Bypassing Captchas - the easy way ;)

Featured on daily.dev
Bypassing Captchas - the easy way ;)

Introduction

In this ever-evolving world of technology, spams are on the rise! Website or any web product owners are at risk due to those bots crawling all over the internet. In order to filter out those vicious things, CAPTCHAs are used frequently.

I'm sure you've seen CAPTCHAs all over the internet for over a decade now. CAPTCHAs are those weird lines, words, puzzles, or numbers that block your way when you try to log in, sign up, or even post a comment anywhere. Pretty annoying, aren't they? I'm sure there are a lot of other ways to verify if someone is a bot or a human, but of course, what's the fun if we don't use the most annoying one.

image.png

So, what are Captchas?

The word CAPTCHA is actually an acronym that stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. To be honest, it's quite a mouthful.

In simple words, it is a challenge-response test. One side asks a question or challenge and the other side must provide a valid answer or response in order to be "authenticated".

The idea behind CAPTCHA originated from the Turing test (a method with which a machine’s ability to exhibit intelligent behavior equivalent to that of a human being can be tested). A CAPTCHA is a reverse Turing test. That's because it is a computer creating the test in the first place that will challenge humans and not the other way around.

Issues with CAPTCHAs

Sometimes, CAPTCHAs are based on reading texts. This is a huge problem for people who are visually impaired. Hence, not everyone can access a protected resource, even if they are human. A solution would be to allow a person to opt for an audio or sound-based CAPTCHA.

Moreover, there are cases when CAPTCHA images are not properly distorted. This will not prevent bots from accessing protected resources. That is because it is like reading normal text, which is something a bot can easily do. On the other hand, even the simplest things can confuse humans. Let's all face it, we do tend to overthink, don't we?

image.png

image.png

Be honest people, what would you do here?

As for me, I never know what to do in such situations😂

CAPTCHAs are good but bad. They are a bad UX (remember what we discussed about visually impaired people?). Also, most of us are overthinkers and most of us get these bad due to our overthinking. Don't worry people, I'm one of you. I always end up overthinking while solving CAPTCHAs and always end up filling them wrong on my first try.

In normal situations, you can have as many tries as you want. The world is currently in a state of healing, which means it hasn't healed fully from the ongoing pandemic. A lot of schools and colleges are still on the online mode. I remember that last semester I had an online quiz in which we had 10 mins of time to solve MCQs. Every second counts in such situations. But of course, in order to access the quiz, a CAPTCHA had to be solved. Guess what happened? I spent 5mins, half the total time, solving CAPTCHAs. I realized, that for such situations, I should have something to automatically solve these for me. Therefore, I researched and found some "reliable" and "working" methods.

CAPTCHA bypass or automation

The fruits of my research were something called "Puppeteer" and "2Captcha". Honestly speaking, I didn't really understand much of how Puppeteer worked but 2Captcha was easy peesy, lemon squeezy ;)

Puppeteer is a Node (JavaScript Framework) library that provides a high-level API to control headless Chrome or Chromium over the DevTools Protocol. It can also be configured to use full (non-headless) Chrome. This seemed way too complex so I opted for 2Captcha.

So, what is 2Captcha?

Their workers are humans, that's why 2captcha.com can recognize all humanly readable types of captchas. Still, their service is fully automated, so you just have to configure your software once and just let it do all the work for you. Their average response time is less than 12sec so no more wastage of time. Might have aced my quiz if I actually didn't waste my time on solving Captchas. Anyways, their service is for a low price, starting just from $0.50 for 1000 solved CAPTCHAs. Well, everything good comes with a price :)

You might be curious, how does 2Captcha work?

Here's your answer:

  1. First of all, you upload a captcha on 2captcha.com/in.php

  2. Their server stores your captcha and returns you the ID of your request.

  3. Their server then immediately distributes your captcha to a worker.

  4. One of their workers solves the captcha and sends the answer back to the server.

A small bonus for my readers ;)

Let me tell you a secret. You guys can even earn money from here! Yes, you heard me right! It's a pretty good and easy way to earn some pocket money to buy that dress or new sneakers that you like ;)

In order to get started, all you need is just a computer or a smartphone with an internet connection. You'll have to pass their simple training that literally takes 5-10 minutes

Working for them is really simple. You just have to click the start button and their system will start to show you the images with the text. Then you have to type that text in the form and that’s it. Moreover, there are no payout fees so the exact amount you earned can directly be available in your wallet.

Using APIs to bypass CAPTCHAs

Once again, 2Captcha is the hero. It provides an API that allows users to automate the process and integrate your software to the 2Captcha service. There are a few easy steps for solving the captcha problem via their API:

  1. Just send your image or captcha to their servers
  2. You'll be allotted an ID for your task by 2Captcha
  3. Begin the cycle that checks if your task is completed.

This might seem a lot but this process happens in seconds ;)

Conclusion

CAPTCHAs are there to prevent bad people from manipulating content for fraudulent or malicious purposes in attack campaigns that run into millions of requests. There are many legitimate reasons why you might want to use such methods to automate or bypass CAPTCHAs. I mean, let's face the reality, most of the time, they don't block the bots and end up blocking real humans. That's why we can use such services like 2Captcha to prevent the headaches and consequences that come from bad CAPTCHAs.

Let's connect!

Twitter

Github