Captcha at login about kik-bot-api-unofficial HOT 29 CLOSED

That's node, indeed.

If you get the "Oops, something went wrong" message you probably didn't add "&callback_url=https://kik.com/captcha-url" to the captcha url. When you solve the captcha then, the page tries to redirect, and even though that never resolves, the url of the redirect contains the result of the captcha.

from kik-bot-api-unofficial.

What I did to get my bot working:

• Disable random Android ID / device ID generation. Just pick a random one and stick with it.
• Log in, solve captcha, log in with captcha
• Save the node, and include that when creating KikApi(username=..., password=..., node=...) next time

from kik-bot-api-unofficial.

Do you think it has something to do with the latest commits?
I tested it yestardy before commiting and it worked just fine, however today I tested again and I got captcha too.

from kik-bot-api-unofficial.

I think it has changed on Kik's servers.

The old android / device id got banned, then they were randomized from our side, now it looks like they're forcing captchas on our randomized ids.

from kik-bot-api-unofficial.

@tomer8007 by the way, how do you solve captcha? I copy the captcha link from the server response(for example during login), paste it in my browser, solve the captcha and then I'm getting this error:

It's the image from the browser. Is there some way to solve this captcha programmatically? Or by using some online service API that solve captcha? Basically, how do you handle captcha solving? Thanks!

from kik-bot-api-unofficial.

@Jaapp- same is happening with my bot. It gets captcha on login. I also have a small KIK API client written on Ruby, and it has the same problem. I've changed all fields during login (device_id, android_id, model, brand...). It didn't help...

from kik-bot-api-unofficial.

@schmidhuber Regarding solving the captcha, quoting @Jaapp- 's findings from this thread:

Add "&callback_url=https://kik.com/captcha-url" to the captcha url, solve the captcha, intercept a request to something that matches "https?://kik.com/captcha-url?response=(.*)". That's the one you need.

After getting the response you would pass it as an additional parameter to the login API function and it should work.
but programmatically? no, obviously captchas are built exactly for the purpose of being very hard for computers to solve them. I think especially captchas like this are hard because they're not from the regular enter-what-you-see kind. What you can do is show it to the user and process the answer.

Anyway, it appears that what happened is that indeed the kik servers are now requiring captchas for every login. We need to see if it's possible to make them skip that.

from kik-bot-api-unofficial.

@tomer8007 Thanks for captcha solving method! Yeah... captcha on each login is a problem right now. I'm gonna be investigating it too. Thanks.

from kik-bot-api-unofficial.

Did anybody figure out why captcha keeps showing up on each login? I'm struggling with it 2 days... I don't know what request(login) I should do in order to skip captcha...

from kik-bot-api-unofficial.

Well, can you skip the captcha on a real device? (My device is currently blocked by kik's servers)
If you can, there should be a way for the API to skip it too.

from kik-bot-api-unofficial.

@Jaapp- what do you mean by "node"? Are you talking about the username plus 3 letters after the "_" and before the "@" in the JID? Or something else? Also how would you log in with captcha? When I solve the captcha in my browser I get the same error as @schmidhuber

from kik-bot-api-unofficial.

I updated the new branch with a helper function to automatically guide you with solving the captcha.
Now all you need is this:

def on_login_error(self, login_error: LoginError):
    if login_error.is_captcha():
        login_error.solve_captcha_wizard(self.client)

and in the case of captcha you will just have to insert the response you obtained using Google Chrome debugger. Next time you can call KikClient() with the node indeed.

from kik-bot-api-unofficial.

@gituserdxd Please tell me if you manage to solve the captcha.

from kik-bot-api-unofficial.

Hey @tomer8007 and @jaapp thanks for the help I managed to figure out how to login by solving the captcha. I didn't need to hardcode the node. Basically all I had to do was add this

<.challenge><.response>(insert the long ass hash you log after "response=" in the "https?://kik.com/captcha-url?response=" url here)<./response><./challenge>

after the <./passkey-u> and before the <.device-id> and it worked :) only downside is I have to do it every time I login and at every login I need a new captcha response hash. Wish there was an easier way but its better than nothing. Thanks again

Edit: ignore the dots in beggining of the tags. I added those there because github makes them dissapear if i type without it

from kik-bot-api-unofficial.

