How does 2Captcha solve the "invisible" recaptcha v2?


New member
I've just recently began looking into bypassing captchas so I apologize if the answer is obvious.

For recaptcha v2 there is an invisible "captcha" used in site interactions. I'm able to easily find a site key and, if I understand correctly, there is another key on the server side of things. It seems these 2 keys are used to generate the token used to be verified as a non-bot user after requesting from the recaptcha API. I'm currently using a headless method to automate interaction with a site.

Looking at 2captcha's API it seems they are able to provide a token using the site key and maybe the url where the captcha is found. How is this possible? I understand that there are also client-side scripts that do some action but I don't understand how this token is generated. 2captcha uses humans for solving captchas but how is that possible with these invisible captchas? Is it possible to use the site key and provided javascript to generate a token that would work if I was running my own client/server relationship on my PC using this given site's key?


New member
Alright, I figured this out.

So JavaScript on the website was executing something similar to this in order to produce a hidden field with the token.
grecaptcha.ready(function() {
                grecaptcha.execute('SITE_KEY_HERE', {action: 'login'}).then(function(token) {
Using JavaFX's WebEngine, I was able to load the page and then execute that script in order to set the value of my token object to the token the website receives. Now, I'm going to try to send the token with my request to see if I'll be able to bypass this captcha automatically. Hope this helps anyone with the same issue.