CAPTCHAFORUM
Administrator
What happened?
Recently some our customers reported issues bypassing reCAPTCHA V2 on Google Searh results page: the tokens were declined and captcha was shown again.
Investigation of the issue
Our team made an investigation on that matter.
First strange thing we found: Google Search Become very sensitive to query parameters.
For example, if you use
Honestly, their approach looks correct. Would a human always set the number of results in the address bar? In the majority of cases - no.
Also we found some minor changes in the captcha rendering process that affected the success rate.
What we did?
Recently some our customers reported issues bypassing reCAPTCHA V2 on Google Searh results page: the tokens were declined and captcha was shown again.
Investigation of the issue
Our team made an investigation on that matter.
First strange thing we found: Google Search Become very sensitive to query parameters.
For example, if you use
num=xx
parameter in your query to set a number of results per page, Google will decline any token, show you a text captcha and even if after you solve the text captcha - you will be forwarded to reCAPTCHA V2 challenge again.Honestly, their approach looks correct. Would a human always set the number of results in the address bar? In the majority of cases - no.
Also we found some minor changes in the captcha rendering process that affected the success rate.
What we did?
- We've updated the code related to reCAPTCHA rendering issue our workers software.
- We've pubished this post with the recommendations.
- Never use
num=xx
parameters in your queries on Google Search - Be really careful with any other query parameters, your request should look like it was made by a human
- Update your software accordingly or ask the software autors to do so