Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Target website for today:

Take a look in the source of the page and you won't find the "sitekey" parameter anywhere. 

  1. Install Firebug extension for Firefox. It's available for Chrome as well, but it's WAY different there. Note that if you want Firebug to look like mine, install older version of Firefox 50.0.1 from here. In later versions Firebug looks disgusting.
  2. Go to target website and start Firebug on it. Toggle to tab "Net" and press "Persist" button.
  3. Start doing actions to make "I'm not robot" checkbox to appear. Don't check the box yet.
  4. Find a request to Google server which contains "k" parameter with the sitekey:

    Yes, this is the first time you'd actually see this sitekey, because I hid it in base64-encoded string in "POST grccd" output. Actually you don't have to worry about that, because usually sitekey is not changed too often. Changing it on daily basis would require some kind of... you won't believe... automation.. and probably solving some Google Recaptchas =). So next time you need to update it, simply open the Firebug and retrieve it in seconds.
  5. Now let's solve the puzzle and submit the form. 
  6. Check out requests to target website and find that long hash in one of the requests:

    Yes, probably it's the one. Click on "response" tab and copy/remember everything what JS might identify as successful recaptcha solution:

  7. Now, check out what happens if you submit some random string. Put random value in textarea with title "recaptcha hash".


    In my example token is read from this place, but actually site coders might keep in browser memory. In case they do, use Firebug's option "copy as cURL" for network requests, and paste the string in any UNIX terminal. It is actual simulation of real browser network request.
    So if you want to see how exactly request looks when g-response hash is wrong, simply replace it in cURL request with something else. You may need to use a text editor like notepad to replace it.

  8. Submit the form and look into submit request parameters.
  9. Remember/copy the response. This is how it looks like when response hash is incorrect. Use this knowledge to understand if form submit was unsuccessful.

  10. Now you are ready to build your script or application which will automate form submission. Follow standart procedure to generate g-reponses for target website.

  • No labels