No callback in htcaptcha implementation

Question

I am trying to automate the login on the website called stake.us . They had implemented a hcaptcha to stop bots from logging into the website. I am using 2captcha service to get the solution for the captcha. Now the verification code that is supplied by the 2captcha needs to be entered into two hidden fields and than we either need to click a submit button or there should be a callback. The submit button is not there, so they are using a callback here. I researched the network tab, however I was not able to identify the callback function.

Things I tried till now.

1. Checked the network tab thoroughly to identify the callback request.
2. Tried to find similar question and check for any possible solution on stack overflow or any other website
3. Looked up hcaptcha documentation. However, I was not able to understand anything significant.

Important Links:

• hcaptcha docs
• stack overflow similar question 1
• stack overflow similar question 2
• A video on how to identify the callback
• Gist to override the render method to make our own callback

If anyone can help me in finding the callback function. Please let me know. I will really appreciate your help.

Answer 1

I tried to lookup your site, but do not see the Hcaptcha on the site. So its probably hidden or exists on a subsequent page. Hcaptcha implementation varies from site to site so without the pagesource and the Iframes it difficult to figure the correct callback.. if at all.

You are on the correct track on the network tab, Although clear out any current transactions first and then solve the captcha manually. Then check the Network tab for something like a 404 and it should have a PAYLOAD. Then you can write your function to encapsulate that payload and send it across. I provided 3 solutions for a similar Hcaptcha issue Selenium (Python) Webdriver can't access a website . Hopefully one of the solutions work. Good Luck

Answer 2

They pass a solved captcha token using GraphQL. Look for a POST-request containing the "RequestLoginUser" operation.

Here is a working example of a Python solution (sorry not JS):

import httpx
from unicaps import CaptchaSolvingService, CaptchaSolver

HEADERS = {
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0'
}

# GraphQL data for the RequestLoginUser operation
data = {
    "query": "mutation RequestLoginUser($name: String, $email: String, $password: String!, "
             "$captcha: String!) {\n  requestLoginUser(\n    name: $name\n    email: $email\n    "
             "password: $password\n    captcha: $captcha\n  ) {\n    loginToken\n    "
             "hasTfaEnabled\n    requiresLoginCode\n    user {\n      id\n      name\n      "
             "__typename\n    }\n    __typename\n  }\n}\n",
    "operationName": "RequestLoginUser",
    "variables": {
        "email":"<<YOUR_EMAIL_HERE>>",
        "password":"<<YOUR_PASSWORD>>",
        "captcha":"<<WE WILL SOLVE HCAPTCHA AND PLACE TOKEN HERE>>"
    }
}

# init solver and solve hCaptcha
solver = CaptchaSolver(CaptchaSolvingService.TWOCAPTCHA, '<<YOUR_API_KEY_HERE>>')
solved = solver.solve_hcaptcha(
    site_key='08a8899d-4c15-47cc-b7a6-d287258d8e1c',
    page_url='https://stake.us/?tab=login'
)

# put the solved CAPTCHA token into the payload data
data["variables"]["captcha"] = solved.solution.token

# log in
response = httpx.post(
    'https://api.stake.us/graphql',
    headers=HEADERS,
    json=data
)

# the response JSON would contain loginToken that we must use in further requests
print(response.json())