Skip to main content

reCAPTCHA V2

reCAPTCHA V2 also known as I'm not a robot reCAPTCHA is a very popular type of captcha that looks like this:

Solving reCAPTCHA V2 with our method is pretty simple:

  1. Look at the element's code at the page where you found reCAPTCHA.

  2. Find a link that begins with www.google.com/recaptcha/api2/anchor or find data-sitekey parameter.

  3. Copy the value of k parameter of the link (or value of data-sitekey parameter).

  4. Submit a HTTP GET or POST request to our API URL: https://ocr.captchaai.com/in.php with method set to userrecaptcha and the value found on previous step as value for googlekey and full page URL as value for pageurl. Sending proxies is not obligatory ar the moment but it's recommended.
    You can find the full list of parameters in the table below.

    Request URL example:

    https://ocr.captchaai.com/in.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&method=userrecaptcha&googlekey=6Le-wvkSVVABCPBMRTvw0Q4Muexq1bi0DJwx_mJ-&pageurl=https://mysite.com/page/with/recaptcha

  5. If everything is fine server will return the ID of your captcha as plain text, like: OK|123456789 or as JSON {"status":1,"request":"123456789"} if json parameter was used.
    Otherwise server will return an error code.

  6. Make a 15-20 seconds timeout then submit a HTTP GET request to our API URL: https://ocr.captchaai.com/res.php to get the result.
    The full list of parameters is in the table below.

    If captcha is already solved server will respond in plain text or JSON and return the answer token that looks like:

    03AHJ_Vuve5Asa4koK3KSMyUkCq0vUFCR5Im4CwB7PzO3dCxIo11i53epEraq-uBO5mVm2XRikL8iKOWr0aG50sCuej9bXx5qcviUGSm4iK4NC_Q88flavWhaTXSh0VxoihBwBjXxwXuJZ-WGN5Sy4dtUl2wbpMqAj8Zwup1vyCaQJWFvRjYGWJ_TQBKTXNB5CCOgncqLetmJ6B6Cos7qoQyaB8ZzBOTGf5KSP6e-K9niYs772f53Oof6aJeSUDNjiKG9gN3FTrdwKwdnAwEYX-F37sI_vLB1Zs8NQo0PObHYy0b0sf7WSLkzzcIgW9GR0FwcCCm1P8lB-50GQHPEBJUHNnhJyDzwRoRAkVzrf7UkV8wKCdTwrrWqiYDgbrzURfHc2ESsp020MicJTasSiXmNRgryt-gf50q5BMkiRH7osm4DoUgsjc_XyQiEmQmxl5sqZP7aKsaE-EM00x59XsPzD3m3YI6SRCFRUevSyumBd7KmXE8VuzIO9lgnnbka4-eZynZa6vbB9cO3QjLH0xSG3-egcplD1uLGh79wC34RF49Ui3eHwua4S9XHpH6YBe7gXzz6_mv-o-fxrOuphwfrtwvvi2FGfpTexWvxhqWICMFTTjFBCEGEgj7_IFWEKirXW2RTZCVF0Gid7EtIsoEeZkPbrcUISGmgtiJkJ_KojuKwImF0G0CsTlxYTOU2sPsd5o1JDt65wGniQR2IZufnPbbK76Yh_KI2DY4cUxMfcb2fAXcFMc9dcpHg6f9wBXhUtFYTu6pi5LhhGuhpkiGcv6vWYNxMrpWJW_pV7q8mPilwkAP-zw5MJxkgijl2wDMpM-UUQ_k37FVtf-ndbQAIPG7S469doZMmb5IZYgvcB4ojqCW3Vz6Q

    If captcha is not solved yet server will return CAPCHA_NOT_READY result. Repeat your request in 5 seconds.

    If something went wrong server will return an error code.

  7. Locate the element with id g-recaptcha-response and make it visible deleting display:none parameter.

    Please note: sometimes content on the page is generated dynamically and you will not see this element in html source.
    In such cases you have to explore javascript code that generates the content. "Inspect" option in Google Chrome can help in that.

    As an alternative you can just use javascript to set the value of g-recaptcha-response field:

    document.getElementById("g-recaptcha-response").innerHTML="TOKEN_FROM_captchaai";

  8. An input field will appear on the page. And you just have to paste the answer token to that field and submit the form.

