fut
fut copied to clipboard
futapi
[request] add more documentation for captcha and track cases when it happens or leads to suspension
Let me know if this already exists somewhere, in code or in git, it would be great to organize this information especially with the new release of Fifa 18.
For starters, some information from me here: https://github.com/futapi/fut/issues/315 Summary is that once you trigger an captcha error you should get to solving it as soon as possib.e
There are two issues we have to resolve:
- [ ] add pinevent after captcha request is presented (i've seen it but has to catch when exactly it is sent)
- [ ] (maybe?) use same cookies for browser and library access - session_id is different so they can recognize it was solved from another "browser" - not a critial issue but clue for them
edit: there is session id (sid) reported to ea in pinevent after captcha request so it might be crucial, i'll work on this tomorrow probably. http://prv.get24.org/ss/2017.10.22-15.01.08.png
@oczkers:
Would it be possible to re-work the api, as a whole, to open the session in a web browser and do the work through that session? Maybe with Selenium or Ghost.py? I'm not very familiar with those, but maybe you are...can we pass all of the session info into a new or headless browser so that we can answer the captchas?
I think you're right that the session_id's need to match when the captcha is solved. In my bad notification email, they mentioned I was caught because of the captcha.
Or would it be possible to incorporate anti-captcha.com, like Ultimate Broker does? I'd be willing to pay for that on my own if it can be used.
Some automatic anti-captcha solution is a must, I'm thinking to trigger captcha on one of my accounts to see what happens.
I think something automatic is certainly preferred, but I don't agree that it's a must at this point. With EA really cracking down on bots, I'd be okay with a manual option (with some kind of notification system), if it's any easier to code, since I'm probably not going to run anything 24/7 anyway.
Would it be possible to re-work the api, as a whole, to open the session in a web browser and do the work through that session?
Session id/SID is generated on every login and is different when captcha request appears and captcha is being resolved in browser (legit way). As far i detected only X-UT-PHISHING-TOKEN is the same (changes after You login/resolve captcha) but it is not attached to pinEvents so maybe it's not big deal. Hope last commit'll improve security a lot because is really not much else we can do.
can we pass all of the session info into a new or headless browser so that we can answer the captchas?
This kind of solution should be implemented on higher level , i strongly advise to increase delay, shorter sessions etc. to not trigger captcha at all.
The same pinEvent is being sent after 401 error appears (and some others too probably) so i'll try to catch this and after it's done new version will be released.
This kind of solution should be implemented on higher level , i strongly advise to increase delay, shorter sessions etc. to not trigger captcha at all.
This is the main reason why I created this task. Is it possible to provide more details as to how one can prevent the captcha altogether? What are the recommended limits, and delays, and session times? It would be great if this information could be provided in the documentation, ideally in the readme on the front page of this library, so that people know about it before they start spamming requests to the EA server :)
What are the recommended limits, and delays, and session times?
I don't know :-). Just be as much human as possible (making breaks, relogin, random intervals, delays etc.)