How to bypass reCAPTCHA validaiton

Archive
,
1

We are using reCAPTCHA v3 and a function I am trying to automate is failing:
reCAPTCHA verification failed with the following codes: score-threshold-not-met

The same scenario passes when testing manually through a browser not controlled by Katalon.

How can get Katalon to bypass reCAPTCHA? I know that’s the purpose of reCAPTCHA, but didn’t know if Katalon has developed a way to get around this.

1 Like
2

Hello,
cannot…
from expirience - ask devs to implement capcha with dev key or turn it off for dev/test environment so automation can be executed.
read https://developers.google.com/recaptcha/docs/faq 3rd question is about automation testing

3

Look the complexity of recaptcha :

it’s impossible i think…

but i think they are some temporary alternative solution for exemple :

  • change ip adress + country + timestamp + browser
  • scroll after each action

This is my post, i hope someone help me to find a better solution to bypass recaptcha :

4

from: Frequently Asked Questions  |  reCAPTCHA  |  Google for Developers

For reCAPTCHA v3, create a separate key for testing environments. Scores may not be accurate as reCAPTCHA v3 relies on seeing real traffic.

For reCAPTCHA v2, use the following test keys. You will always get No CAPTCHA and all verification requests will pass.

Site key: 6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
Secret key: 6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe

The reCAPTCHA widget will show a warning message to ensure it’s not used for production traffic.

5

Hi Marianne, this is the common questions.

CAPTCHA is the feature for the security reasons, so it should not allow bypassing by any tools or automation scripts, but for the testing reasons here is my recommendation so you can consider:

  • Solution 1: Ask the developer to create the “always correct value” as “123456” and apply it to the test environments. This solution will able to work on Jenkins.
  • Solution 2: Ask the developer to show CAPTCHA on UI screen, so you can get text value and input to the field, apply on the test environments and this solution will be able to work on Jenkins as well.
  • Solution 3: Ignore that features from automation script and done by manual, we do not need to auto all features, and this is one of it.
  • Solution 4: Whitelist company, test IP. Adding your company or test machine’s IP to the trusted list and allow these IP to pass the CAPTCHA.
  • Solution 5: Turn off the CAPTCHA on the test environment (alpha), if you have alpha, staging, and production.
  • Solution 6: reCAPTCHA will allow to enable the CAPTCHA test, you can see the details here developers.google.com/recaptcha/docs/faq
  • Solution 7: Some weak CAPTCHA we can bypass by OCR but should not in your case.
1 Like
6

There are several services, which are semi-manual. Like this one: https://anti-captcha.com/ This service is to solve captcha challenge and send you back it to you as plain text. Similar topic: Bypass recaptcha

7

on short, for both topics : you should not bypass captcha, being a secure ‘wish-to-have’. instead, ask the developer to provide credentials for testing. otherwise is hacking