Attempting to gain passes uses a pass.

[foxt]

Describe the bug If you try to claim passes while you own passes, it will waste a pass completing the Capcha on the get passes page.

To Reproduce

1. Have hCapcha passes
2. Attempt to get more

Expected behavior You get more passes.

System (please complete the following information):

• OS: macOS
• Cloudflare tokens or hCaptcha tokens? hCaptcha
• Browser [e.g. chrome, firefox] Firefox
• Browser Version [e.g. 79, 80, ] 81
• Privacy Pass Version [e.g. 2.0.4, 2.0.5 ] 2.0.6
• Did you install Privacy Pass from this repository or from the browser store? AMO

Additional context Add any other context about the problem here.

[alxdavids]

This is indeed a current issue: @durch do you know if it would be okay to allow more than 5 passes to be gained? It may potentially require setting up a domain like captcha.website, but for hCaptcha passes.

[ValZapod]

Apply https://github.com/privacypass/challenge-bypass-extension/commit/a82e05be8979950e4580ae43b500bb15fb81579e but for https://www.hcaptcha.com/privacy-pass URI.

[iBrokeThis]

In the compiled build.js file in addon folder, change hcConfig["captcha-domain"] from null to "hcaptcha.com" Or edit line 187 in src/ext/config.js and rebuild.

[ValZapod]

change hcConfig["captcha-domain"] from null to "hcaptcha.com"

Yeah, about that: https://github.com/privacypass/challenge-bypass-extension/commit/c304763248b60675b041c68a76b9502db95a818f oopsie. That is why I said URI, not domain.

[ValZapod]

@alxdavids Are you going to fix it??

[ValZapod]

ping!

[gaveitatry2]

Everything about hCaptcha is messed up. 1.) As the original poster said, if you try to get more hCaptcha it uses up a hCaptcha. I had five. I tried to get more, but my new amount was 4. I tried to get more. Now my new amount is 3. 2.) Whenever I click get more hCaptcha and scroll down the page and do the captcha, no icon shows up in my URL bar. And when I visit a hCaptcha website, nothing happens. So my hCaptcha just keeps dwindling down with no way of adding more. I haven't added Cloudflare in a long time, but if it was like before, Cloudflare was super easy to add more passes. Why is hCaptcha so terrible? Surely, you can make it better?

[ValZapod]

more hCaptcha it uses up a hCaptcha

Because you need to blacklist the domain of hcaptcha to not use one! Obviously when you use a pass, it IS NOT allowed to add passes, for very ovbious reasons. Just revert c304763248b60675b041c68a76b9502db95a818f.

[durch]

@alxdavids I've missed your ping completely sorry about that, we'll chat internally about raising the passes provided, we realize it might be a hassle in some situations.

@ValZapod, @idgas01 sorry for the long turnaround time, we'll get back to you on this

[ValZapod]

we'll get back to you on this

And please check the no longer able to clean cookies on captcha.website itself! Without cleaning cookies, next time the site does not open any captcha, but proceeds to the website, which is useless. You can fix it by cleaning cookies manualy, but that will not be obvious for most users.

[gaveitatry2]

more hCaptcha it uses up a hCaptcha

Because you need to blacklist the domain of hcaptcha to not use one! Obviously when you use a pass, it IS NOT allowed to add passes, for very ovbious reasons. Just revert c304763.

@ValZapod And how exactly do I blacklist the domain of hcaptcha?

Revert? Revert what? All I see is 8 lines of code. Wtf do I do with the 8 lines of code? This is an extension not a user script. Am I supposed to find out where the extension folder and files are located and edit it?

Man, this is becoming a real headache. All I want is to be able to load up a lot of passes and not bother with it again for 6-12 months. I still haven't figured out how to add more hCaptcha. I only have two left from the original five and nothing I do adds more. Except maybe when they run out the website I go to will have me to do a captcha and I might get five more like that. But I'm trying to AVOID that by stockiling a lot of hCaptchas NOW. WTF is wrong with this extension and why am I being given such crummy help support?

[durch]

All I want is to be able to load up a lot of passes and not bother with it again for 6-12 months. I still haven't figured out how to add more hCaptcha

@idgas01 at the moment the max you can have is 5, we're considering raising the limit to 15, maybe 20. The kind of stockpiling you're describing will not be possible unfortunatly, as it would defeat the purpose of these passes. Namely they convey that you are not a bot. If you could stockpile hundreds of them it would be very easy to write bots to maliciously use them.

[ValZapod]

the moment the max you can have is 5

What a liar. Disgusting. BSD-3-Clause License means even I can modify you code and post it, so here is the crx file that can be installed and gives all required results. BTW, disgusting. The original file can be downloaded here and modified in that one string and the installed in dev mode (unpack in folder first) in chrome://extensions/ 2.7.0.zip 15 passes can be included BTW, but I did not. LOL.

we're considering raising the limit to 15, maybe 20

Oh, ReAlLy... What about no.

The kind of stockpiling you're describing will not be possible unfortunatly

That is the why you app is used, what a joke.

Namely they convey that you are not a bot

But I technically am. I browse hundreds and hundreds webpages everyday, from Tor in Chrome. As you can imagine that uses 50 cloudflare points every day.

you could stockpile hundreds of them it would be very easy to write bots to maliciously use them.

That I also do. That is kinda important. 5-6 sites a day. What A joke. If you think that you token will start selling on .onion sites, I very doubt it. Or maybe you want ICO? LOL. Hackers will better hack cloudflare itself.

[ValZapod]

I just tested it by spending 20 tockens on hcaptcha.com! It works, eat 💩.

[ValZapod]

extension not a user script

It is user sctipt, javascipt to be precise that is the point.

[gaveitatry2]

@ValZapod Which line do I edit? There are 12,721 lines. And can I set the hCaptcha max to whatever I want? I would be happy with 100.

[ValZapod]

@ValZapod Which line do I edit? There are 12,721 lines. And can I set the hCaptcha max to whatever I want? I would be happy with 100.

Line 10363. I already edited it for you. But here is how it should look. Oh, you are becoming a hacker. How marverlous.

[gaveitatry2]

@ValZapod

I am not sure if I understand, but if I don't change anything and just use the 2.7.0 zip that you gave me, it works a lot better than the official version. On the official version, if I click "Get more passes!" for hCaptcha and I fill out the captcha, I get NOTHING. But on your version, I actually get more passes. So far, I have 15 passes. That's all I wanted. I wanted it to work right. I'm not using Chrome though. I'm using Firefox. So I had to go to the URL about:debugging#/runtime/this-firefox and add it as a "temporary add-on". The problem with this is that the extension (and all the hCaptchas) disappear each time that I restart the Firefox browser. So in the end, I can't use your version. Hopefully they fix this stupid official version later to work like yours.

[gaveitatry2]

@ValZapod

I hope that you making an official Firefox Extension later using your 2.7.0 and call it ByPass Captcha or something.

[ValZapod]

use the 2.7.0 zip that you gave me

I said I patched it. It is not official. Official file in on the link. https://www.crx4chrome.com/extensions/ajhmfdgkijocedmfjonnpjfojldioehi/

[bingoxo]

@ValZapod can you sumbit a PR for this or fork it with your modification as i want to use it on firefox

[ValZapod]

Done.

[armfazh]

@foxt do you still see this behaviour?

[foxt]

@armfazh No, I don't see it using passes on the privacy-pass url. You can still only get 5 passes for those wondering.