1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DeathbyCaptcha - how are they getting the captcha to solve?

Discussion in 'Visual Basic .NET' started by simpleonline1234, Apr 24, 2012.

  1. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    When it comes to using an automated bypass captcha service like DeathbyCaptcha how are they getting the captcha image? Is it possible to use webrequest to get these images? And is everything built into their API?

    Thanks
     
  2. killakem

    killakem Regular Member

    Joined:
    Oct 20, 2011
    Messages:
    383
    Likes Received:
    248
  3. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    Thanks killakem but I have to order captcha tokens before I can see any documentation on their API which is understandable. I will search around the net to see if anyone else has posted their API guides.
     
  4. wannabie

    wannabie Elite Member

    Joined:
    Mar 11, 2009
    Messages:
    3,807
    Likes Received:
    2,959
    Occupation:
    Seo and Marketing Suprisingly
    Location:
    Your bedroom window
    Home Page:
    Here you go, its behind a login so it won't be duplicate content

    Death by Captcha now supports DeCaptcher API (both socket and HTTP), and Antigate (Anti-Captcha) API!

    Death by Captcha API

    Latest version: 4.1



    Third-party clients

    No support from us, use at your own risk.




    How to use our API clients

    Download the latest client, add it to your application and write something along the lines below, f.i in PHP:

    Code:
    require_once 'deathbycaptcha.php';  [I]// Put your DBC credentials here.[/I] [I]// Use DeathByCaptcha_HttpClient class if you want to use HTTP API.[/I] $client = new DeathByCaptcha_SocketClient(USERNAME, PASSWORD);  [I]// Put the CAPTCHA file name or handler, and desired timeout (in seconds) here:[/I] if ($captcha = $client->decode(CAPTCHA_FILE_NAME, TIMEOUT)) {     echo $captcha['text'] . "\n";      [I]// Report the CAPTCHA if solved incorrectly.[/I]     [I]// Make sure the CAPTCHA was in fact incorrectly solved![/I]     if ( ... ) {         $client->report($captcha['captcha']);     } }  [I]// Repeat for other CAPTCHAs[/I]     …or in C#:
     
    [I]// Do not forget to reference DeathByCaptcha.dll in your project![/I] using DeathByCaptcha;  [I]// Put your DBC credentials here.[/I] [I]// Use HttpClient class if you want to use HTTP API.[/I] Client client = (Client) new SocketClient(USERNAME, PASSWORD);  [I]// Put your CAPTCHA file name, stream, or vector of bytes,[/I] [I]// and desired timeout (in seconds) here:[/I] Captcha captcha = client.Decode(CAPTCHA_FILE_NAME, TIMEOUT); if (captcha.Solved && captcha.Correct) {     Console.WriteLine("CAPTCHA {0}: {1}", captcha.Id, captcha.Text);      [I]// Report the CAPTCHA if solved incorrectly.[/I]     [I]// Make sure the CAPTCHA was in fact incorrectly solved![/I]     if ( ... ) {         client.Report(captcha);     } }  [I]// Repeat for other CAPTCHAs[/I]     When using socket API clients, make sure you don't have outgoing TCP connections to ports [I]8123–8130[/I] firewalled.  Use HTTP API clients if socket API clients do not work for you.  [I]The 8123–8130 ports range is for socket API only, do not try to use it with HTTP API![/I]
    For more details see examples included in each API client package and check the clients' source code.
    How to use our command-line tool


    1. To check your balance, run:
      dbcclient.exe -l USERNAME -p PASSWORD -b
      Your balance will be saved in balance.txt file and printed out on the standard output.
    2. To upload a CAPTCHA, run:
      dbcclient.exe -l USERNAME -p PASSWORD -c CAPTCHA_FILE_NAME [-t TIMEOUT]
      Default CAPTCHA solving timeout is 60 seconds.
      If solved, the CAPTCHA ID will be saved in id.txt, the CAPTCHA text will be saved in answer.txt, and both ID and text will be printed out on the standard output separated by a space.
    3. To report an incorrectly solved CAPTCHA, run:
      dbcclient.exe -l USERNAME -p PASSWORD -n CAPTCHA_ID
    HTTP API technical details

