New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New CF technique: cvId 2, non-interactive #461
Comments
Hi, I was looking at your repo because I have the same problem as you are mentionning here. I havn't been able to find any solution to resolve this challenge yet. Were you able to work on it ? Do you think that cfscrape could be adapted to bypass this challenge ? |
if you add a whole javascript environment which simulates your browser and passes the checks, yes. |
@AltayAkkus And if you exceed some rate limit and trigger captcha then you will need to use a captcha solver service (which is usually paid) |
yea they have essentially won. |
So a lot of issues have been stacking up for the challenge type, and I have looked into it:
https://gist.github.com/AltayAkkus/591dbef9872c9148d6effb06bcc5417b
The html returned has a huge array that stores user-specific options, the website, the time started, a random nonce, how long the delay should be etc.
This is deposited into window._cf_chl_opt and read by the javascript that is imported via the cpo element.
Looking at it, it is randomly generating, reads the clouflare challenge options, and generates a hash which is appended to the URI.
The js changes for different rayIds, so yeah well fuck.
The text was updated successfully, but these errors were encountered: