How to bypass KeyCaptcha

Introduction

KeyCaptcha is an interactive captcha that often appears as a puzzle or a drag-and-drop task. It is widely used across various websites to protect registration forms, comment sections, and other user actions. Unlike simple text captchas, KeyCaptcha requires users to interact with specific objects on the page.

For automation purposes, this means we need to obtain a special token from a solving service and inject it into the target page. In this guide, we'll break down how to automate bypassing KeyCaptcha using the 2Captcha API.

How to Find the Parameters for Solving

To submit a task for solving, you need to extract a few critical parameters from the page. They are usually found in the source code or the captcha initialization script.

You will need the following values:

• s_s_c_user_id — the user identifier.
• s_s_c_session_id — the session identifier.
• s_s_c_web_server_sign — the first part of the server signature.
• s_s_c_web_server_sign2 — the second part of the server signature.
• websiteURL — the full URL of the page where the captcha is loaded.

How to find them in practice:

1. Open Developer Tools (F12) and go to the Elements (or Sources) tab.
2. Look for the KeyCaptcha initialization script. It usually consists of JavaScript variables like:
   javascript Copy

   var s_s_c_user_id = '184015';
   var s_s_c_session_id = '9ff29e0176e78eb7ba59314f92dbac1b';
   var s_s_c_web_server_sign = '964635241a3e5e76980f2572e5f63452';
   var s_s_c_web_server_sign2 = '3ca802a38ffc5831fa293ac2819b1204';

3. Copy these values. Make sure the page URL (websiteURL) matches exactly what is in your browser's address bar.

API Parameters

The 2Captcha API supports two task types for KeyCaptcha: using our internal proxies (KeyCaptchaTaskProxyless) and using your own proxies (KeyCaptchaTask).

Required parameters:

• type — KeyCaptchaTaskProxyless or KeyCaptchaTask
• websiteURL — full URL of the target page
• s_s_c_user_id — the value of s_s_c_user_id from the page
• s_s_c_session_id — the value of s_s_c_session_id from the page
• s_s_c_web_server_sign — the value of s_s_c_web_server_sign from the page
• s_s_c_web_server_sign2 — the value of s_s_c_web_server_sign2 from the page

Proxy parameters (only for KeyCaptchaTask):

• proxyType — proxy type (http, socks4, socks5)
• proxyAddress — IP address or hostname of the proxy server
• proxyPort — proxy server port
• proxyLogin — login for authentication (optional)
• proxyPassword — password for authentication (optional)

JSON Request Examples

A request to create a task (Proxyless) looks like this:

{
    "clientKey": "YOUR_API_KEY",
    "task": {
        "type": "KeyCaptchaTaskProxyless",
        "websiteURL": "https://example.com/page-with-keycaptcha",
        "s_s_c_user_id": "184015",
        "s_s_c_session_id": "9ff29e0176e78eb7ba59314f92dbac1b",
        "s_s_c_web_server_sign": "964635241a3e5e76980f2572e5f63452",
        "s_s_c_web_server_sign2": "3ca802a38ffc5831fa293ac2819b1204"
    }
}

A request using your own proxies:

{
    "clientKey": "YOUR_API_KEY",
    "task": {
        "type": "KeyCaptchaTask",
        "websiteURL": "https://example.com/page-with-keycaptcha",
        "s_s_c_user_id": "184015",
        "s_s_c_session_id": "9ff29e0176e78eb7ba59314f92dbac1b",
        "s_s_c_web_server_sign": "964635241a3e5e76980f2572e5f63452",
        "s_s_c_web_server_sign2": "3ca802a38ffc5831fa293ac2819b1204",
        "proxyType": "http",
        "proxyAddress": "1.2.3.4",
        "proxyPort": 8080,
        "proxyLogin": "user23",
        "proxyPassword": "p4$w0rd"
    }
}

A request to get the result is standard:

{
    "clientKey": "YOUR_API_KEY",
    "taskId": "TASK_ID_FROM_CREATE_TASK"
}

A successful response from the API will contain the token for injection:

{
    "errorId": 0,
    "status": "ready",
    "solution": {
        "token": "84f42ee334f6bd760b8be3b2b...492598266d7a2418511776505f79|1"
    },
    "cost": "0.00299",
    "createTime": 1692863536,
    "endTime": 1692863556
}