    Before implementing your own Death by Captcha HTTP API client, please seriously consider using socket API with one of our official clients listed above.
    Solving a CAPTCHA using Death by Captcha HTTP API requires performing at least the first two of the steps described below.
    1. Uploading a CAPTCHA

    To upload a CAPTCHA, issue a multipart/form-data POST request to http://api.dbcapi.me/api/captcha. The request must contain the following fields:

    • username — your Death by Captcha username;
    • password — your Death by Captcha password;
    • captchafile — the CAPTCHA image.
    captchafile should be either raw CAPTCHA image file, or base64-encoded CAPTCHA image prepended with base64: prefix.
    Here is the HTML form that does the trick:

    <form action="http://api.dbcapi.me/api/captcha" method="post" enctype="multipart/form-data"> <input type="text" name="username" value=""> <input type="password" name="password" value=""> <input type="file" name="captchafile"> </form> Here is cURL command equivalent:

    curl --header 'Expect: ' -F username=YOUR_USERNAME \ -F password=YOUR_PASSWORD \ -F [email protected]_CAPTCHA_FILENAME \ http://api.dbcapi.me/api/captcha base64-encoded captchafile field should look like this:

    base64:R0lGODlhAQABAIABAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAICTAEAOw== You'll get one of the following HTTP responses:

    • 303 See Other if your CAPTCHA was successfully uploaded: Location HTTP header will point you to the uploaded CAPTCHA status page, you may follow the Location to get the uploaded CAPTCHA status or parse the CAPTCHA unique ID out of Location URL &#8212; the scheme is http://api.dbcapi.me/api/captcha/%CAPTCHA_ID%;
    • 403 Forbidden if your Death by Captcha credentials were rejected, or you don't have enough credits;
    • 400 Bad Request if your request was not following the specification above, or the CAPTCHA was rejected for not being a valid image image;
    • 500 Internal Server Error if something happened on our side preventing you from uploading the CAPTCHA; if you are sure you're sending properly prepared requests, and your CAPTCHA images are valid, yet the problem persists, please contact our live support and tell them in details how to reproduce the issue;
    • 503 Service Temporarily Unavailable when our service is overloaded (usually around 3:00&#8211;6:00 PM EST), try again later.
    At this point the CAPTCHA you've just uploaded is not solved yet! Proceed to the 2nd step.
    2. Polling for uploaded CAPTCHA status

    To get an uploaded CAPTCHA status, issue a GET request to http://api.dbcapi.me/api/captcha/%CAPTCHA_ID%, where %CAPTCHA_ID% is your uploaded CAPTCHA ID acquired during the 1st step. You don't have to supply your Death by Captcha credentials this time.
    You'll get one of the following HTTP responses:

    • 200 OK with your uploaded CAPTCHA details (see below);
    • 404 Not Found if no CAPTCHAs with %CAPTCHA_ID% ID were found.
    CAPTCHA details are made of the following fields:

    • captcha &#8212; CAPTCHA unique ID;
    • text &#8212; CAPTCHA text (empty string if not solved yet);
    • is_correct &#8212; flag whether the CAPTCHA was correctly solved.
    By default you'll get the CAPTCHA details URL-encoded, like this:

    captcha=1234&is_correct=1&text=tyrone+slothrop However it is also possible to receive JSON-encoded details, like this:

    {"captcha": 1234, "is_correct": true, "text": "tyrone slothrop"} To do so, add application/json to your request's Accept HTTP header.
    Please don't poll for a CAPTCHA status more than once in a couple of seconds.
    This is considered abusive and might get you banned.
    Conserve your and our bandwidth.
    3. Reporting incorrectly solved CAPTCHAs

    If you think your CAPTCHA was solved incorrectly, report it to Death by Captcha to get your money back. To do so, issue a POST request to http://api.dbcapi.me/api/captcha/%CAPTCHA_ID%/report with the following fields:

    • username &#8212; your Death by Captcha username;
    • password &#8212; your Death by Captcha password.
    You'll get refunded if the CAPTCHA was uploaded less than an hour ago.
    Abusing this feature will get you banned!
    4. Checking your credit balance

    To check your credit balance, issue a POST request to http://api.dbcapi.me/api/user with the following fields:

    • username &#8212; your Death by Captcha username;
    • password &#8212; your Death by Captcha password.
    On successful authentication, you'll get 200 OK response with your Death by Captcha account details, either URL- or JSON-encoded, with the following fields:

    • user &#8212; your Death by Captcha account ID, pretty useless;
    • rate &#8212; how much we charge you for one solved CAPTCHA, in US¢;
    • balance &#8212; your current credit balance, is US¢.
    Server status

    In order to receive current server status, issue a GET request to http://api.dbcapi.me/api/status
     
    • Thanks Thanks x 3
    Last edited: Apr 24, 2012
  5. necro

    necro Regular Member

    Joined:
    Dec 23, 2010
    Messages:
    292
    Likes Received:
    189
    So your Question is how they bypass it?

