acheong08
[BUG] infinite loop while init a chatbot
Describe the bug
When init a chatbot, it got stuck in an infinite loop. Even though i have cleared all cookies in chrome.
To Reproduce Steps to reproduce the behavior:
- run sample code in python3.9 as show in screenshot.
- waiting and error while show
Expected behavior
Output
In the correct directory, run python3 -m revChatGPT --debug
Environment (please complete the following information):
Please update your packages before reporting! pip3 install --upgrade OpenAIAuth revChatGPT
- OS: [e.g. Linux, MacOS, Windows]
- Windows 11
- Python version:
python -V - Python 3.9.6
- ChatGPT Version:
pip3 show revChatGPT
- OpenAI Version:
pip3 show OpenAIAuth
Additional context Add any other context about the problem here.
A few possibilities:
- Expired session token
- Using proxy (which sometimes lead to cloudflare issues)
A few possibilities:
- Expired session token
- Using proxy (which sometimes lead to cloudflare issues)
I'm facing the same issue and it's definitely neither of the possibilities you mentioned. I'm not using a proxy and I double-checked my session token.
That is very strange. Does it say "failed to refresh session" or repeated "Browser spawned"?
It's a bit difficult to resolve when I can't replicated so as much detail as possible would be appreciated.
OS version: Python version: Chrome version: Country: Selenium version: Undetected Chromedriver version: Full error logs and output:
Put output in code block
- OS version: Windows 10 version 20H2 (OS Build 19042.1706)
- Python version: Python 3.10.4 (tags/v3.10.4:9d38120, Mar 23 2022, 23:13:41) [MSC v.1929 64 bit (AMD64)]
- Chrome version: Version 108.0.5359.125 (Official Build) (64-bit)
- Country: Belgium
- Selenium version: 4.7.2
- Undetected Chromedriver version: 3.2.1
- Full error logs and output:
This repeats infinitely.Spawning browser... Browser spawned. Found Cloudflare Cookie! Spawning browser... Browser spawned. Found Cloudflare Cookie! Clearance refreshing... Spawning browser... Browser spawned. Found Cloudflare Cookie! Clearance refreshing... Spawning browser...
Cookie is found but it doesn't pass cloudflare. It could be a bug with some form of fingerprinting. Any way for me to replicate this?
On another note, does this also happen with Microsoft login or email/password? If you don't have 2captcha, you can find some leaked on GitHub: https://github.com/search?o=desc&q=config+%3D+%7B+++++++++++++%27server%27%3A+++++++++++%272captcha.com%27%2C+++++++++++++%27apiKey%27%3A+++++++++++%27&s=indexed&type=Code (lol)
I don't have access to an openai account with email/password or Microsoft. This is the webpage that gets returned which causes the Clearence refreshing to happen.
<!DOCTYPE html>
<html lang="en-US">
<head>
<title>Just a moment...</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=Edge">
<meta name="robots" content="noindex,nofollow">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link href="/cdn-cgi/styles/challenges.css" rel="stylesheet">
</head>
<body class="no-js">
<div class="main-wrapper" role="main">
<div class="main-content">
<h1 class="zone-name-title h1">
<img class="heading-favicon" src="/favicon.ico"
onerror="this.onerror=null;this.parentNode.removeChild(this)">
chat.openai.com
</h1>
<h2 class="h2" id="challenge-running">
Checking if the site connection is secure
</h2>
<noscript>
<div id="challenge-error-title">
<div class="h2">
<span class="icon-wrapper">
<div class="heading-icon warning-icon"></div>
</span>
<span id="challenge-error-text">
Enable JavaScript and cookies to continue
</span>
</div>
</div>
</noscript>
<div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=781bfefe58cbd484')"></div>
<div id="challenge-body-text" class="core-msg spacer">
chat.openai.com needs to review the security of your connection before proceeding.
</div>
<form id="challenge-form" action="/api/auth/session?__cf_chl_f_tk=blurred" method="POST" enctype="application/x-www-form-urlencoded">
<input type="hidden" name="md" value="8vuXGXcnYikblurredH7bI8-1672416107-0-Ae3RBkp4Fc7pMdMRIt_HxITjyK_K5Dgx-rTE1MzQyRU71xgISXui8HY5L2peGUS_8PozC0bZ_abm9Bfi5fsYblurredzfxpbm7t_fg6qn-UIp2JNtwypAW3IDSblurrediOukqLo0qgnR64OI_0a0BG1WR2c6w7c2U2SNeLmUxaZiixW03G0phb90WTWJJnPUlgqlwVsXGbYQqoHcERryM3vB8HWrIWcucJ1uRytQqOozU3M_XWJEnnbJcC01rgLwVA8yiY2cKWaQucoMrWJgGrQuIOwUsaOykDwYlxNHG-8Pe49i_8mQ_QDzpoWuyvqjovwej6OPM5y6WblurrediucWvqs7L">
<input type="hidden" name="r" value="lGOkOaOy_jSUfLN46ESIPoWhCCEq1.H08Pfk8eptYZw-1672416107-0-AQT3jHXdkhBn3X890Ev7nBq9V0rZ5dglenaXHJcDp3oigcDmYEsYE/xwmFJGuWp8+2JZo5k2uzgf1BdoPo7Cvl2lO4ko25tYal6iluxlNjjlgQF6b+grEENgYrmbnpVCNCVf+eJIF1uJg9EK588S5BsIN0ItntmfJ8IvcgzGeSiYzM4tAX1J5MQUQU4LYzyllnHz++gyu/Nn0ANU6m91L5wiyjZZtFy/elpblurredWo+I5ts8TIFEGIwYJj7ACPllA8Z1+bXKK6w/79Z1HVpGNIz2Zo3kdrK1jMBnMxsjQAI9+c64R19NOQReUW3KuFlx63dJK8TOBFKTAEwFkQBtPTwTKW7/rj7cP1RzCbXVtqcW5KffgqG269qmRr8ZarEHCiONV9Mv165AsGrj3tonuu4H+stuNQRO2oDmQ4M7AvlDhk8lWOrAAOK0NsLHv/q6UNmeumghGH1liEuu7XKop9irdHjRtlJS0Vh5PcYqVPbRtXEYUx791tf8UTJoWOPRhbgf4Thzfxe4OHDPf/WW6g/25N/SYICb/5doDcw37+DEtoDITMWsBymiYIZ11ZS9+0TmpUjBd4Igt8C1Hhg2KReIIYkaZJmRnJg9c+Bo/mIBcoCNgNoYbBOTSnyI+vOOInH+MT5U1oNQBKYtuobOzg0JXQ3NSjwluu3w/M401TrLORZbclblfE9S3ya+UgV0FAE/Lo1icXj3Uz4H3Z5UD1VaIfWGrm4/pNQfHDFxAIJuZGkJxB3ZHoQAsiyB7aM8ynnebzMgL12QOx1Y2TnKMW8+lYxXko2HnGTLwlwEaFQaX5OH0LL+X98ysSk33Z53CwBAxlCkvEou2Uy8NmzUQjZhAVbLtehuwyisLVM1Ob5JxmnxHvOiQ7P7W5lZc206udcH3VFCgO/7Sek92C+snhEFont8Uzpu5OwCM5RwRF0mnSqZjO2AFdR1JrnyKe+cxZ1B7h+UZyFXCamabVVHnkUsQH/DBSzRBtdlTXeu5kSGmKQtTQYjhGOvYjm3EFOqr9QR2Yk+QVlblurredGu6+uxsLOXRWGl2sTftbdy1rXgXj0ucBmHhKj+VefW07r1Q9Go7BK8hl2r6w41ivAKFt4FHmPALyAu6Ttqvd9FwkAPJNoHLfod5p3EwwBFxeB7ywPzM2nA+Fjh1/RP86BHrsY6XE07Ci8vALGM27636YD32WCz6ST84RY9cqiCiAPsmequXXXhauMst+D8xOgCXxOlEgSXEWw819fCnXwyFGb7NK9oS0k94QWYZg3dznrQihmVTjZMXL4B1Bo3FQ5DX7AalyWF8HvP/XWukymotGMvEGKtrBpU8dksIeaTWz/3xWJq6FhZ7gbQ2tv11yef7Hs0ALvzurZ41kDcGyCx8T9eM98ZTANDtY44+H61r8BoLowbjA0zEW6l/4T1KjHCMNTIGEKR/FepQCZJN13IvXEYpCkgG5YpZSo4tFXU4gttp8yIDMcWxb/N45HrXeNc3xMgjrzoeGV6a3SfcQCVFQp4vRG3mipHTnDJby63LzSgPHxrbpX8QU59Eyq+5BBwowA4KergO4ZWES85ToRMCC1mvFRDNPC4R2pxVSyU5hX4wgkAASDD5yQofX8uynXaFw8dhJN00I4vh+7d+6qpZvAZGfk+pAuqdxj5LyL13AlV0f9oxexkTkKh2nxtQJaAi6L8N1/BVAigF3SseNDlFgoTDixFeZXYNJixdateaeXSpsiSpb4JZ+xoep3easNP2p1qdTb0XFXKnK+TqpPnyTbeEC3xIIjgrgvdcpJpwNaYtpT+zy+tuQi6mS3XvIYNLMPGBspm6yTA0ZP1m2Z6u3v6WRim73FjSSG7cYTo1E8s">
</form>
</div>
</div>
<script>
(function(){
window._cf_chl_opt={
cvId: '2',
cType: 'managed',
cNounce: '69909',
cRay: 'blurred',
cHash: 'blurred',
cUPMDTk: "\/api\/auth\/session?__cf_chl_tk=blurred",
cFPWv: 'g',
cTTimeMs: '1000',
cTplV: 4,
cTplB: 'cf',
cRq: {
ru: 'blurred',
ra: 'blurred',
rm: 'R0VU',
d: 'blurred',
t: 'blurred=',
m: 'blurred=',
i1: 'blurred+Q==',
i2: 'OF0++blurred==',
zh: 'blurred+blurred=',
uh: 'blurred+ejtUZNcz6o7wFM=',
hh: 'blurred=',
}
};
var trkjs = document.createElement('img');
trkjs.setAttribute('src', '/cdn-cgi/images/trace/managed/js/transparent.gif?ray=blurred');
trkjs.setAttribute('style', 'display: none');
document.body.appendChild(trkjs);
var cpo = document.createElement('script');
cpo.src = '/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=blurred';
window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
if (window.history && window.history.replaceState) {
var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
history.replaceState(null, null, "\/api\/auth\/session?__cf_chl_rt_tk=blurred" + window._cf_chl_opt.cOgUHash);
cpo.onload = function() {
history.replaceState(null, null, ogU);
};
}
document.getElementsByTagName('head')[0].appendChild(cpo);
}());
</script>
<div class="footer" role="contentinfo">
<div class="footer-inner">
<div class="clearfix diagnostic-wrapper">
<div class="ray-id">Ray ID: <code>blurred</code></div>
</div>
<div class="text-center">Performance & security by <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=m" target="_blank">Cloudflare</a></div>
</div>
</div>
</body>
</html>
So I think there's something wrong with bypassing cloudflare rather than the session token. Maybe the tls package is detected. I checked if it sends the correct cf_clearance cookie and the user agent and the session token and all are sent correctly.
I don't have access to an openai account with email/password or Microsoft. This is the webpage that gets returned which causes the Clearence refreshing to happen.
That is confusing. Then how are you getting a session token?
So I think there's something wrong with bypassing cloudflare rather than the session token. Maybe the tls package is detected.
It is either that or the IP address or user agent from which you got the cf_clearance differs from the Chrome browser.
It's unlikely that the TLS package is getting detected as that should be universal and it seems to be working for most people. Still a possibility though
That is confusing. Then how are you getting a session token?
I'm using a Google account for my openai account.
It is either that or the IP address or user agent from which you got the cf_clearance differs from the Chrome browser.
Both user agent and cf_clearance are grabbed by the program from the browser so those don't differ. I also don't have any kind of proxy or VPN enabled so the IP should be the same.
I suppose it is probably a TLS fingerprint issue then. Do you know how to find the JA3 fingerprint in wireshark?
Another possibility: Cloudflare is now tracking the JA3 fingerprint across sessions. I might need to update the default JA3 fingerprint. The default right now is chrome_105 but you have chrome_108.
I suppose it is probably a TLS fingerprint issue then. Do you know how to find the JA3 fingerprint in wireshark?