Step-by-Step Implementation in Python

Creating the Task and Getting the Result

First, let's write the basic functions for sending the captcha and waiting for the response.

import requests
import time

API_KEY = "YOUR_API_KEY"
API_HOST = "2captcha.com"

def create_keycaptcha_task(url, user_id, session_id, sign1, sign2):
    payload = {
        "clientKey": API_KEY,
        "task": {
            "type": "KeyCaptchaTaskProxyless",
            "websiteURL": url,
            "s_s_c_user_id": user_id,
            "s_s_c_session_id": session_id,
            "s_s_c_web_server_sign": sign1,
            "s_s_c_web_server_sign2": sign2
        }
    }
    response = requests.post(f"https://api.2captcha.com/createTask", json=payload)
    return response.json()["taskId"]

def get_keycaptcha_result(task_id):
    while True:
        time.sleep(3)
        payload = {
            "clientKey": API_KEY,
            "taskId": task_id
        }
        response = requests.post(f"https://api.2captcha.com/getTaskResult", json=payload)
        result = response.json()
        
        if result.get("status") == "ready":
            return result["solution"]["token"]
        elif result.get("errorId") != 0:
            raise Exception(f"API error: {result.get('errorDescription')}")

Using the Official SDK

If you don't want to write polling loops manually, you can use the official library. This significantly reduces the code.

from twocaptcha import TwoCaptcha

solver = TwoCaptcha('YOUR_API_KEY')

try:
    result = solver.keycaptcha(
        s_s_c_user_id=184015,
        s_s_c_session_id='9ff29e0176e78eb7ba59314f92dbac1b',
        s_s_c_web_server_sign='964635241a3e5e76980f2572e5f63452',
        s_s_c_web_server_sign2='3ca802a38ffc5831fa293ac2819b1204',
        url='https://example.com/page-with-keycaptcha'
    )
    print(f"Token received: {result['token']}")
except Exception as e:
    print(f"Error solving: {e}")

Injecting the Solution into the Page

Once you get the token from the API response, you need to pass it to the website. Usually, KeyCaptcha expects this token in a hidden input field inside the form or in the POST request body.

If you are using Selenium or Playwright, you can find the hidden field and set its value via JavaScript.

driver.execute_script(f"""
    let tokenInput = document.querySelector('input[name="keycaptcha_token"]'); // The field name may vary
    if (tokenInput) {{
        tokenInput.value = '{result["token"]}';
    }}
""")

Important Nuances and Best Practices

KeyCaptcha can be sensitive to network fingerprints and behavior. If you solve the captcha from one IP address and submit the form from another, the protection might notice.

Always use high-quality residential proxies if the target website strictly checks IP addresses. To do this, use the KeyCaptchaTask type and pass the proxy parameters directly to the API.

Do not delay submitting the form. KeyCaptcha tokens have a limited lifespan. As soon as you receive the token, inject it and submit the form immediately.

Solution Accuracy Reports

If the website rejects the received token, be sure to report it. This helps the service improve its algorithms and refunds your funds for the failed attempt.

You cannot submit a report directly from the browser extension interface, but there are two easy ways to do it:

The first way is via the dashboard. Go to the upload statistics section at https://2captcha.com/statistics/uploads. Find the relevant task in the list and click the Report incorrect button right next to it.

The second way is via the API. If you are writing an automated script, use the reportIncorrect and reportCorrect endpoints, passing your API key and the taskId of the task.

Troubleshooting Common Issues

If the API returns an ERROR_CAPTCHA_UNSOLVABLE error, you most likely copied one of the parameters (s_s_c_user_id, s_s_c_session_id, s_s_c_web_server_sign, or s_s_c_web_server_sign2) incorrectly or specified the wrong page URL. Check the source code again.

If the site accepts the token but then still blocks you or asks you to pass the captcha again, the problem is almost certainly the IP address or browser fingerprints. Check your proxy settings and make sure you are not using automation without masking.

Useful Links

• KeyCaptcha API Documentation
• Upload statistics and sending reports
• Support Center
• Code examples on GitHub

Conclusion

Bypassing KeyCaptcha via 2Captcha boils down to extracting four specific parameters from the page (s_s_c_user_id, s_s_c_session_id, s_s_c_web_server_sign, s_s_c_web_server_sign2), sending them to the API along with the page URL, and injecting the received token into the form. Keep in mind the importance of using good proxies and submitting the form quickly, as tokens have a limited lifespan.