  9. Congratulations, you've passed the recaptcha

reCAPTCHA Callback

Sometimes there's no submit button and a callback function is used isntead. The function is when reCAPTCHA is solved.

Callback function is usually defined in data-callback parameter of reCAPTCHA, for example:

data-callback="myCallbackFunction"

Or sometimes it's defined as callback parameter of grecaptcha.render function, for example:

grecaptcha.render('example', {'sitekey' : 'someSitekey','callback' : myCallbackFunction,'theme' : 'dark'});

Also there's another way to find the callback function - open javascript console of your browser and explore reCAPTCHA configuration object:

___grecaptcha_cfg.clients[0].aa.l.callback

Note that aa.l may change and there can be multiple clients so you have to check clients[1], clients[2] too.

Finally all you have to do is to call that function:

myCallbackFunction();

Or even this way:

___grecaptcha_cfg.clients[0].aa.l.callback();

Sometimes it is required to provide an argument and in most cases you should put the token there. For example:

myCallbackFunction('TOKEN');

Invisible reCAPTCHA V2

reCAPTCHA V2 also has an invisible version.
You may check how it looks like here: https://www.google.com/recaptcha/api2/demo?invisible=true
We added parameter invisible=1 that should be used for invisible reCAPTCHA.

Invisible reCAPTCHA is located on a DIV layer positioned -10 000 px from top that makes it invisible for user.

reCAPTCHA is activated on page load or on user's actions like click somewhere or submit a form - that depends on the website. If user's cookies are good enough then he will just pass it utomatically and no additional actions will be required. Otherwise user will see standard eCAPTCHA form with a challenge.

In most cases when challenge is completed a callback function is executed. You can read more about callback here.

If you are still not sure — there are few ways to determine that reCAPTCHA is in invisible mode:

  • You don't see "I'm not a robot" checkbox on the page but getting recaptcha challenge making some actions there
  • reCAPTCHA's iframe link contains parameter size=invisible
  • reCAPTCHA's configuration object contains parameter size that is set to invisible, for example ___grecaptcha_cfg.clients[0].aa.l.size is equal to invisible

How to bypass invisible reCAPTCHA in browser?

Method 1: using javascript:

  1. Change the value of g-recaptcha-response element to the token you received from our server:

    document.getElementById("g-recaptcha-response").innerHTML="TOKEN_FROM_captchaai";

  2. Execute the action that needs to be performed on the page after solving reCAPTCHA.

Usually there's a form that should be submitted and you need to identify the form by id or name or any other attribute and then submit the form. Here are few examples:

document.getElementById("recaptcha-demo-form").submit(); //by id "recaptcha-demo-form"
document.getElementsByName("myFormName")\[0\].submit(); //by element name "myFormName"
document.getElementsByClassName("example").submit(); //by class name "example"

Or sometimes there's a callback function executed when reCAPTCHA is solved.

Callback function is usually defined in data-callback parameter of reCAPTCHA, for example:

data-callback="myCallbackFunction"

Or sometimes it's defined as callback parameter of grecaptcha.render function, for example:

grecaptcha.render('example', {
  'sitekey' : 'someSitekey',
  'callback' : myCallbackFunction,
  'theme' : 'dark'
});

And all you have to do is to call that function:

myCallbackFunction();

  1. Voila! You've done that with just 2 strings of code.

Method 2: changing HTML:

