/1 Introduction/
Yesterday, in fact, has released the papers, but forget the original mark, and today continues to publish its out, and next to everyone, so that we can directly see the end of a heavy head. This article is real, man-machine to achieve Google to crack the specific process.
/ 2 implementation steps /
1, only to the security, the selected 2captcha, people will have to see the official website of the matter, as shown in FIG.
2, ah ... plain English, I do not understand .. how to do it, do not worry, I'll take you step by step analysis of the main features . First, let's login account as shown below.
3, after the registration is completed, will automatically jump to the home page, as shown in FIG.
The figure above first place a red circle indicates how much surplus up , no money, then remember to krypton gold, otherwise it is not dropping, krypton gold process here is not to do more to explain Ha, no problem
The second place circled in red indicates that this is your only key, each request to bring the key, so to take good care
4, into the theme, research documents. Click on the red circle in place, API, API is usually a document, as shown below.
5, En .... What the hell .. totally do not understand, do not panic, sliding down
Slide rates this directory , we know that Google is human ReCaptcha , but three of it, in the end what it is, I'll take you to see.
6, first click ReCaptcha (oldmethod), this is the old way, we do not know well, so I have to look at this, from shallow to deep Well, here it, I have a direct translation of a moment to help us watch.
7、Look,人家也说了,旧方法解决ReCaptcha准确率比较低,建议使用新方法,那我们就点击新方法去看看。
8、我们找到了,这种属于ReCaptcha v2验证码,确实和谷歌人机挺一样的,我们来看一下文档是怎么写的。
9、人家说,我们先找到data-sitekey参数,然后将data-sitekey参数提交到https://2captcha.com/in.php,等个15-20s再向https://2captcha.com/res.php获取结果。然后找到id=g-recaptcha-response的textarea标签,将display:none这个css删除,将给我们字符串添加到textarea输入框点击提交,就完成了。
是不是很简单?我们也来试一下。打开谷歌的示例样式,如下图所示。
10、我们打开开发者工具,搜索data-sitekey,可以看到,真的有一个。
11、我们赋值一下这个data-sitekey,并且用代码获取到最后的结果。
12、然后我们找到 id=g-recaptcha-response 的textarea标签,将他的display属性删除。
13、但是有点不太对。
14、Look,下图这个是2captcha的示例的。
我们可以看到,2captcha是个删除display之后,textarea框是直接展示出来的,但是我们删除display之后,基本没用丝毫动静,这...
15、别着急,人家都想到了,我们往下滑滑。
既然我们不能直接显示出来textarea,那就说明我们是隐式的ReCaptcha验证码,其实他的原理呀,也挺简单。
如果你学过一些前端,会些js,你可能就会想到,虽然我看不到这个textarea,但是通过js我们仍然能更改textarea的数据,只是说,我们鼠标点击不了而已,人家也说了,看第一个红圈的位置,通过此js,我们我们就可以把向2captcha获取的值赋值上,第二个圈js是提交表单,其实就是我们人点击提交而已,只不过是js代码帮我们完成了,这样,我们也完成了一个偷天换日。
/3 小试牛刀/
1、好嘞,我们就先来手动搞一下,在上述中,我们已经根据data-sietkey拿到了最后的结果,显然,我们只能通过js完成,那么,我们就试一下。
通过上述gif看到,我们通过js,确实绕过了点击车辆识别了,其他识别,确实方便。
2, but we can not do it this way every time by people, but because involves the implementation js, so only use selenium, so we look at the effect of selenium on it.
Look, this way, we have for Google HMI (ReCaptcha) verification code to complete the automatic login, if a certain website crawling taken abroad, if you encounter ReCaptcha, I am sure will help you.
/ 4 Conclusion /
This paper describes the use of third-party platforms (https://2captcha.com/zh?from=8779379) to crack Google HMI login, method some twists and turns, but effective .
Welcome everyone to try, consuming boring time at home . This article relates to the code on github uploaded to address, background Reply " Google man-machine " before you can get the code .