You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Even when all challenges are completed and a token is obtained, the token is often rejected when used. Sometimes, continuing to complete CAPTCHAs will eventually result in an accepted token, but I've also completed dozens in a row without any success.
The token rejection appears to be due to the fact that librecaptcha doesn't send any of the BotGuard codes that the proprietary reCAPTCHA client does. The proprietary client actually works without BotGuard, too—if you block requests to https://www.google.com/js/bg/*, the client simply won't send any BotGuard codes, much like librecaptcha—but even the proprietary client in this configuration suffers from token rejection issues.
There are a few request parameters that the proprietary client without BotGuard sends and librecaptcha doesn't, but if even the proprietary client suffers from token rejection, the culprit is almost certainly BotGuard.
Even when all challenges are completed and a token is obtained, the token is often rejected when used. Sometimes, continuing to complete CAPTCHAs will eventually result in an accepted token, but I've also completed dozens in a row without any success.
The token rejection appears to be due to the fact that librecaptcha doesn't send any of the BotGuard codes that the proprietary reCAPTCHA client does. The proprietary client actually works without BotGuard, too—if you block requests to
https://www.google.com/js/bg/*, the client simply won't send any BotGuard codes, much like librecaptcha—but even the proprietary client in this configuration suffers from token rejection issues.There are a few request parameters that the proprietary client without BotGuard sends and librecaptcha doesn't, but if even the proprietary client suffers from token rejection, the culprit is almost certainly BotGuard.
Thus, reverse-engineering BotGuard may be the only way forward. A substantial amount of work has already been done, but for a much older version of BotGuard.
Any help with this effort would be much appreciated.
The text was updated successfully, but these errors were encountered: