scaredos / cfresearch Goto Github PK

Hello sir @scaredos , do you have experience with scraping, captcha?
Im looking to buy a ddos l7 captcha bypass script, some based public lib like 2captcha, anticaptcha, privacypass
I pay for it, let me know if u can do it, if yes give me your telegram or discod
Thank

@scaredos cloudflare just made new changes on hcaptcha i think

Hello sir @scaredos , recentry i used cloudscraper (nodejs lib with some changes for bypass hcaptcha, but for 4 days it stopped working)
I dont know what changes he made, i use 2captcha, and lib cloudscraper seems to send data to hcaptcha, but I think the hcaptcha-response is invalid
andress134/cloudscraper@29db1eb here are my changes, i added manualy rayId, sitekey, the response
and until 4 days ago it worked, now it doesn't seem to work, meaning he gets all the data, but they seem invalid
Is it posible if u can to look my changes and help me with some informations what is wrong

More insight how the captcha parameters are generated would be helpful.
For example how the captcah_vc and captcha_answer field is produced carrying the hCaptcha response instead of the old h/g-captcha-response fields.
Any idea how one would go examining this?

Hi, this is more of a technical question.
I'm looking at a JS script from /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1, there's some parts like the following:

var t, q, u, v, w, x, y;
for (t = b('0x18'), q = s['dZiYC'](String, q)[b('0x136')](/[\t\n\f\r ]+/g, ''), q += '==' [b('0x16e')](2 - s[b('0x16b')](q[b('0xd3')], 3)), v = '', y = 0; y < q[b('0xd3')]; u = s[b('0x84')](s[b('0x80')](t[b('0x9f')](q[b('0xf6')](y++)), 18), t[b('0x9f')](q[b('0xf6')](y++)) << 12) | (w = t[b('0x9f')](q[b('0xf6')](y++))) << 6 | (x = t['indexOf'](q[b('0xf6')](y++))), v += w === 64 ? String[b('0x5b')](s[b('0x31')](u, 16) & 255) : s[b('0x48')](x, 64) ? String[b('0x5b')](s[b('0x16b')](s[b('0x119')](u, 16), 255), s[b('0x118')](u, 8) & 255) : String[b('0x5b')](u >> 16 & 255, s[b('0x71')](u, 8) & 255, u & 255));
return v

That's only a small piece. I think they're using the "pre-rotated list and translation function" (the b(...) calls) method that a popular JS obfuscator uses.

How do you usually debug obfuscated JS scripts like that? Once the challenge is solved, it immediately POSTs and redirects the page, so I don't have time to pause the debugger in my Firefox and step in the code.
Can you give me any tips on how you usually study these systems? (like the tools you use, your process etc.)
Thank you for your time.

Few weeks ago, cloudflare using raw hcaptcha response to solve captcha challenge.
(Like F0_ey0~~~~~~~)

But now, cloudflare using some strange value as captcha answer. It doesn’t seems to be like original hcaptcha answer.
And they stop using h-captcha-response, they using captcha_verify, captcha_vc.

What is value inside captcha_verify and captcha_vc?
How they come?

Sorry for bad grammers...

Cloudflare has been updated, they now use bot fight mode, browser verification + free captcha all in same time

I have just realised that you are including my reverse engineered scripts from https://github.com/devgianlu/cloudflare-bypass, but I don't see any credit. Can this be fixed?

I am unsure if this is the appropriate place to ask my question, but I am seeking assistance. There are specific IP addresses that belong to a particular company(most of them are cf partners), and when attempting to open them, a Cloudflare error message is displayed. I am interested in determining if it is possible to find the IP addresses that are behind Cloudflare, even if the company is not using Cloudflare's IP ranges. I have attempted to use peers, but some companies have a significant number of IP addresses, making it challenging to identify the IP addresses behind Cloudflare. For instance, the IP address 70.34.214.96 belongs to The Constant Company, but upon opening it, a Cloudflare error message is displayed.
my country blocked all of the Cloudflare IPs and I can't use Cloudflare directly, but I can use these kinds of IP addresses as a meddling man that kind of somehow use Cloudflare, I asked around and I think they are some Cloudflare private ips that Cloudflare use for their partners! i made a script to search some networks that have Cloudflare as peers in them but it's taking years to find anything because of the verrry large amount of IP addresses in the networks
Please let me know if you can provide any insight or assistance, that would help me a lot, thanks