    There are a few, but not very much sites on the internet explaining...
     
  6. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    Awesome.. Thanks Wannbie this is what I am looking for. :) One up for you my friend
     
  7. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    Hey Necro. Yeah I'm not really looking on how they bypass the captcha's because I'm looking to solve them manually through my application.

    I'm just having a hell of a time finding how to get the captcha by webrequest and post it back to the site.

    So far what I have gives me the captcha but when I post it back I'm thinking that it refreshes.

    I make a webrequest to register link and download the source code into a richtextbox.

    From there I find the recaptcha account id.
    next I am taking that and making a webrequest to get the challenge txt file. I open that and get the challenge and combine it with the id to get the captcha.

    From there load that entire link into my picturebox and I get a working captcha but my issue is that I think when I go to make the webrequest to the site to register with my info + captcha info I don't actually ever get my account created.

    Because it's behind the scenes I can't see what's going on and if I attempt to run a side by side with a web browser it's not going to show me what's going on with the webrequest side.

    So I guess my additional question is this. The captcha that I am posting back to the site with my POST is it actually going through or crashing? I will attach my code.
     
    Last edited: Apr 24, 2012
  8. bonzo90

    bonzo90 Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 2, 2012
    Messages:
    522
    Likes Received:
    291
    Location:
    EU
    people are paid to sit infront of banks of computers entering codes every day for minimum wage. google it!
     
  9. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    This is the button that grabs the source code from whatever URL i input into the textbox (this is working)

    Code:
    [SIZE=2][SIZE=2]PrivateSub[/SIZE][/SIZE][SIZE=2] Button1_Click([/SIZE][SIZE=2][SIZE=2]ByVal[/SIZE][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] System.Object, [/SIZE][SIZE=2][SIZE=2]ByVal[/SIZE][/SIZE][SIZE=2] e [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][SIZE=2]Handles[/SIZE][/SIZE][SIZE=2] Button1.Click
    [/SIZE][SIZE=2][SIZE=2]Dim[/SIZE][/SIZE][SIZE=2] request [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] HttpWebRequest
    [/SIZE][SIZE=2][SIZE=2]Dim[/SIZE][/SIZE][SIZE=2] response [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] HttpWebResponse = [/SIZE][SIZE=2][SIZE=2]Nothing
    [/SIZE][/SIZE][SIZE=2][SIZE=2]Dim[/SIZE][/SIZE][SIZE=2] reader [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] StreamReader
    [/SIZE][SIZE=2][SIZE=2]Try
    [/SIZE][/SIZE][SIZE=2][SIZE=2]' Create the web request 
    [/SIZE][/SIZE][SIZE=2]request = [/SIZE][SIZE=2][SIZE=2]DirectCast[/SIZE][/SIZE][SIZE=2](WebRequest.Create([/SIZE][SIZE=2][SIZE=2]"http://www.nidokidos.org/register.php"[/SIZE][/SIZE][SIZE=2]), HttpWebRequest)
    [/SIZE][SIZE=2][SIZE=2]' Get response 
    [/SIZE][/SIZE][SIZE=2]response = [/SIZE][SIZE=2][SIZE=2]DirectCast[/SIZE][/SIZE][SIZE=2](request.GetResponse(), HttpWebResponse)
    [/SIZE][SIZE=2][SIZE=2]' Get the response stream into a reader 
    [/SIZE][/SIZE][SIZE=2]reader = [/SIZE][SIZE=2][SIZE=2]New[/SIZE][/SIZE][SIZE=2] StreamReader(response.GetResponseStream())
    [/SIZE][SIZE=2][SIZE=2]' Console application output 
    [/SIZE][/SIZE][SIZE=2]HTML.Text = HTML.Text & (reader.ReadToEnd())
    [/SIZE][SIZE=2][SIZE=2]Finally
    [/SIZE][/SIZE][SIZE=2][SIZE=2]If[/SIZE][/SIZE][SIZE=2][SIZE=2]Not[/SIZE][/SIZE][SIZE=2] response [/SIZE][SIZE=2][SIZE=2]Is[/SIZE][/SIZE][SIZE=2][SIZE=2]Nothing[/SIZE][/SIZE][SIZE=2][SIZE=2]Then[/SIZE][/SIZE][SIZE=2] response.Close()
    [/SIZE][SIZE=2][SIZE=2]End[/SIZE][/SIZE][SIZE=2][SIZE=2]Try
    [/SIZE][/SIZE][SIZE=2]WebVersiobn_.WebBrowser1.Navigate([/SIZE][SIZE=2][SIZE=2]"http://www.nidokidos.org/register.php"[/SIZE][/SIZE][SIZE=2])
    WebVersiobn_.Show()
    [/SIZE][SIZE=2][SIZE=2]EndSub
    
