vercel-llm-api icon indicating copy to clipboard operation
vercel-llm-api copied to clipboard

Published 20 hours ago verified publisher icon ading2210

Kasada Anti-Bot

Open 0x6a69616e opened this issue 1 year ago • 5 comments

During a reanalysis of Vercel AI's functionality, I came across two additional headers used in the HTTP requests of its generational endpoints, namely x-kpsdk-cd, x-kpsdk-ct, x-kpsdk-im. After some research, I found that these headers are related to Kasada.

I've already done a bit of reverse engineering. Achieving the value of x-kpsdk-ct and x-kpsdk-im was relatively easy, but it seems x-kpsdk-cd is challenging to figure out.

If the headers' values aren't in any way valid, the API will respond with a 429 error.

0x6a69616e avatar Nov 08 '23 21:11 0x6a69616e

Yeah my previous utilization of this tool has been broken recently, I assume by this. Even using the retry until a response trick doesn't work anymore. Bummer because this is such a great way to test different models!

viemccoy avatar Nov 16 '23 01:11 viemccoy

I found something: https://github.com/Pr0t0ns/Kasada-Reverse

sxqib avatar May 20 '24 15:05 sxqib

Streamlink's Twitch plugin leverages CDP and simple script injection to bypass Kasada protections on Twitch. I suggest you have a look at the source code to see if you can get anything from it.

https://github.com/streamlink/streamlink/blob/58acbccccb03c920cc47ce17025a3ebb4bf25fb5/src/streamlink/plugins/twitch.py#L490

0x6a69616e avatar May 22 '24 02:05 0x6a69616e

I've actually developed a Kasada solver myself, taking a bit of inspiration from their bypass concept.

0x6a69616e/kpsdk-solver

But kpsdk-solver is entirely written in JavaScript, which makes this pretty much a no-go.

0x6a69616e avatar May 22 '24 03:05 0x6a69616e

Maybe in gpt4free working?

https://github.com/xtekky/gpt4free/blob/main/g4f%2FProvider%2FVercel.py

Metimol1 avatar May 31 '24 15:05 Metimol1