You can log in with the node.
It's much easier.
Also you can use the new code.

from kik-bot-api-unofficial.

@tomer8007 How does logging in with node work? I don't recall the login stanza having a <.node> element only establishing session one has that. And when I try your new code it tells me my account is suspended but on kik app I am able to login fine

from kik-bot-api-unofficial.

Yes, by logging in with node I mean establishing a session, It's just that establishing a session requires knowning the node and you would use the same function for that.
Can you log in with the old code? The new code is just supposed to help you with that.

from kik-bot-api-unofficial.

Hello @tomer8007

Currently i am analysing a decompiled java bot which the process is :

• Simulate a real device with SafetyNet (https://www.synopsys.com/blogs/software-security/using-safetynet-api/)
• Select random brand and random phone model from a list of old phones only.
• Create account and no captcha asked (it's mysterious i know ...)
• Obtain the nodeID from the registration response
• Loggin with the nodeID (so no captcha asked)
• And repeat in loop ...

It's a decompiled bot and some composants are obfusceds, i cannot recompile it to use it.
I search to reproduce it in python.

The developer used an old version of the kik client to sniff the process and reproduce the SafetyNet process.

Did you ever explore this way ? (skype dexter.powal)

from kik-bot-api-unofficial.

Also another idea is to send the funCaptcha resolution to russians services and get from them the responcecode. For that we need a configurable anticaptcha api-key in the configfile

from kik-bot-api-unofficial.

I'm not sure I understood what are you trying to do.
Do you have a code of a kik bot that was written using unofficial APIs? where? what is it supposed to do?
Did you or this obfuscated code manage to emulate/bypass SafetyNet? How?
Is your goal solving captcha automatically? Can this code avoid captchas?

from kik-bot-api-unofficial.

It's a java code which implements the kik jabber tcp protocol.
In this code i found requests about SafetyNet:

To kik servers :
GetNonce = "<iq type="set" id="%s"><query xmlns="kik:iq:xiphias:bridge" service="mobile.antispam.safetynet.v1.SafetyNet" method="GetNonce">";

To google servers:
VerifyJwsFromGoogle = "<iq type="set" id="%s"><query xmlns="kik:iq:xiphias:bridge" service="mobile.antispam.safetynet.v1.SafetyNet" method="VerifyAttestationResult">%s";

Once the exchange is certified, the bot send the registration request and obtain directly a nodeID. There is no captcha.

I have informations that from a certified mobile connection with this way, kik dont ask for a captcha.

I am analyzing the process to reproduce it.

Also, i have a totaly different idea. It's an other way i will explore. On other projects I bypass reCaptcha automatically and easily with web api (it cost 3$ for 1000resolutions). The webservice say in the doc they can also solve funCaptcha. I will test this way to.

Can i have your skype to discuss with you ?

from kik-bot-api-unofficial.

May I ask where you got this java code from? Is it an APK? And what's the name of this captcha web api?

from kik-bot-api-unofficial.

i can answer in private, I can share you it so you'll can analyze, i hope you can help to understand the process. Goal is to make same in python ;)

for the captchas:
https://anti-captcha.com (Compliant with FunCaptcha but not tested yet)
https://2captcha.com (Usually i use this one for google reCaptcha v2)

from kik-bot-api-unofficial.

