Skip to content
/ privacypass Public

A Python module implementing Privacy Pass Protocol. Bypass Cloudflare's CAPTCHAs by redeming Privacy Pass tokens

License

MIT license
19 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SergeBakharev/privacypass

BranchesTags

Repository files navigation

Privacy Pass

Build Status PyPI version License: MIT image

Bypass CloudFlare CAPTCHAs programatically without any tricks or brittle hacks. This Python module enables Privacy Pass token redemption. Privacy Pass is a system for pre-solving CAPTCHAs in exchange for passes. Redeem passes instead of having to solve CAPTCHAs to visit protected websites. This can be useful for low volume programaticly interacting with sites protected against non-human access. Privacy Pass is supported by Cloudflare and is in the process of becoming standardised by the IETF.

Installation

Simply run pip install privacypass. The PyPI package is at pypi.python.org/pypi/privacypass

Alternatively, clone this repository and run python setup.py install.

Dependencies

Usage

Call privacypass.redemption_token() to create a redemption token specific to the site/path.

import requests
import privacypass

# See `Receiving Privacy Pass Tokens` section of doc for how to retrieve tokens
cf_token = {"input":[98,207,READACTED,234,181],"factor":"0x5c57a03...REDACTED..68ef47","blindedPoint":"BAV...REDACTED...dss=","unblindedPoint":"BOu0AArK..REDACTED..jdBbeqo=","signed":{"blindedPoint":"BPs6ed..REDACTED..0ZWw=","unblindedPoint":"BHtp..REDACTED..hU0="}}

url = 'https://somewhere.with.captcha'
request = requests.get(url)

# A Privacy Pass compatible CF site is encountered
# and a CAPTCHA challenge is presented
if request.status_code == 403 and 'CF-Chl-Bypass' in request.headers:
    cf_redemption_header = privacypass.redemption_header(token=cf_token, url=url, method='GET')
    request = requests_session.get(url, headers=cf_redemption_header)

Troubleshooting Notes

  • Tokens have a limited life span. 30 days?
  • Note the header in token redemption response 'CF-Chl-Bypass-Resp': '<error-resp>'. <error-resp> is the error value returned by the privacy pass verifier. Possible values are 5 or 6, where 5 is an edge-side connection error and 6 is a pass verification error.

Receiving Privacy Pass Tokens

Currently the easiest way to receive tokens is by having the Browser Extension installed, and browsing to captcha.website.

  1. Solve a number of CAPTCHAs on captcha.website. Each CAPTCHA solved grants 30 tokens.

  2. Extract the tokens from your browser:

    Firefox

    1. Browse to the Extension Debug screen - (about:debugging#/runtime/this-firefox)
    2. Inspect the Privacy Pass extension
    3. Open Storage -> Local Storage
    4. Tokens are stored as a list under the cf-tokens key.

    FirefoxScreenshot

Acknowledgements

This module is a porting of key functions from the Privacy Pass Extension by @privacypass team.

About

A Python module implementing Privacy Pass Protocol. Bypass Cloudflare's CAPTCHAs by redeming Privacy Pass tokens

Resources

Readme

License

MIT license
Activity

Stars

19 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 4

v0.2.2 Latest
Apr 7, 2024
+ 3 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages