reCAPTCHA V3 - how to submit to website?

#1
Hi,

so I get the token back and Im at step 7 in the API Guide for reCAPTCHA V3:
Usually token is sent using POST request. It could be g-recaptcha-response just like ReCaptcha V2 does or g-recaptcha-response-100000. It could be other parameter too.
The only request the website sends that seems relevant is https://www.google.com/recaptcha/api2/reload?k=XXXXX made by recaptcha__en.js.

How to I go proceed to find the relevant request / process the website uses to transfer the tokens?

Thanks
 
#2
THIS REPLY IS FROM DEATH BY CAPTCHA SUPPORT !!!!
AZCAPTCHA DID NOT ANSWER !!!!

IT SEEMS HOWEVER THAT THEY ARE REFERING TO V2

Thanks for reaching out.

There are three ways in which the token can be used, please read this info:

The first one is to make a POST request to the URL in the form's action attribute with the token set as the value of the textarea field whose id is g-recaptcha-response. The other fields can be filled as you desire. This is the recommended method to consume the token given that it does not require browser emulation nor DOM manipulation.

The second way is to manipulate the DOM. If you are developing a script to solve recaptchas, check if the programming language or framework you are using has a library to manipulate the DOM or execute JavaScript instructions. The following steps need to be completed to successfully use the token:

Put the token as the inner html of the element with id "g-recaptcha-response".
To do this with JavaScript, run: document.getElementById('g-recaptcha-response').innerHTML=TOKEN; where TOKEN is the string returned in the text key of the API's response. Place double quotes (") before and after the token if the returned string does not already have them.

Submit the form or complete the action that requires the recaptcha to be solved.
To achieve this with Javascript, execute: document.getElementById('FORM_ID').submit(); where FORM_ID is the id of the form that wants to be submitted.

sometimes is not enough only submitting the form to solve the recaptcha, on these cases we need to copy the result token from the API into the g-recaptcha-response element, being careful to only coping the exact result token and avoid using spaces and other characters such as quotes or double quotes. After we copy the result token into the element we need to activate the widget event to the captcha be marked as solved.

Each site have a unique way to implement the recaptcha, its recommended to do the process for a new site manually before try to automate it, after we are sure all steps to solve the recaptcha we can use our tools to automate the process. We take into consideration that sometimes the submit form activates the recaptcha, sometimes we don't have a submit form or in other cases is the callback of the captcha that activates the event to access the resources.

The last method of using the token is by manually posting the form. First, follow steps 1 and 2 of the guide on how to find the site key specified in What is a recaptcha site key?. After that, copy the JavaScript instruction of the step 1 described above, paste it in the developers console, press enter and submit the form manually.

Note: methods 2 and 3 should only be used for testing purposes as they are far slower and more resource intensive than the first one.

Hope this has been helpful. If you need a hand with anything else please let us know.
 
Last edited: