Cloudflare Turnstileデモ

このページでは、Cloudflare Turnstileの表示方法とCloudflare Turnstile検証の仕組みについて説明します。

"Cloudflare Turnstile"のロゴ

多くの場合、Cloudflare Turnstileはアクセシビリティを妨げ、ユーザーを苛立たせ、オープンな情報へのアクセスを制限し、アプリケーションやサイトのテストを困難にします。 自動バイパスにはCloudflare Turnstileソルバーを使用します。

Cloudflare TurnstileソルバーAPI

How to solve Cloudflare Turnstile

  1. Open developer's console in your browser and find element with data-sitekey attribute.

    <div class="cf-turnstile" data-sitekey="0x4AAAAAAAVrOwQWPlm3Bnr5"></div>
  2. Send sitekey and pageurl to our API.

    PHP

    $result = $solver->turnstile([
      'sitekey' => '0x4AAAAAAAChNiVJM_WtShFf',
      'url'     => 'https://ace.fusionist.io',
    ]);

    Python

    result = solver.turnstile(sitekey='0x1AAAAAAAAkg0s2VIOD34y5', url='http://mysite.com/')

    Ruby

    # https://github.com/2captcha/2captcha-ruby
    require 'api_2captcha'
    
    client =  Api2Captcha.new("YOUR_API_KEY")
    
    result = client.turnstile({
      sitekey: '0x1AAAAAAAAkg0s2VIOD34y5',
      pageurl: 'http://mysite.com/'
    })

    Wait for the result, which may look like this:

    03AGdBq27lvCYmKkaqDdxWLfMe3ovADGfGlSyiR-fN_EJrZGniTAmdH1XSjK8ralsctfjOLX2K0T7dJfxPqqga8dtSG2Lmns8Gk2ckcU6PQzUFieBqrtpkr5PPwnngew0Rnot2ik1y8m202u6pHTIquExlEYSlzS8vfoyPPt8fCf-Zrbu8vWkiY8Ogj17ommHMgkguZbmEyOdfLTXzhRko-a655_jJdCMjEtMxva-b78DnGlXu9d0o6vEmrw9n8ABu4lLsWnIbYPH0beXRRIkUE3si64Xhwkh1aO3L1HaIR3sfR0vOs3GV1OBzry_tFsZM0ZhSQovKJwjLlotrYajyTSRv3hgvXtLlLxXzbAwgeI91-wM7AFEte0uO_DhcNajxZr7E50wU9vuAe_drGWe4q-hNx4PQPenjaw

    Manually:

    1. Make a POST request to https://2captcha.com/in.php with the following parameters:

      {
        "key": "YOUR_API_KEY",
        "method": "turnstile",
        "sitekey": "0x4AAAAAAAVrOwQWPlm3Bnr5",
        "pageurl": "${window.location.href}",
        "json": 1
      }
    2. If everything is fine server will return the ID of your captcha:

      {
        "status": 1,
        "request": "2122988149"
      }
    3. After 15-20 seconds send GET request to get the result:

      GET https://2captcha.com/res.php?key=YOUR_API_KEY&action=get&id=2122988149&json=1

      If captcha is already solved server will respond with the answer token:

      {
        "status": 1,
        "request": "0.WoGeDojxQzHCCk023JRjfxv23olYh37jFdvPrcqmNeQ7PbSYIEuiBTK2SR_GdjfMitYEC23Gm7Vt93U1CPcI6aIFEhG-ffe1i9e6tIfIlYCFtb7OMxTB4tKCyTdpiaA.SP5YT77nuMNdOhZlvoBWAQ.da6448d22df7dd92f56a9fcf6d7138e5ee712bcf7d00c281f419b3bc091cbe64"
      }

      If captcha is not solved yet server will return CAPCHA_NOT_READY code. Repeat your request in 5 seconds. If something went wrong server will return an error code.

  3. Use the token returned in your interaction with the target website.
    Normally the token is sent through the input with name="cf-turnstile-response" or, if reCAPTCHA compatibility mode is enabled, also in input with name="g-recaptcha-response". Also the token can be processed by a callback function defined in turnstile.render call or inside data-callback attribute.

    On this demo page we use the input that can be changed this way:

    document.querySelector('[name="cf-turnstile-response"]').value = 'TOKEN';