use recaptcha service on just first tier

sorry if the answer is already on here, but ive searched & did not find the answer, but how do you just select to use the recaptcha service (i.e. deathbycaptcha) on just the first (top) tier ?
ive looked in the “captcha” admin where you add the captcha service & there is nothing there.
i can only see it applies universally to everything.
i have gsa captcha breaker already – then first tier to go to deathbycaptcha
but i want lower tiers to be gsa captcha breaker only

test proxies for google recaptcha

How can I do that within GSA-SER when importing Proxys I can check it for Recpatcha, there is no option, the closest thing is Custom but I don’t know how to configure it.
What I do not understand as in GSA proxy if there is an option to search for them, but there is no option to extract them independently. I know that they are anonymous and that they are SSL, but there is no clear option to export only those types of captchas
And that is the big problem I have. With Capmonster that works really well I see when Ip block the proxies that take the captchas. I am not against hiring more proxies but I want to get the most out of GSA Proxy, which does.
I always go through a copy of GSA-SER to check speed and save it. But I don’t know how to do in GSA SER to check them only for google recaptcha. IF there is any way to do it please tell me.

The big problem is that the same proxies that are useful for google don’t work for google recaptcha, and recaptcha banns my proxies and there is no way to get more records on pages. Almost all pages have Recapcha and when you hit on so many pages, it is easy for them to ban you. When you are creating a T1 with contextual and Articles, they are the captchas that appear the most. I can find the sites, I can do everything but if Recaptcha recognizes my Proxie as banned, it doesn’t give me the image, and the service can’t recognize it. The truth is that Capmonster gives a lot of information about what is happening, and you can add Proxies through the archive every X seconds, but of course, I have to filter before, that’s where my query comes from.

SERENGINES + Xevil (recaptcha v2) module not working? anyone knows a fix?


i have never seen these weird parameters in Xevil before, I bought Serengines like 10 minutes ago, connected it and started the first project and now this happens. (the ones that are good, are actually from GSA SER regular projects, not SER-Engines) SERENGINES is the one creating these weird parameters.

Not only that, even the ones below with a status as OK ???? but had only 1 clicks and #0.0 
Basically it did nothing, but still states an OK message. 

I need this to work with Xevil recaptcha module, I dont wanna waste a single penny on 2captcha while I got a beast of a machine that can solve thousands of recaptchas without breaking a sweat.

So hopefully there’s a quick fix for this, i want to move forward, not backwards by buying a captcha service. 

What is the impact of leaked recaptcha secret key?

Do to server configurations our recaptcha secret key was publicly readable.

The key has been updated to a new one, but what is the actual impact of a malicious user getting a hold of the key?

Documentation is not clear on the impact

https://developers.google.com/recaptcha/intro

The secret key authorizes communication between your application backend and the reCAPTCHA server to verify the user’s response. The secret key needs to be kept safe for security purposes.

Why am I getting that error on Google reCAPTCHA V2 response?

it’s my first time posting here and I’m not good with such stuff as the one I’m posting right now

I have been trying to solve this issue for 2 days by now so I could use some help lol

This error “Please solve the captcha.” is showing even if the captcha is verified so it’s showing in the both cases (verified/unverified).

Thanks in advance.

PHP Part:

 <?php  require_once 'db/setting.php'; require_once 'db/odbc.php';  session_start(); error_reporting(0);  if (isset($  _SERVER['HTTPS']) &&     ($  _SERVER['HTTPS'] == 'on' || $  _SERVER['HTTPS'] == 1) ||     isset($  _SERVER['HTTP_X_FORWARDED_PROTO']) &&     $  _SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {   $  protocol = 'https://'; } else {   $  protocol = 'http://'; } $  currentDomain = $  protocol.$  _SERVER[HTTP_HOST];  $  API["secret_key"] = "xx"; $  API["api_key"] = "xx"; $  API["callback"] = $  currentDomain."/vote-reward-tok.php?return={RETURNEDCODE}"; $  API["API_Domain"] = "http://api.top-kal.com";  $  secretKey = 'xxx'; $  captcha = $  _POST['g-recaptcha-response']; $  ip = $  _SERVER['REMOTE_ADDR']; $  responseData=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$  secretKey."&responseData=".$  captcha."&remoteip=".$  ip); $  responseKeys = json_decode($  responseData,true);  $  config["db_username"] = "sa"; $  config["db_password"] = "********"; $  config["db_database_account"] = "kal_auth"; $  config["db_database_player"] = "kal_db"; $  config["db_server"] = "NAME\SQLEXPRESS"; $  config["db_driver"] = "SQL Server";  $  config["Reward_Name"] = "Vote Coin"; $  config["MinLvl_Require"] = 30; $  config["Reward_Index"] = 447; $  config["Reward_Amount"] = 10; $  config["Reward_Bound"] = false; 

