reCAPTCHA v3 solver

How to solve reCAPTCHA V3 using SolveCaptcha:

1. First you've got to be sure the target website is actually using reCAPTCHA V3

   There should be V3 if:

   • there is no captcha and no images to click on
   • api.js script is loading with the render=sitekey parameter, for example:
     https://www.google.com/recaptcha/api.js?render=6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE
   • clients array of ___grecaptcha_cfg object is using index 100000: ___grecaptcha_cfg.clients[100000]

2. To start solving reCAPTCHA V3 using our API first you've got to find three parameters:

   sitekey - this parameter could be obtained from the URI of api.js as a value of render parameter. It could also be found inside URI of iframe with reCAPTCHA, in javascript code of the website where it's calling grecaptcha.execute function or in ___grecaptcha_cfg configuration object.

   action - you've got to find this inspecting javascript code of the website looking for call of grecaptcha.execute function. Example: grecaptcha.execute('6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE', {action: do_something}).
   Sometimes it's really hard to find it and you've got to dig through all js-files loaded by website. You may also try to find the value of action parameter inside ___grecaptcha_cfg configuration object but usually it's undefined. In that case you have to call grecaptcha.execute and inspect javascript code. If you can't find it try to use the default value "verify" - our API will use it if you don't provide action in your request.

   pageurl - full URL of the page where you see the reCAPTCHA V3.

   Now you need to understand the score you need to solve V3. You can't predict what score is acceptable for the website you want to solve at. It can only be figured out by trial and error. The lowest score is 0.1 which means "robot", the highest is 0.9 which means "human". But most sites uses thresholds from 0.2 to 0.5 because real humans receive a low score oftenly. Our service is able to provide solutions which requires the score of 0.3. Higher score is extreamly rare among workers.

3. Having all necessary parameters stated above you may send request to our API.

4. Submit a HTTP GET or POST request to our API URL:
   https://api.solvecaptcha.com/in.php
   with method set to userrecaptcha and version set to v3 along with min_score set to score website requires, sitekey inside googlekey parameter and full page URL as value for pageurl. You have to include action parameter to or else we will use default value verify.

   List of request parameters below.

   URL request sample:

   https://api.solvecaptcha.com/in.php?key=1abc234de56fab7c89012d34e56fa7b8&method=userrecaptcha&version=v3&action=verify&min_score=0.3
               &googlekey=6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE&pageurl=http://mysite.com/page/

5. If everything is fine server will return the ID of your captcha as plain text, like: OK|2122988149 or as JSON {"status":1,"request":"2122988149"} if json parameter was used.

   If something went wrong server will return an error. See Error Handling chapter for the list of errors.

6. Make a 10-15 seconds timeout and submit a HTTP GET request to our API https://api.solvecaptcha.com/res.php providing the captcha ID. The list of parameters is in the table below.

   If everything is fine and your captcha is solved server will return the answer as plain text or as JSON. The answer is a token like this:

   03AHJ_Vuve5Asa4koK3KSMyUkCq0vUFCR5Im4CwB7PzO3dCxIo11i53epEraq-uBO5mVm2XRikL8iKOWr0aG50sCuej9bXx5qcviUGSm4iK4NC_Q88flavWhaTXSh0VxoihBwBjXxwXuJZ-WGN5Sy4dtUl2wbpMqAj8Zwup1vyCaQJWFvRjYGWJ_TQBKTXNB5CCOgncqLetmJ6B6Cos7qoQyaB8ZzBOTGf5KSP6e-K9niYs772f53Oof6aJeSUDNjiKG9gN3FTrdwKwdnAwEYX-F37sI_vLB1Zs8NQo0PObHYy0b0sf7WSLkzzcIgW9GR0FwcCCm1P8lB--gf50q5BMkiRH7osm4DoUgsjc_XyQiEmQmxl5sqZP7aKsaE-EM00x59XsPzD3m3YI6SRCFRUevSyumBd7KmXE8VuzIO9lgnnbka4-eZynZa6vbB9cO3QjLH0xSG3--o-fxrOuphwfrtwvvi2FGfpTexWvxhqWICMFTTjFBCEGEgj7_IFWEKirXW2RTZCVF0Gid7EtIsoEeZkPbrcUISGmgtiJkJ_KojuKwImF0G0CsTlxYTOU2sPsd5o1JDt65wGniQR2IZufnPbbK76Yh_KI2DY4cUxMfcb2fAXcFMc9dcpHg6f9wBXhUtFYTu6pi5LhhGuhpkiGcv6vWYNxMrpWJW_pV7q8mPilwkAP-zw5MJxkgijl2wDMpM-UUQ_k37FVtf-ndbQAIPG7S469doZMmb5IZYgvcB4ojqCW3Vz6Q

   If the captcha is not solved yet server will return CAPCHA_NOT_READY. Just repeat your request in 5 seconds.

