even after solving the captcha, I still can’t log in.

[bi0shacker001]

Duplicate of #182 #183 #254 #260 Please search before submitting issues

[vogler]

Closing this. The docker image won't magically fix itself. You can subscribe to #183 for updates. This week I'm probably still too busy with work. Feel free to experiment with packages and share your findings or just run the script outside of docker for now.

[bi0shacker001]

@vogler As a note: I don't believe this issue is specific to the docker image. I have this exact issue (matching the screenshot identically) outside of docker. Still a dupe, but merits pointing out.

[zcr268]

Closing this. The docker image won't magically fix itself. You can subscribe to #183 for updates. This week I'm probably still too busy with work. Feel free to experiment with packages and share your findings or just run the script outside of docker for now.

@vogler I went to see the issue of #183 and I don't think it's quite the same with mine. I entered the verification code, but then it prompted me an exception

[vogler]

I think there are the following issues:

1. getting a captcha in docker during login/claim: #183
2. login via terminal does not work since some selector changed: #260 - login by entering your data in the browser should still work
3. not being able to solve captchas ('Incorrect response') as @zcr268 mentioned
4. gibberish 'word word word...' text in the background as @bi0shacker001 mentioned - also outside docker

My observations AFAIR:

• I always had 4. (gibberish text), even outside docker, but no captchas and login worked.
• When trying to login too often I would get captchas during login and also had 3. (solved captcha, but said wrong response).
• Using Google etc. for login instead of email+password would lower the chance of getting a captcha.
• Whenever I was logged in, it would stay logged in forever until I delete the browser directory.

[vogler]

I entered the verification code, but then it prompted me an exception

@zcr268 What exception? If it's after the OTP, it shouldn't be the same as #260.

[zcr268]

I entered the verification code, but then it prompted me an exception

@zcr268 What exception? If it's after the OTP, it shouldn't be the same as #260。

@vogler Yes, what you said is true is indeed after the OTP. I completed the bot challenge through my browser, but I still get the screenshot above

[damiantrx]

Hey guys, I think I've managed to get past this error with the login process, which ends with an "Invalid response" message.

I think Epic has found a way to read a specific fingerprint from firefox in the docker container, which indicates the use of an automation tool they're struggling with (thanks for the summary-post by @vogler)

Ok so to the point (set higher fingerprint security):

cd /var/lib/docker/volumes/fgc/_data/browser/

touch user.js

cat << EOT >> user.js
user_pref("browser.contentblocking.category", "strict");
user_pref("privacy.resistFingerprinting", true);
user_pref("webgl.disabled", true);
user_pref("privacy.resistFingerprinting.letterboxing", true);
user_pref("browser.display.use_system_colors", false);
user_pref("widget.non-native-theme.enabled", true);
EOT

Unfortunately, I have not checked how the rest of the mechanism behaves (I already have the current game in the library), nor have I checked how this affects other claim-portals.

The higher level of protection against fingerprinting will certainly result in more captcha tests - I know this from normal use of Firefox with arkenfox setting. Perhaps a friendlier solution would be to generate unique browser settings (window size, resolution, etc.) instead of blocking.

[zcr268]

Hey guys, I think I've managed to get past this error with the login process, which ends with an "Invalid response" message.

I think Epic has found a way to read a specific fingerprint from firefox in the docker container, which indicates the use of an automation tool they're struggling with (thanks for the summary-post by @vogler)

Ok so to the point (set higher fingerprint security):

cd /var/lib/docker/volumes/fgc/_data/browser/

touch user.js

cat << EOT >> user.js
user_pref("browser.contentblocking.category", "strict");
user_pref("privacy.resistFingerprinting", true);
user_pref("webgl.disabled", true);
user_pref("privacy.resistFingerprinting.letterboxing", true);
user_pref("browser.display.use_system_colors", false);
user_pref("widget.non-native-theme.enabled", true);
EOT

Unfortunately, I have not checked how the rest of the mechanism behaves (I already have the current game in the library), nor have I checked how this affects other claim-portals.

The higher level of protection against fingerprinting will certainly result in more captcha tests - I know this from normal use of Firefox with arkenfox setting. Perhaps a friendlier solution would be to generate unique browser settings (window size, resolution, etc.) instead of blocking.

@damiantrx Thanks to your help, I was able to complete the challenge manually according to this setup. @vogler I guess that's the problem I'm having. I didn't try to claim because the game was already there.

[CorneliousJD]

Hey guys, I think I've managed to get past this error with the login process, which ends with an "Invalid response" message.