    [/SIZE][/SIZE]


    Next I have to read through the source code and find the challenge ID for the user. This (for now) I am doing manually.

    Now I have to send a download file option to get the challenge.txt file and open it up.

    This code does this for me (working fine) -it opens it into a richtextbox

    Code:
    [SIZE=2][SIZE=2]Private[/SIZE][/SIZE][SIZE=2][SIZE=2]Sub[/SIZE][/SIZE][SIZE=2] Button4_Click([/SIZE][SIZE=2][SIZE=2]ByVal[/SIZE][/SIZE][SIZE=2] sender [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] System.Object, [/SIZE][SIZE=2][SIZE=2]ByVal[/SIZE][/SIZE][SIZE=2] e [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2] System.EventArgs) [/SIZE][SIZE=2][SIZE=2]Handles[/SIZE][/SIZE][SIZE=2] Button4.Click
    [/SIZE][SIZE=2][SIZE=2]'Check if file exists
    [/SIZE][/SIZE][SIZE=2][SIZE=2]'Specify file to delete
    [/SIZE][/SIZE][SIZE=2][SIZE=2]Dim[/SIZE][/SIZE][SIZE=2] myfile [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2][SIZE=2]String[/SIZE][/SIZE][SIZE=2] = [/SIZE][SIZE=2][SIZE=2]"C:\Users\cbu05\Desktop\Captcha Downloads\challenge.txt"
    [/SIZE][/SIZE][SIZE=2][SIZE=2]If[/SIZE][/SIZE][SIZE=2] System.IO.File.Exists(myfile) = [/SIZE][SIZE=2][SIZE=2]True[/SIZE][/SIZE][SIZE=2][SIZE=2]Then
    [/SIZE][/SIZE][SIZE=2][SIZE=2]'Delete it!
    [/SIZE][/SIZE][SIZE=2][SIZE=2]Dim[/SIZE][/SIZE][SIZE=2] fi [/SIZE][SIZE=2][SIZE=2]As[/SIZE][/SIZE][SIZE=2][SIZE=2]New[/SIZE][/SIZE][SIZE=2] FileInfo(myfile)
    fi.Delete()
    [/SIZE][SIZE=2][SIZE=2]'Delete succesful message
    [/SIZE][/SIZE][SIZE=2][SIZE=2]End[/SIZE][/SIZE][SIZE=2][SIZE=2]If
    [/SIZE][/SIZE][SIZE=2][SIZE=2]My[/SIZE][/SIZE][SIZE=2].Computer.Network.DownloadFile _
    (CaptchaChallengeLine.Text, _
    [/SIZE][SIZE=2][SIZE=2]"C:\Users\cbu05\Desktop\Captcha Downloads\challenge.txt"[/SIZE][/SIZE][SIZE=2])
    Challenge.LoadFile([/SIZE][SIZE=2][SIZE=2]"C:\Users\cbu05\Desktop\Captcha Downloads\challenge.txt"[/SIZE][/SIZE][SIZE=2], RichTextBoxStreamType.PlainText)
    [/SIZE][SIZE=2][SIZE=2]'Specify file to delete
    [/SIZE][/SIZE][SIZE=2][SIZE=2]End [/SIZE][/SIZE][SIZE=2][SIZE=2]Sub
    
    Now I need to put the challenge ID and the challenge code together to get the actual captcha image into a picture box.

