Bypass hCaptcha with Python requests | Bypass tokens

[Yachtman]

Im trying to make a script to fill out forms. Because I really like sneakers but im tired about all the raffles out there. Its a lot of work to fill out every raffle and I want to automate this.

I started with this one: https://raffle.bstn.com/

I got following Form data when I solve the hCaptcha to visit the raffle page:

r: 7085aaf0fe5be4e875a380d8ac1d4cf1252544e7-1621013096-0-AdVKhnybUq7DFb4j58Z3qGAQTpekX/mNUQ1dY9jnYvCDy3vsFSkcEouNIUGNoqI8noKGBGlAplooOeKrjNr3XUjfeblosca96yJ8YVx2Td0S7+qGibrD5z2CU2IbP2Q9dunup/pjxecqGvEg+eHY5kFZLIwvI2m/gpdIPpamGA64XP3Md1u76MdjA91X/mlvcv3bz3dSbRndYwQrWIdEJLL0QO4FC1WiO5KuDXddddW7YdAJuJ9byATtf5PVlc4nb4lAP1Pzh43Xj9G8EwxRNKxXkctJd/eORdDsCv3lYrv16NfY5rX45OhFss9eFKOwcpd+Tf1Uf2NxU0hsYqmQBxDn2hhLquJvEkxdu6KGXrqO+4KatBDtjzkPVe4uHumroS74+5SSs7brxiRNhy5DzIjLop81L6cmiHYOT0hT8YuPt+uW/PQCgg8N+Jrw5MLXyZSlIA+eCk/f6opB8CYOGr2A2m7M5Ulf8Zr2QXUuRnm6l2vCHWQdAfD3L4Qt4J9aWKcCuP1VJ672NBCV/Zi3Ewt0Fa3KccXRmsCE/8e+LPwJ6YU0SS7Foz+jd4uC8LNK/a+PuprckHgrYZ/s6fZ2mGgp1bh5ocj633vbcQY4YYsh4MNJ1BwszigPZx6+QWcx2bCPyWlRaPbHBSt+DC7pB25YMh/cK1prY9TLAm1VOTHki2svyxrWjkrIJTOIv3Q8z8p4rfjjXup7wu8UbQXZmn19vhKXjE8xs+GXmA6tZpLXH+scu50YAy+zCQiTmo89QQ7AhMjEF6Oaxt6K/S3RiyThZ+TM96IIIytxkdRx0+81sFXBLkT6rpt4qjjCaflT1S5la8UVgxI/IixV4oiHxNha6S4LRXINxqgPrWvkJt9eCg9fVUmu0Jw2x61YzbxNuekluEBjUnMoc6impgCHPFdjRNOul8UMMxKSab8EcTvtE5ZvZBKldU3Lt7F8gktOUeNKnv9+z5wZkeIkYDQrSGz/xA2ZS9HzMyX6THoFoHqUxvInojWtrTxv9CxiwOfkJ+ik/SBLE8Nc6NmWKVeFKt3FKPI/+1SQ/W1xrF0aJHg/ULBEV9tXJEkJZum/4u0fY0uxodKJpdpgrZOQM7izHM17oJnB9t7ZcFpWzIjNTS7vndciaa2/89cWbawtGCFuyC17RedUUhFnEEyjUArNkgveX3CEjLgowX3vz5FZRrLqjuSO27PtzaUQfcvOkLVF24Ifb760woa7EUInc9F4YXI07V5OUZ9/ssf6zs1fsjELTdKlE+BQVILx32DuKHfzs8PBfhKTCJyZthm2aN2bAY6nA5jYByHEpulej/yB4PjjPe/iB0SXLbwzChEsnipEqmrGTZ8O6UlklwbRYAQmUy2UTSsEljJZXUnOS/RshvMbvQnT2WDbFN+cG/yhBB1vnBM2D9CxVW7Beo0Nj5wJqgHypjE79/Nu3FfI7X64ANuDdu5qzywVz/N6of/LLdJB4mUT8YOqfV3SxFJTSt0tyRbWI32Pz04dZRg4xyEIhdoKXaASMing09kHAKWu0QlCHV/WlRgEVFfsdomFlRKSpvyIMXJYnh4BAT9w0jkJYkAWjuMFmjyRDFu1V7jADup7WtURUMLFsczM9suS5Uw4w+914iZJUaOf0e02TZP5CxIEFD6vRB/SEolCbPD9PwvpaYRq+CgnJ47NLJBsy8+ohqrUXPd/dYONIVcaqri0ByaikcwV9qQeS3BCEootC22CoAwo7AT7BrFCfCCWRt8dvRip8nW/3WWPVVgrCk5/98dKFfeh2kArkaGrv1fbqBwIBqCD4n+zU3VFWRKduPJ9cIE=

cf_captcha_kind: h

vc: 074b15dcf0ae384c17468756d80773dc

captcha_vc: 831aab8624b4321144a38f52bbf6ab13

captcha_answer: TDkoghlQCyqb-12-64f5d2adff325373

cf_ch_verify: plat

h-captcha-response: captchka

My request URL:

https://raffle.bstn.com/?__cf_chl_captcha_tk__=028764cfe1e329dd035431173d15bc319db1a1ee-1621013096-0-AXmxzuvHa6jc9xyjbJ1Vu-vfBYbUA00wUZbYDe3G7p8bfNXI2WOoLB1M0MZmuZhZkqQz6-pcv2YITNRts26jR5eviq1dKDAoElI-aw33Pe6yUDjQ2ihHysL4XKUpo-we_3OpFbV0m8-1rd2ogWEbNDnSbCbShG786XlmA_JnoHC1XR-xfnvYUchKIIWZ9wrHcypTiYeEZf16StQiUjTsZwpr_x4cmWjG9GjFf4hEHBk80CvG-YNxvaYjCq_BwJsD6aPgD8QGJaCHNPpu-EDjUiOAI8ayQf2Dxkti-7m81SDCGeQkntz8CRBGCOWEIRaNlpseR6Qn6m0VYETMkwhljPLMi0yHkhsLf1P7KJBUd8qiOHOySi4hi5zw3deL3Pylh5rv5dwEbxeEoYqcjxs1y68Sd0JPhd-VBigMkwnXAmDE8GjDvpBPKV-X6HVeT8rEW6-Q0GEsKPjZ2o5_FZUuAI-63vQkSMH4DWp-kb3ZNdS4jrUcqYrK324vvgIDC_BFrDbt3QFKt72EyvpcX7RQ3cxynanZv5WGGZ_uIec_PuksBx7xz-rSt78KDelmnI27jSLOuVrGWZLse9_72Xn2Su4QjTkfeS-7uAkcz8zeeK9bUtp1eaV8tc0lV6yxhCG0lv-ij_oGvKkD5Two0DEqmVAJ2GAaBXhd1EGPsfnoyeIO

The token behind the request link is easy to find, its int the html behind the site, so I can scrape it.

r is the hCaptcha token which can be received from 2captcha which is built into my scrip, also vc is found in the html code.

My problem is how can I solve captcha_vc and captcha_answer?

I found the last part of the captcha_vc in the html:

64f5d2adff325373​

​

Do you guys have an idea how I can solve the other parts of the code?

Thanks for you're answer , have a nice day!

 

[duongdinhtu93]

You can easy bypass hcaptcha by using this extension https://github.com/anycaptcha/anycaptcha-python