SQL Part

function insertRewards($  account_unique_id){     global $  config;      $  connect = odbc_connect('Driver={'.$  config["db_driver"].'};Server='.$  config["db_server"].';Database='.$  config["db_database_player"].';', $  config['db_username'] ,$  config['db_password']);      if(!$  connect)         return false;      $  query = odbc_exec($  connect,"SELECT Top 1 [IID] FROM [Item] Where [IID] < 1 order by IID Desc");     if(!$  query)         return false;      $  data = odbc_fetch_array($  query);     if($  data && !empty($  data) && isset($  data["IID"]))         odbc_exec($  connect,"INSERT INTO [Item] ([PID],[IID],[Index],[Prefix],[Info],[Num])VALUES ($  account_unique_id,".($  data["IID"]+1).",".$  config["Reward_Index"].",0,".(16+($  config["Reward_Bound"] ? 128 : 0)).",".$  config["Reward_Amount"].")");  }  function checkCharacters($  accountUID){     global $  config;      $  connect = odbc_connect('Driver={'.$  config["db_driver"].'};Server='.$  config["db_server"].';Database='.$  config["db_database_player"].';', $  config['db_username'] ,$  config['db_password']);      if(!$  connect)         return array("error" => "failed to connect to database players.");      $  query = odbc_exec($  connect,"SELECT [Level] FROM [Player] WHERE [UID] = $  accountUID ORDER BY [Level] DESC");     if(!$  query)         return array("error" => "failed to find characters in this account id.");      while($  r = odbc_fetch_array($  query)){         if($  r["Level"]  >= $  config["MinLvl_Require"])         return array("success" => $  accountUID);     }   return array("error" => "You should have one character at least higher than level : ".$  config["MinLvl_Require"]." to vote."); }  function checkAccount($  accountID){     global $  config;      $  connect = odbc_connect('Driver={'.$  config["db_driver"].'};Server='.$  config["db_server"].';Database='.$  config["db_database_account"].';', $  config['db_username'] ,$  config['db_password']);      if(!$  connect)         return array("error" => "failed to connect to database accounts.");      $  query = odbc_exec($  connect,"SELECT TOP 1 [UID] FROM [Login] WHERE [ID] = '$  accountID'");     if(!$  query)         return array("error" => "this account id not exists.");      $  data = odbc_fetch_array($  query);     if(!$  data || empty($  data) || !isset($  data["UID"]))         return array("error" => "this account id not exists.");      if($  config["MinLvl_Require"] > 0)           return checkCharacters($  data["UID"]);    return array("success" => $  data["UID"]); }  

Submitting Function

$  response = array("error" => false , "success" => false , 'redirect' => false);  function post_content($  query){ $  query_array = array();foreach( $  query as $  key => $  key_value )$  query_array[] = urlencode( $  key ) . '=' . urlencode( $  key_value );return implode( '&', $  query_array ); }      global $  API;     $  opts = array('http' =>  array('method'  => 'POST',"header" => "Content-type: application/x-www-form-urlencoded\r\nAuthorization:".base64_encode($  API["api_key"].":".$  API["secret_key"])."\r\n", "content" => post_content($  content)));return stream_context_create($  opts); }  function submit(){     global $  API;      if(empty($  captcha) || $  captcha == '' || !isset($  captcha))         return array(   "error" => "Please solve the captcha.");      if (empty($  _POST['account']) || !ctype_alnum($  _POST['account']))         return array(   "error" => "Invalid account id.");      $  checkAccount = checkAccount($  _POST['account']);      if (isset($  checkAccount["error"]))         return array("error" => $  checkAccount["error"]);      if (isset($  checkAccount["success"])){         $  account_unique_id = (isset($  _SESSION['kal_id'])) ? $  _SESSION['kal_id'] : $  checkAccount["success"];          $  result = json_decode(file_get_contents($  API["API_Domain"] . '/api/generate/vote-rewards-token', false, postParams(array('callback' => $  API["callback"],'account_unique_id' => $  account_unique_id   ))) , true);             {         echo '<br><center><h3>Please wait...</h3></center>';     }         if (!empty($  result)){             if (isset($  result["response"])){                 if (isset($  result["response"]["error"]))                     return array("error" => $  result["response"]["error"]);                 elseif (isset($  result["response"]["success"]))                     return array("redirect" => '<script type="text/javascript">setTimeout(function () { window.location.href = "'.$  result["response"]["success"].'";}, 500)</script>');             }         }     } } if ($  _SERVER['REQUEST_METHOD'] == 'POST' && isset($  _POST['account'])){     $  response = submit();     if (isset($  response['redirect']) && $  response['redirect']){         echo $  response['redirect'];         die;         } }elseif (isset($  _GET['return'])){     $  result = json_decode(file_get_contents($  API["API_Domain"] . '/api/verify/vote-rewards-token', false, postParams(array('returned_code' => $  _GET['return']))) , true);     if (!empty($  result)){         if (isset($  result["response"])){             if (isset($  result["response"]["error"]))                 $  response['error'] = $  result["response"]["error"];             elseif (isset($  result["response"]["success"])){                 insertRewards($  result["response"]["account_unique_id"]);                 $  response['success'] = '<b>Thank you, Your vote has been recorded and the server rank will be updated soon.<b><br />You will receive your rewards in storage of your account.<p>Your next vote in : <b>' . $  result["response"]["NextVote"] . '</b></p>';                 }             }         }     } ?>   