    This code does this fine for me
    Code:
    
    [SIZE=2]PictureBox1.Load([/SIZE][SIZE=2][SIZE=2]"http://www.google.com/recaptcha/api/image?c="[/SIZE][/SIZE][SIZE=2] & WebsiteURL.Text)
    [/SIZE]


    [/SIZE][/SIZE]
     
  10. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    Here is where things go south. This is my button that I am using to post to the account does work.

    Here is my code (currently not doing crap!)

    Code:
    [SIZE=2][COLOR=#ffffff]Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
    Dim postData As String = "username=" & Username.Text & "&password=" & Password.Text & "&passwordconfirm=" & Password.Text & "&email=" & Email.Text & " &emailconfirm=" & Email.Text & "&humanverify%5Bhash%5D=d3ec0acfd0f7b26b5caad92969b57648&recaptcha_challenge_field=03AHJ_Vuu-kNAF99N6sIIZAD4Cca_m4oy6hpYhhrYtN-vIqxEY6erAWS-Q1ZXFCdVTHiyLpK2OeZfO5z-K87akBiMoNwQVNopLW5Oj5b8_KXHqU9PJD8jBruUtKN6X0xAkFby6ckAqIqboElCZRpwzwDDHgRVRMKBDsw&recaptcha_response_field=" & CaptchaRepo.Text & "&userfield%5Bfield5%5D=2&userfield%5Bfield5_set%5D=1&referrername=&timezoneoffset=0&dst=2&options%5Badminemail%5D=1&agree=1&s=&securitytoken=guest&do=addmember&url=http%3A%2F%2Fwww.nidokidos.org%2Fforum.php&password_md5=897e8539d236da3b595a4c8c321407d9&passwordconfirm_md5=897e8539d236da3b595a4c8c321407d9&day=&month=&year="
     
    Dim tempCookies As New CookieContainer
    Dim encoding As New UTF8Encoding
    Dim byteData As Byte() = encoding.GetBytes(postData)
    Dim postReq As HttpWebRequest = DirectCast(WebRequest.Create(URL.text[/COLOR][COLOR=#ffffff]), HttpWebRequest)
    postReq.Method = "POST"
    postReq.KeepAlive = True
    postReq.CookieContainer = tempCookies
    postReq.ContentType = "application/x-www-form-urlencoded"
    postReq.Referer = URLOFPOST.Text
    postReq.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 6.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/4.0 (.NET CLR 3.5.30729)"
    postReq.ContentLength = byteData.Length
    Dim postreqstream As Stream = postReq.GetRequestStream()
    postreqstream.Write(byteData, 0, byteData.Length)
    postreqstream.Close()
    Dim postresponse As HttpWebResponse
    postresponse = DirectCast(postReq.GetResponse(), HttpWebResponse)
    tempCookies.Add(postresponse.Cookies)
    logincookie = tempCookies
    Dim postreqreader As New StreamReader(postresponse.GetResponseStream())
    Dim thepage As String = postreqreader.ReadToEnd
    HTML.Text = thepage
    End Sub[/COLOR][/SIZE]
    [SIZE=2]
    [/SIZE]
     
  11. wannabie

    wannabie Elite Member

    Joined:
    Mar 11, 2009
    Messages:
    3,807
    Likes Received:
    2,959
    Occupation:
    Seo and Marketing Suprisingly
    Location:
    Your bedroom window
    Home Page:
    Ill skype Fatboy he might be able to help you out, his some geeky guru
     
    • Thanks Thanks x 1
  12. simpleonline1234

    simpleonline1234 Junior Member

    Joined:
    Jan 26, 2010
    Messages:
    169
    Likes Received:
    13
    Awesome..thanks for helping out. Been on this for about 1 month now and getting now where fast.
     
  13. openaidbh

    openaidbh BANNED BANNED

    Joined:
    Mar 3, 2012
    Messages:
    328
    Likes Received:
    320
    If you still need help, I'd recommend putting notifications in your code that give you the current values of the various variables that you're uncertain about. The notifications will also tell you which parts of the code you're reaching before it crashes. Also, seems like a really convoluted way to fetch the challenge. You could use a browser window that shows you the captcha and a text box for you to input the answer, then have the program post the answer to the box.