win32ss
commented
2 months ago Possible UACH discrimination issue. That's why Supermium will soon default to identifying as Google Chrome 128 running on Windows 11.
Closed xixhub closed 1 week ago
win32ss
commented
2 months ago Possible UACH discrimination issue. That's why Supermium will soon default to identifying as Google Chrome 128 running on Windows 11.
XakerTwo
commented
2 months ago 
Stepman123
commented
2 months ago Possible UACH discrimination issue.
This is unlikely. These checks pass normally as always. With the original user agent.
XakerTwo
commented
2 months ago hm... can confirm that is not an CH issue. On Win XP SP2 x64 at least two errors come up that is not present on Win 7 SP1 x64
Vangelis66
commented
2 months ago ... My OS is Windows Vista SP2 32-bit;
On a Sm-122-r6 fresh profile (all settings and flags at default values, no extra extensions), I can easily pass both CF checks below:
https://2captcha.com/demo/cloudflare-turnstile-challenge
https://www.inbox.lv/
On my Sm-122-r6 "dirty" profile (a plethora of customised GUI settings, cmdline switches, internal flags, plus a number of installed extensions), I can finally pass those two CF tests above with greater difficulty and only after disabling certain privacy/security related extensions, e.g.
Canvas Fingerprint Defender, Decentraleyes, Font Fingerprint Defender, I don't care about cookies, Privacy Badger, Simple Privacy Settings, uBlock Origin (development build), possibly even some Violentmonkey userscripts...But a certain NSFW website,
https://rule34hentai.net/
will refuse to come through, either in a Sm-122-r6 pristine new profile or in an old "dirty" one :rage: ...
The CH "profile" of my Sm-122-r6 copy is shown below:
Moving on to Sm-124-final and in a minimal profile with just uBO-dev installed, the first two CF challenges are successfully passed quite easily :+1: , but when trying to load the NSFW site linked previously, I finally managed to pass its CF check (but not right away and only after I ticked the "verify you're human" box) ... The CH "profile" of my Sm-124 copy is:
Sm-124 can pass the CF check at *hentai* while Sm-122 simply won't? Is it plain User-Agent-String, ClientHints or Javascript/CSS-engines related?Thanks for any insight (BTW, that NSFW site was cited as non-functioning in another community, I simply use it here as one of the "difficult" cases; probably more exist :disappointed: ) ...
SampeiNihira
commented
2 months ago @Vangelis66
Unfortunately, I cannot do the test with your Operating System.
I would be very interested if this extension (you should use only this extension and not combine it with the others you use) solves your problem:
Obviously MV3 has reduced performance.
XakerTwo
commented
2 months ago after looking at Vangelis66's screenshots i notice that his(and my) JS part not fully spoofed - browser version and platform from JS CHs differents from UA and now, if i'm correct, i spoofed all possible places and even whatismybrowser stop telling me that i'm looks like Gecko while impersonated as Chrome plus runned on Win 0.6.0 or Win NT(just NT). And cloudflare demo from first post is passed as well while i'm impersonate my browser as 122.0.0.0 on Win XP x64 aka Srv 2003 and even XP x32
so the real cause probably disordered and inconsistent info in CHs of JS, Headers and UserAgent(window.navigator.userAgent and window.navigator.appVersion) that may trigger some protection mechanisms
but on XP(with no extensions and on clean profile) there were some errors in browser console, so i check it later with correct spoofing and if it not solve the issue - assume there some issues on browser side at specific OS
UPD: XP x64 SP2 on VMWare - failed even with correct spoofing via extension :disappointed: ...work over the webworkers... :trollface: btw errors 6000?? and 3000?? related to bot-like looking, according to CF docs, plus their captcha don't like when size of window and page don't match(devtools in same window)
p.s. now i'm thinking about own extension to do that all in one place instead of two extensions plus TM for JS part...
xixhub
commented
2 months ago Anyway, here's the deal: on a freshly installed WindowsXP SP3, no problems with Cloudflare! (I was not lazy and installed it on a different hard disk) So, the problem seems to be in the dirtiness of the system (although, I did nothing special, except for updating the driver for the network card).
And one more important note: all old Firefox-based browsers (Palemoon, Serpent, Mypal) pass Cloudflare check for WindowsXP. I have the problem only on chrome-like browsers (Supermium, Thorium, 360Extreme Explorer).
But reinstalling the system on my main computer because of this - no desire.
Maybe Cloudflare will die soon, or at least give the opportunity to manually fill in captcha, as in all normal protection services. Well, somehow...
Marek33
commented
2 months ago Possible UACH discrimination issue. That's why Supermium will soon default to identifying as Google Chrome 128 running on Windows 11.
Please don't change the user agent to Windows 11, since Windows 10 still has twice as many users: https://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide Plus. I don't see any reason that if Supermium showed Win11 instead of Win10, it would change anything.
Vangelis66
commented
2 months ago And one more important note: all old Firefox-based browsers (Palemoon, Serpent, Mypal) pass Cloudflare check for WindowsXP. I have the problem only on chrome-like browsers (Supermium, Thorium, 360Extreme Explorer).
... That's probably because these forks do NOT support at all the Client Hints API :stuck_out_tongue_winking_eye: ; only relatively recent Chromium versions do...
XakerTwo
commented
2 months ago as for 124 R2 the only CH that is not send yet is FormFactor, rest is due to config/flags. Even Arch and WoW-ness are sent
xixhub
commented
2 months ago Now this damned “turnstile” supposedly passes the test. No more nonsense console errors like Turnstile:600010... But in any case, the neighboring link > Cloudflare Challenge - also continues the endless loop. Well, and accordingly, any site with this damned protection will not let.
Already even on a freshly installed XPSP3 system - the same problem occurred. Maybe it's my ISP, but again under VPN - also does not work, although the same Win7 - without problems passes the test. Just some damn magic!
XakerTwo
commented
1 month ago yep can confirm that turnstile test passed but real protection still not Win XP SP2 x64; Supermium 126.0.6478.249 R3 x64
another website to test is https://sevenforums.com/
xixhub
commented
3 weeks ago Well, I can officially announce that today October 19, 2024 - WinXP SP3 & Cloudflare check - passes fine! I didn't change anything in the system, it's just that the protection suddenly started to pass normally.
Hence the conclusion: either my ISP was fooling around, or the Cloudflare service itself fixed the bug.
I don't know how long it will last, but the fact remains that so far, at any rate, everything is working fine!
124.0.6367.245 R2 / 126.0.6478.254 R4
XakerTwo
commented
3 weeks ago same here for Supermium 126.0.6478.249 R3 x64 (not fresh R4) on Win XP SP2 x64 , but with one difference: if you are using NoScript - you need to allow webgl for cloudflare.com, widely or for specific site - does not matter, important do so for cloudflare.com and not for target site. cloudflare.com had this permission all the time @ 2captcha.com, but, last time i checked it, verification was failed, now it's success.
For about 2 weeks now I've been having problems accessing sites with Cloudflare protection. There is an infinite loading cycle, but only on Windows XP. On Windows 7 everything works: the checkout is normal. Does anyone else have similar problems?
Windows XPSP3, Supermium_x86 124.0.6367.245 / 122.0.6261.152
For tests: https://2captcha.com/demo/cloudflare-turnstile https://www.inbox.lv/