Sharing my test results with SafetyNet :

[2018-06-02 20:04:54,212] DEBUG (thread MainThread): [!] Waiting for connection.
[2018-06-02 20:04:54,302] INFO (thread Kik Connection): [!] Connected.
[2018-06-02 20:04:54,302] DEBUG (thread Kik Connection): [+] Sending raw data:
b'<k anon="">'
[2018-06-02 20:04:54,302] DEBUG (thread Kik Connection): [!] Running main loop
[2018-06-02 20:04:54,312] DEBUG (thread MainThread): [!] Waiting for connection.
[2018-06-02 20:04:54,402] DEBUG (thread Kik Connection): [+] Received raw data:
b'<k ok="1">'
[2018-06-02 20:04:54,412] DEBUG (thread Kik Connection): [+] Sending raw data:

b'<iq type="set" id="440da264-e26e-4d05-8de0-b40a7f7e9e10"><query xmlns="kik:iq:
xiphias:bridge" service="mobile.antispam.safetynet.v1.SafetyNet" method="GetNonc
e"><body></body></query></iq>"'

[2018-06-02 20:04:54,512] DEBUG (thread Kik Connection): [+] Received raw data:

b'<ack id="440da264-e26e-4d05-8de0-b40a7f7e9e10"/>'

[2018-06-02 20:04:54,812] DEBUG (thread Kik Connection): [+] Received raw data:

 b'<iq type="result" id="440da264-e26e-4d05-8de0-b40a7f7e9e10"><query method="Ge
tNonce" xmlns="kik:iq:xiphias:bridge" service="mobile.antispam.safetynet.v1.Safe
tyNet"><body>Elh4R1pWaGQ1a3Fpdm0wdmZZUWU2Z2Q0d2thMEVDelZZbndwVk82NlFNZXlSckwrUDJ
pNGNhOVJVTTc2eHlxWFFEZ0RNbzJDSjF2NzhXMU1PeGFQTmhqZz09</body></query></iq>'

[2018-06-02 20:04:54,812] ERROR (thread Kik Connection): Exception in callback
KikClient._on_new_data_received(b'<iq type="r...')

from kik-bot-api-unofficial.

This issue also started happening with me today but does not occur on a real device.

from kik-bot-api-unofficial.

Do you see the command line instructions for completing the capthca, when you use echo_bot.py?
You can either do it manually or show it to the user.

Another way to avoid captcha is to log in with the kik node. See the KikClient constructor for details.

from kik-bot-api-unofficial.

I think that the captcha on login is caused by using an old kik version. I have updated device_configuration.py with a newer version. Please tell me if you have captchas now.

from kik-bot-api-unofficial.

Hello everyone! Anticaptcha and other services to solve captcha return such string:
"token": "36859d1086acb06e7.08293101|r=ap-southeast-1|metabgclr=%23ffffff|guitextcolor=%23555555|metaiconclr=%23cccccc|meta=3|pk=3B24C079-2DF1-771D-913A-11F824CD5A7C|injs=https:\/\/cdn.funcaptcha.com\/fc\/assets\/graphics\/etoxic\/url_force.js|rid=11|cdn_url=https:\/\/cdn.funcaptcha.com\/fc|surl=https:\/\/funcaptcha.com"

But kik require response that we can get from link after solving the captcha. Did anyone manage how to solve captcha via anticaptcha and push proper request to kik server?

from kik-bot-api-unofficial.

Hello everyone! Anticaptcha and other services to solve captcha return such string: "token": "36859d1086acb06e7.08293101|r=ap-southeast-1|metabgclr=%23ffffff|guitextcolor=%23555555|metaiconclr=%23cccccc|meta=3|pk=3B24C079-2DF1-771D-913A-11F824CD5A7C|injs=https:\/\/cdn.funcaptcha.com\/fc\/assets\/graphics\/etoxic\/url_force.js|rid=11|cdn_url=https:\/\/cdn.funcaptcha.com\/fc|surl=https:\/\/funcaptcha.com"

But kik require response that we can get from link after solving the captcha. Did anyone manage how to solve captcha via anticaptcha and push proper request to kik server?

Do HTPT Post request to this URL https://captcha.kik.com/verify with post data: {"id":" + lCaptchaID + ","response":" + AntiCaptchaResponse + "}"

You get final token, which you pass here "" + lFinalToken + ""

from kik-bot-api-unofficial.