I think Epic has found a way to read a specific fingerprint from firefox in the docker container, which indicates the use of an automation tool they're struggling with (thanks for the summary-post by @vogler)

Ok so to the point (set higher fingerprint security):

cd /var/lib/docker/volumes/fgc/_data/browser/

touch user.js

cat << EOT >> user.js
user_pref("browser.contentblocking.category", "strict");
user_pref("privacy.resistFingerprinting", true);
user_pref("webgl.disabled", true);
user_pref("privacy.resistFingerprinting.letterboxing", true);
user_pref("browser.display.use_system_colors", false);
user_pref("widget.non-native-theme.enabled", true);
EOT

Unfortunately, I have not checked how the rest of the mechanism behaves (I already have the current game in the library), nor have I checked how this affects other claim-portals.

The higher level of protection against fingerprinting will certainly result in more captcha tests - I know this from normal use of Firefox with arkenfox setting. Perhaps a friendlier solution would be to generate unique browser settings (window size, resolution, etc.) instead of blocking.

I just set this up and tested, and it did indeed get me through the login process again. I did have to do the Captcha on login via VNC however it actually completed and attempted to purchase the current free game (which I already redeemed) I guess we will know tomorrow if it can actually claim a game on its own again.

NOTE: I did stop and restart the container and it was already logged in from last time. I've seen some sources say to run scripts like this every 6 hours or so in order to keep the login token active and valid, so if it slaps me w/ a captcah for login tomorrow perhaps I can try running this 4x daily instead of 1x daily.

[CorneliousJD]

NOTE: I did stop and restart the container and it was already logged in from last time. I've seen some sources say to run scripts like this every 6 hours or so in order to keep the login token active and valid, so if it slaps me w/ a captcah for login tomorrow perhaps I can try running this 4x daily instead of 1x daily.

So I could actually test now and the new GOG "Lacuna" game got claimed today just fine w/ the user.js file in place, but for Epic I got notification of epic-games: got captcha challenge right before claim. Use VNC to solve it manually. It at least got logged in though, which is a start.

[vogler]

@damiantrx Thanks!

https://github.com/vogler/free-games-claimer/blob/b68021b8e824ff4f0b66727a8be41c1eb141e239/docker-entrypoint.sh#L15-L26

Note that this will overwrite your user.js every run. Don't want to append every run. Could also write it only for fresh volumes without a data/browser, but I guess we want changes to this file pushed for existing volumes.

Only privacy.resistFingerprinting was needed for me to fix the 'Incorrect response' problem.

[vogler]

Regarding #183, I diffed prefs.js from the docker firefox with data/browser/prefs.js on macOS, but didn't notice anything that seemed relevant - just some timestamps and extension IDs.

Should compare the two browsers with some fingerprinting websites, like here: https://github.com/berstend/puppeteer-extra/tree/master/packages/puppeteer-extra-plugin-stealth#test-results-red-is-bad

[someash]

As i'm not very familiar with docker, I don't completely understand the above mentioned repair method, can I wait for update v1.6 to fix this issue?

[vogler]

It should be fixed already if you run the command from the Readme which automatically pulls the latest build. Rolling release - the version tags I just use sometimes to have some changelog.

[GAS85]

But latest tag update 2 months ago, use main tag to get current corrected release.

[vogler]

That was likely due to #229. Don't use any tags for docker, like in the Readme. They don't mean anything since there's no point in keeping/using old versions. (By 'version tags' above, I meant git, not docker.)

[CorneliousJD]

When starting it up now after doing a force-pull I'm getting the following when I look at VNC

EDIT: And if I hit "Create new profile" it's getting caught at captcha on login again.

[GAS85]

In releases and containers tag latest is pretty old. Not sure how ghcr here works, you can ether remove latest tag and hope that current active container will pick it up, or, better retag current main to latest. E.g. with ghcr-retag or crane via command: crane mutate -t latest ghcr.io/vogler/free-games-claimer:main

[vogler]

@CorneliousJD Don't know about the profile message, I didn't downgrade firefox. Did you use the profile with a different firefox? Probably easiest to just delete data/browser if you keep getting this. Don't know what you mean by 'caught at captcha on login': 1. the docker container still gets a captcha, just the 'Incorrect response' after solving one was fixed; 2. if you chose 'Create New Profile', it probably misses the user.js from above and you'll still run into this issue.

[vogler]

Release: https://github.com/vogler/free-games-claimer/releases/tag/v1.6 Re. docker tag I'll try https://github.com/docker/metadata-action?tab=readme-ov-file#latest-tag