   If something went wrong server will return an error. See Error Handling chapter for the list of errors.

   Sample request:

   https://api.solvecaptcha.com/res.php?key=1abc234de56fab7c89012d34e56fa7b8&action=get&json=1&id=2122988149

7. After receiving the token from our API you've got to use it properly on the target website. Best way to understant that is to check the requests sent to site when you act as a normal user. Most browsers has developer's console tool where you should check Network tab.

   Usually token is sent using POST request. It could be g-recaptcha-response just like reCAPTCHA V2 does or g-recaptcha-response-100000. It could be other parameter too. So you've got to inspect the requests and find out how exactly the token supposed to be sent. Then you have to compose your request accordingly.

8. Now when you have successfully submit the token you may tell us if it worked or not. If not we will refund the money you spent on this token. If it was successfully accepted we will set the worker who solved this captcha as the priority solver for you. Besides we will gather statistics regarding V3 solution which will help us to further investigate this new type of captchas and make our service better.

   To let us know whether it worked or not please send the request to https://api.solvecaptcha.com/res.php with your API Key in key parameter with ID of the captcha in id parameter and indicating action parameter. Next to mention is reportgood if token was accepted successfully or reportbad if token wasn't accepted respectfully.

   Request examples:

   ReportBAD

   https://api.solvecaptcha.com/res.php?key=1abc234de56fab7c89012d34e56fa7b8&action=reportbad&id=2122988149

   ReportGOOD

   https://api.solvecaptcha.com/res.php?key=1abc234de56fab7c89012d34e56fa7b8&action=reportgood&id=2122988149

   Important: complains for captcha types solved with token are not shown on the website. But we proceed with every report and gather the statistics. We will implement this complain display feature in future.

List of GET/POST request parameters for https://api.solvecaptcha.com/in.php

Parameter	Type	Required	Description
key	String	Yes	your API key
method	String	Yes	userrecaptcha — defines that you're sending a reCAPTCHA
version	String	Yes	v3 — defines that you're sending a reCAPTCHA V3
enterprise	String Default: 0	No	1 - defines that you're sending reCAPTCHA Enterpise V3
googlekey	String	Yes	Value of sitekey parameter you found on page
pageurl	String	Yes	Full URL of the page where you see the reCAPTCHA
domain	String Default: google.com	No	Domain used to load the captcha: google.com or recaptcha.net
action	String Default: verify	No	Value of action parameter you found on page
min_score	Integer Default: 0.4	No	The score needed for resolution. Currently it's almost impossible to get token with score higher than 0.3
header_acao	Integer Default: 0	No	0 — disabled 1 — enabled. If enabled in.php will include Access-Control-Allow-Origin:*: header in the response. Used for cross-domain AJAX requests in web applications. Also supported by res.php.
pingback	String	No	URL for pingback (callback) response that will be sent when captcha is solved. URL should be registered on the server. More info here.
json	Integer Default: 0	No	0 — server will send the response as plain text 1 — tells the server to send the response as JSON
soft_id	Integer	No	ID of software developer. Developers who integrated their software with SolveCaptcha get reward: 10% of spendings of their software users.

List of GET request parameters for https://api.solvecaptcha.com/res.php

GET parameter	Type	Required	Description
key	String	Yes	your API key
action	String	Yes	get — get the asnwer for your captcha reportgood — - report the asnwer was accepted reportbad — - report the asnwer was declined
id	Integer	Yes	ID of captcha returned by in.php.
json	Integer Default: 0	No	0 — server will send the response as plain text 1 — tells the server to send the response as JSON
header_acao	Integer Default: 0	No	0 — disabled 1 — enabled. If enabled res.php will include Access-Control-Allow-Origin:* header in the response. Used for cross-domain AJAX requests in web applications.