challenge-bypass-extension
challenge-bypass-extension copied to clipboard
privacypass
Infinite capcha
Describe the bug When I go to https://captcha.website/ I'm suggested to solve the captcha. When I do this I'm suggested to solve another one. And so on. Solved dozens of capchas and still no result. Looks like an infinite loop.
Expected behavior I'm accepted as a real human being and allowed to access internet websites undef CF protection
System (please complete the following information):
- OS: Fedora 35
- Cloudflare tokens
- Browser: Chrome
- Browser version: 101.0.4951.54 (Official Build) (64-bit)
- Privacy Pass Version: 3.0.2
Additional context Add any other context about the problem here.
https://captcha.website/ is a special page that allows obtaining tokens. This explains why it loops. After a captcha is solved click on the extension icon (which may be hidden in the browser tab, check your browser icons) and check that you get tokens.
In this image, solving captcha grants 30 tokens.
@armfazh but I don't get any tokens, the conter stays at zero no matter how many captchas I solved
@dmitriyshashkin do you have any other extensions installed in your browser?
@migueldemoura yes. So I tried turning them on and off and aparently the only extention that is causing this problem is the one I'd suspect the least: https://chrome.google.com/webstore/detail/fedora-user-agent/hojggiaghnldpcknpbciehjcaoafceil
So it's the extention that is preinstalled in Fedora Linux. And the only thing it does is changing the user agent header so it includes the name of the distro (Fedora) in it. By default Chromes UA header says "Linux" and the extention changes it to "Fedora Linux". That's all.
Since 2015 every Fedora workstation user has it by default. I don't see why it's causing this problem.
Thanks for the info, we already have a fix for this particular issue, and it'll be released this week.
@migueldemoura nope, it still doesn't work. But the behaviour is different now. Usually when I solve the captcha I see the ERR_BLOCKED_BY_CLIENT (as one on the screenshot) and then I'm redirected to the captcha page and my captcha score is increased. With the Fedora extention enabled I'm stuck on ERR_BLOCKED_BY_CLIENT page. No redirect happens and no scores are added.
I was experimenting with my extension setup to see if this was still an issue, it appears it still is. (Edit: When I say 'this', I mean that it looks like the extension isn't working due to the page being blocked, but it actually is working and it just isn't very obvious)
The PrivacyPass extension itself appears to block captcha.website after completing a captcha (with a ERR_BLOCKED_BY_CLIENT). Once I complete a captcha, I receive the error, then the page is refreshed. I do get tokens, but it isn't very obvious that this is occurring as it looks like (from the users perspective) the request just failed.
If I disable the extension (or use another browser/incognito) and then subsequently complete a captcha, the github.io page is loaded with the captcha.website domain as expected.
If the PrivacyPass extension must block access to captcha.website after the captcha is complete (to refresh the page to force another captcha or similar), it would be better to do so in a more transparent way (eg. bringing the user to a page suggesting they open the extension to see if they've been granted tokens).
I think this would make it a lot more obvious that something is actually happening, and that an error hasn't actually occurred.
Closing this issue in favor of https://github.com/privacypass/challenge-bypass-extension/issues/400, where a major reshape is being centralised to support IETF version.