JA3: 9e316a9ca82900f98871744be5d2e7e9 JA3 Full-String: 771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,11-5-18-35-43-45-0-13-10-17513-27-23-16-65281-51-21,29-23-24,0
Another possibility: Cloudflare is now tracking the JA3 fingerprint across sessions. I might need to update the default JA3 fingerprint. The default right now is chrome_105 but you have chrome_108.
I changed it to chrome_108 but it's still behaving the same.
Just tried to manually specify the ja3 but still the same behaviour
I'm getting completely different JA3 fingerprints.
JA3: bc43e9c6f0fcbca8d1b85b102df4c7cf
I'm getting completely different JA3 fingerprints.
What's your chrome version?
It might not be JA3 fingerprints though. Might be another mechanism I'm unaware of
Chromium 108.0.5359.124 snap
Frame 265: 569 bytes on wire (4552 bits), 569 bytes captured (4552 bits) on interface wg1, id 0
Raw packet data
Internet Protocol Version 4, Src: 10.66.66.2, Dst: 93.184.216.34
Transmission Control Protocol, Src Port: 55230, Dst Port: 443, Seq: 1, Ack: 1, Len: 517
Transport Layer Security
TLSv1.3 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 512
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 508
Version: TLS 1.2 (0x0303)
Random: a13b1696150a22356632c207f7b41a9e79a06bc89003e5907bef85d093c170f4
Session ID Length: 32
Session ID: 012c4b3e7f280eb7f9dd1d759a191b95ca3121d4c9f24f912b64693ce8b71507
Cipher Suites Length: 32
Cipher Suites (16 suites)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 403
Extension: Reserved (GREASE) (len=0)
Extension: server_name (len=16)
Extension: extended_master_secret (len=0)
Extension: renegotiation_info (len=1)
Extension: supported_groups (len=10)
Extension: ec_point_formats (len=2)
Extension: session_ticket (len=0)
Extension: application_layer_protocol_negotiation (len=14)
Extension: status_request (len=5)
Extension: signature_algorithms (len=18)
Extension: signed_certificate_timestamp (len=0)
Extension: key_share (len=43)
Extension: psk_key_exchange_modes (len=2)
Extension: supported_versions (len=7)
Extension: compress_certificate (len=3)
Extension: application_settings (len=5)
Extension: Reserved (GREASE) (len=1)
Extension: padding (len=204)
[JA3 Fullstring: 771,51914-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,27242-0-23-65281-10-11-35-16-5-13-18-51-45-43-27-17513-56026-21,51914-29-23-24,0]
[JA3: bc43e9c6f0fcbca8d1b85b102df4c7cf]
My internet is shit and chome will probably take an hour to download (and it's 1AM). Maybe tomorrow
I'm noticing a difference that I'm using ipv6 and you're using ipv4 in Google Chrome. Maybe that is something that will cause problems if the tls package uses ipv4.
The TLS client is very rudimentary so I doubt there is intentional / well thought out ipv6 support. I forked it with minor changes and didn't read the full source code. Can you try using it with ipv4?
Looks like it does use ipv6 when I checked with wireshark. I also noticed the browser spawned by selenium has a different ja3 than the normal browser. I will try to force it to use ipv4 but I'm not sure how to do that.
Not sure on Windows but there should be a network setting for that. https://superuser.com/questions/436574/ipv4-vs-ipv6-priority-in-windows-7
Yup, using ipv4 still has the same issue. Interestingly the ja3 of the normal browser changed. Maybe that one is randomized? For some reason Wireshark also doesn't pick up the openai requests from the selenium browser but only the normal browser. Also just for information, when the program starts the browser is it supposed to be logged in?
Also just for information, when the program starts the browser is it supposed to be logged in?
Not if you're using session token
Maybe that one is randomized?
Possibly. It may be specific parts of the JA3 string it picks up on
selenium browser
Rather than opening up selenium, mine spawns my default browser. Is that not the case for you?
selenium browser
Rather than opening up selenium, mine spawns my default browser. Is that not the case for you?
Mine also spawns my default browser, I assumed it was slightly different because they had different ja3 but now that I noticed that the normal browser randomizes them I'm not sure that they're different. I can't check if the ja3 of the browser spawned by selenium is different because wireshark doesn't pick those requests up anymore.