Tired of spending money for expensive solving services? This guide will show you how to make your own Arkose Labs solver (Funcaptcha) to save money. All you need are proxies and a good understanding of web hacking and algorithms.
What is Arkose Labs / Funcaptcha ?
Arkose Labs, also known as Funcaptcha, is a popular captcha solution used by websites like Roblox, Hotmail and ChatGPT. It is designed to block bots and prevent abuse with unique challenges.
Arkose Labs stands out by using a user-friendly approach to captchas while blocking malicious traffic. They aim to make it as challenging as possible for anyone trying to build an automated solver, ensuring that even if the captcha is solved, it’s a costly and time-consuming process for attackers.
How does Arkose Labs work?
Arkose Labs works similarly to other captcha solutions by first collecting a fingerprint, then asking for a solution to an image-based challenge if necessary.
The fingerprint they collect is encrypted and contains several pieces of information, such as:
- WebGL data: Details about your device’s graphics capabilities.
- Supported languages: The languages configured on your device.
- Browser-specific info: Unique identifiers tied to your browser.
These details help Arkose Labs verify that the request is coming from a real user, not an automated script. However, they can be easily spoofed. The real security lies in the image challenge, which is much harder to bypass.
Step-by-step Guide to Make a Solver
Warning: This content is for educational purposes only. We do not condone exploiting systems or engaging in fraudulent activities.
1. Set Up a Programming Environment
Choose a programming language that you’re comfortable with, such as C#, GoLang or Python. Next, choose an IDE like Jetbrains Rider, Visual Studio, or any other that suits your preference. Then, create a dedicated folder that will serve as a workspace to write your code.
For better organization, consider creating two separate folders: one for image classification and another for handling the browser fingerprint and requests. This will help keep your codebase clean and manageable as you build your solver.
2. Reverse Engineer Arkose’s script
Next, you’ll need to reverse Arkose’s script. Start by reviewing the script to understand how it works and familiarize yourself with its structure for the upcoming steps. If you’re new to reverse engineering Javascript, check out resources like Leet Cipher’s video for guidance.
Using your browser’s debugger, you can step through Arkose’s JavaScript code on a challenge page. Keep in mind, Arkose uses strong obfuscation, so simply using online deobfuscation tools won’t work. Patience and manual analysis will be key to understanding how the script functions.
3. Write a basic BDA Generator
To generate a BDA, start by locating the encrypt and decrypt functions, which are available on GitHub or within the Arkose’s JavaScript files.
Next, use your browser’s developer tools to intercept a BDA value while interacting with an Arkose challenge. Once you have the BDA, apply the decrypt function to understand its structure and contents.
Analyze its contents carefully, which will typically include elements like timestamps, device information, and other unique identifiers. With this information, you can write a script to modify specific values, such as the timestamp, and reproduce a valid BDA for your solver.
4. Choose the Right HTTP Client
When botting, a common mistake is using a generic HTTP client for browser-like requests. However, when communicating over HTTPS, the client interacts with the server in a way that can be fingerprinted and flagged. To avoid this, select an HTTP client that matches the TLS fingerprint of your chosen browser. This ensures your requests are recognized as coming from a legitimate browser.
5. Simulate Your Browser’s Requests
Once you have a suitable HTTP client, write the code to replicate the exact requests your browser sends. Be sure to include all the headers your browser uses and to add proxy support to avoid being IP flagged. Some requests may not be critical, so you can skip them to save on proxy bandwidth.
6. Write an Image Classification Solver
Some challenges will not require image-based solutions (suppressed), but others will. These image challenges vary in difficulty, with factors like the number of waves (images), the game difficulty, and the game mode. The game difficulty is determined by how flagged your BDA request and IP address are.
To tackle these challenges, you will need to create a solver for each game mode. There are several methods you can use, but some are more efficient than others. While AI is common, image classification alone is not very efficient, which is why specific algorithms are recommended.
When building a classification solver, it’s important to focus on the most common game modes. This part of the process is the most challenging and time-consuming, as you’ll need to create solvers for many different game modes.
7. Unflag and Maintain your Arkose solver
Initially, your solver is likely to be silent flagged, and you will not know it. To trigger a flag, you might need to send thousands of requests. You’ll know you’ve been flagged when you start encountering hard captchas, such as those with over 5 waves or uncommon game modes.
To get your solver unflagged, you need to apply your reverse engineering skills to identify the cause and determine how to unflag your solver. Use common sense and compare your real browser fingerprint with the one you’ve generated to help you get unflagged.
Congrats! At this stage, you have made a working solver. But keep in mind that Arkose Labs constantly updates their security measures, which means you’ll need to regularly update and adapt your solver. Be prepared to adjust to new variants and changes in the BDA values to keep your solver working effectively.
How to Decrypt a BDA?
To decrypt a BDA, use the AES-CBC algorithm along with the BDA key, which is made up of the user agent combined with the current time. You can learn more about how the BDA works by reversing the JavaScript files or checking out publicly available code on GitHub.
How to make an unflagged BDA generator?
Creating an effective BDA generator starts with reverse engineering Arkose’s code to understand how it works. The key is to make the generated BDA as realistic as possible.
This means avoiding generating random values. Each value has a specific meaning and is verified during the process. By carefully mimicking these values, you can create a more reliable and accurate BDA generator.
Alternatives to Making a Solver Yourself
If you don’t have the time or knowledge to build your own solver, you can opt to pay for one.
Capsolver offers the best price-to-value ratio on the market, and their captcha solver can be easily integrated into your project. However, note that as of the time of writing this article, the Funcaptcha package has been removed. You need to contact their support team to gain access.
Another good alternative is XEvil 5, but it is quite expensive and only offers image classification.
Conclusion
Creating a solver is challenging, as it requires hundreds of hours to support each game mode and staying up to date with Arkose Labs updates. However, if you’re dedicated and have the time, it can be a rewarding experience that saves you a lot of money on botting projects.
To learn more, I recommend checking out noahcoolboy’s work. While it’s not a working solver, it provides a good example of how to create one.