HTML part:

<head> <title>Vote Rewards - <?php echo $  config['serverName']; ?></title> <link rel="shortcut icon" href=images/favicon.png">  <link rel="stylesheet" href="css/vote.css"> <link rel="stylesheet" href="css/fontawesome.css"> <link rel="stylesheet" href="css/fontawesomeall.css"> <script src='https://www.google.com/recaptcha/api.js'></script>  </head> <body> <form class="vote-form" method="post"> <noscript><div class="isa_error">Javascript is not enabled in your browser! Please enable it or change your browser.</div></noscript> <?php if(isset($  response['error']) && $  response['error']){ ?><div class="isa_error"> <?php echo $  response['error'] ;?> </div> <?php } ?> <?php if(isset($  response['success']) && $  response['success']){ ?><div class="isa_success"> <?php echo $  response['success'] ;?> </div> <?php }else{ ?>     <label>         <span>Account ID :</span>         <input  type="text" name="account" maxlength="20" <?php echo (isset($  _SESSION['kal_username'])) ? 'readonly value="'.$  _SESSION['kal_username'].'"' : ""; ?>" />     </label>     <div class="g-recaptcha" style="margin:0 auto;" data-sitekey="xxx" data-theme="dark"></div>      <label class="label_btn">         <input type="submit" class="button" value="Vote" />      </label>  <?php } ?>   </form> <script src="https://code.jquery.com/jquery-3.2.1.min.js"></script> </body> </html> 

Sorry if the topic is way too long but I’m desperate =DD

Is Google reCaptcha v3 more effective at identifying human users than v2?

I understand the difference between reCaptcha v2 and v3 to the end user and the developer but am wondering if Google has stated in any way that the logic used to make the final determination has been improved in v3.

Is the underlying engine that powers the determination between human and robot any better in v3 than in v2? Would I expect to catch more robots or challenge less humans by using v3 over v2?

I’ve searched extensively for this answer already but haven’t found any thing definitive.

How to handle low score of Recaptcha v3

I implemented Captcha v3 on my site in the following areas with their appropriate Google specified actions:

  • Login
  • Register
  • Homepage
  • Subscription Purchase
  • Main “do the thing” page of the application, in other words where the magic happens.

But what should happen if I detect a low score? Meaning Google thinks the user is either spam, bot or a security risk.

I can think of two options:

  • Display a message inline ie “Suspicious behavior detected. Please try again later. Contact support link”
  • Throw them over to a new page with a similar message and log them out.

Has anyone learned any lessons on handling low scores and providing the best experience? –

How is this allowing me to bypass recaptcha

I am testing this site, i was testing rate limit on login page, it was captcha protected, i could not even intercept the post request on burp so from Google Chrome i looked at the logs and in its post request it was passing this captcha parameter and also other recaptcha requests. So then i ran firefox again which is connected with burp, this time i used private tab and tested the same login page, to my surprise there were no recaptcha requests, also no captcha parameter or value in login post request, allowed me to test unlimited payloads and still giving right response for password, can anyone explain to me what is happening here, why running browser on private allowing me to bypass recaptcha i know this is a vulnerability but how and what is causing it

Solve 1000 reCAPTCHA V2 for only 1$ – Captcha.guru

Hello, I’m introducing you our reCaptcha 2 solving service – Captcha.guru
Solve 1000 reCAPTCHA V2 for only $ 1.
Solve 1000 Images CAPTCHA for only $ 0.1.
More than 30 trusted payment methods. Always ready to answer all of your questions. 24/7 support.
Emulation of popular captcha services API: Anti-Captcha and 2captcha.
Referral program – 10%!
Email: support@captcha.guru
Telegram:  https://t.me/captcha_guru