  1. Cut the div containing reCAPTCHA from page body.
<div style="visibility: hidden; position: absolute; width:100%; top: -10000px; left: 0px; right: 0px; transition: visibility 0s linear 0.3s, opacity 0.3s linear; opacity: 0;">
<div style="width: 100%; height: 100%; position: fixed; top: 0px; left: 0px; z-index: 2000000000; background-color: #fff; opacity: 0.5;  filter: alpha(opacity=50)">
</div>
<div style="margin: 0 auto; top: 0px; left: 0px; right: 0px; position: absolute; border: 1px solid #ccc; z-index: 2000000000; background-color: #fff; overflow: hidden;">
<iframe src="https://www.google.com/recaptcha/api2/bframe?hl=en&v=r20170213115309&k=6LfP0CITAAAAAHq9FOgCo7v_fb0-pmmH9VW3ziFs#zglq3yifgkmj" title="recaptcha challenge" style="width: 100%; height: 100%;" scrolling="no" name="zglq3yifgkmj" frameborder="0"></iframe>
</div>
</div>
  1. Cut the whole block:
<div class=""><!-- BEGIN: ReCAPTCHA implementation example. -->
<div id="recaptcha-demo" class="g-recaptcha" data-sitekey="6LfP0CITAAAAAHq9FOgCo7v\_fb0-pmmH9VW3ziFs" data-callback="onSuccess" data-bind="recaptcha-demo-submit"><div class="grecaptcha-badge" style="width: 256px; height: 60px; transition: right 0.3s ease 0s; position: fixed; bottom: 14px; right: -186px; box-shadow: 0px 0px 5px gray;"><div class="grecaptcha-logo"><iframe src="https://www.google.com/recaptcha/api2/anchor?k=6LfP0CITAAAAAHq9FOgCo7v\_fb0-pmmH9VW3ziFs&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=r20170213115309&size=invisible&cb=uror1hlow5a" title="recaptcha widget" scrolling="no" name="undefined" width="256" height="60" frameborder="0"></iframe></div><div class="grecaptcha-error"></div><textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 40px; border: 1px solid #c1c1c1; margin: 10px 25px; padding: 0px; resize: none;  display: none; "></textarea></div></div>
<script>
    var onSuccess = function (response) {
        var errorDivs = document.getElementsByClassName("recaptcha-error");
        if (errorDivs.length) {
            errorDivs\[0\].className = "";
        }
        var errorMsgs = document.getElementsByClassName("recaptcha-error-message");
        if (errorMsgs.length) {
            errorMsgs\[0\].parentNode.removeChild(errorMsgs\[0\]);
        }
        document.getElementById("recaptcha-demo-form").submit();
    };
</script><!-- Optional noscript fallback. --><!-- END: ReCAPTCHA implementation example. --></div>
  1. Put the following code instead of the block you've just cut:
<input type="submit">
<textarea name="g-recaptcha-response">%g-recaptcha-response%</textarea>

Where %g-recaptcha-response% - is an answer token you’ve got from our service.

  1. You will see “Submit query” button.
    Press the button to submit the form with g-recaptcha-response and all other form data to the website.

List of GET/POST request parameters for https://ocr.captchaai.com/in.php

ParameterTypeRequiredDescription
keyStringYesyour API key
methodStringYesuserrecaptcha - defines that you're sending a reCAPTCHA V2 with new method
googlekeyStringYesValue of k or data-sitekey parameter you found on page
pageurlStringYesFull URL of the page where you see the reCAPTCHA
domainString
Default: google.com		NoDomain used to load the captcha: google.com or recaptcha.net
invisibleInteger
Default: 0		No1 - means that reCAPTCHA is invisible. 0 - normal reCAPTCHA.
data-sStringNoValue of data-s parameter you found on page. Curenttly applicable for Google Search and other Google services.
cookiesStringNoYour cookies that will be passed to our OCR server who solve the captha. We also return OCR server's cookies in the response if you use json=1.
Format: KEY:Value, separator: semicolon, example: KEY1:Value1;KEY2:Value2;
userAgentStringNoYour userAgent that will be passed to our OCR server and used to solve the captcha.
header_acaoInteger
Default: 0		No0 - disabled
1 - enabled.
If enabled in.php will include Access-Control-Allow-Origin:* header in the response.
Used for cross-domain AJAX requests in web applications. Also supported by res.php.
jsonInteger
Default: 0		No0 - server will send the response as plain text
1 - tells the server to send the response as JSON
proxyStringNoFormat: login:password@123.123.123.123:3128
You can find more info about proxies here.
proxytypeStringNoType of your proxy: HTTP, HTTPS, SOCKS4, SOCKS5.

List of GET request parameters for https://ocr.captchaai.com/res.php

GET parameterTypeRequiredDescription
keyStringYesyour API key
actionStringYesget - get the asnwer for your captcha
idIntegerYesID of captcha returned by in.php.
jsonInteger
Default: 0		No0 - server will send the response as plain text
1 - tells the server to send the response as JSON

Request URL example: https://ocr.captchaai.com/res.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&action=get&id=123456789