https://github.com/theqmaks/resolver

This extension integrates popular CAPTCHA solution services into BurpSuite to process different types of CAPTCHAs without manual intervention.
https://github.com/theqmaks/resolver

2captcha anti-captcha burpsuite burpsuite-extension burpsuite-pugin capmonster montoya-api recaptcha-solver recaptcha-v2-solver recaptcha-v3-solver security-testing

Last synced: 3 months ago
JSON representation

This extension integrates popular CAPTCHA solution services into BurpSuite to process different types of CAPTCHAs without manual intervention.

• Host: GitHub
• URL: https://github.com/theqmaks/resolver
• Owner: TheQmaks
• License: mit
• Created: 2025-03-13T09:05:20.000Z (4 months ago)
• Default Branch: main
• Last Pushed: 2025-03-18T20:46:45.000Z (4 months ago)
• Last Synced: 2025-03-18T21:25:06.062Z (4 months ago)
• Topics: 2captcha, anti-captcha, burpsuite, burpsuite-extension, burpsuite-pugin, capmonster, montoya-api, recaptcha-solver, recaptcha-v2-solver, recaptcha-v3-solver, security-testing
• Language: Java
• Homepage: https://www.linkedin.com/in/ant01
• Size: 3.11 MB
• Stars: 1
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# reSolver - CAPTCHA solver for BurpSuite

![reSolver Logo](https://github.com/TheQmaks/reSolver/blob/main/resources/logo.jpg?raw=true)

[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

[![Java](https://img.shields.io/badge/Java-11%2B-orange)](https://www.oracle.com/java/)

[![Burp Suite Extension](https://img.shields.io/badge/Burp%20Suite-Extension-purple)](https://portswigger.net/bappstore)

An essential tool for penetration testers and security professionals, allowing you to bypass CAPTCHA protection during web application testing.

  Extension UI preview

  

  ![reSolver Preview](https://github.com/TheQmaks/reSolver/blob/main/resources/preview.gif?raw=true)

## 📋 Table of Contents

- [Features](#-features)

- [Demonstration Video](#-demonstration-video)

- [Getting Started](#-getting-started)

  - [Requirements](#requirements)

  - [Installation](#installation)

- [Usage](#-usage)

  - [Configuring Services](#configuring-services)

  - [Using CAPTCHA Placeholders](#using-captcha-placeholders)

  - [Optional Parameters](#optional-parameters)

  - [Basic Examples](#basic-examples)

  - [Viewing Statistics](#viewing-statistics)

- [Real-world Examples](#-real-world-examples-with-2captcha-demo)

  - [reCAPTCHA v2 Standard](#recaptcha-v2-standard)

  - [reCAPTCHA v2 Invisible](#recaptcha-v2-invisible)

  - [reCAPTCHA v2 Enterprise](#recaptcha-v2-enterprise)

  - [reCAPTCHA v3](#recaptcha-v3)

  - [reCAPTCHA v3 Enterprise](#recaptcha-v3-enterprise)

- [Building from Source](#-building-from-source)

- [Compatibility](#-compatibility)

- [FAQ](#-faq)

- [Contributing](#-contributing)

- [License](#-license)

## 🚀 Features

- **Automatic CAPTCHA Solving**:

  - reCAPTCHA v2

  - reCAPTCHA v3

- **Support for Popular Services**:

  - [2Captcha](https://2captcha.com/)

  - [Anti-Captcha](https://anti-captcha.com/)

  - [CapMonster](https://capmonster.cloud/)

- **Robust Architecture**:

  - Configurable thread management

  - Retry logic with error handling

  - Statistics tracking

  - High load detection

  - Custom timeout configuration

## 🎥 Demonstration Video

[![reSolver Demo Video](https://img.youtube.com/vi/9hI14Thj1aY/0.jpg)](https://www.youtube.com/watch?v=9hI14Thj1aY)

This video was created to demonstrate the real-world application of the reSolver plugin for BurpSuite.

In this video, we show an example of using it together with BurpSuite's built-in tool - Intruder.

The video demonstrates that in just 1 minute, we successfully send 100 requests to the server across 10 threads and successfully bypass reCAPTCHA v2 verification.

## 🚦 Getting Started

### Requirements

- Burp Suite (latest version recommended)

- Java 11+

- Account with one of the supported CAPTCHA solving services

### Installation

1. Download the latest version of the extension from [GitHub Releases](https://github.com/TheQmaks/reSolver/releases)

2. In Burp Suite, go to Extensions → Installed

3. Click "Add" and select the downloaded JAR file

4. After loading, the extension will be ready to use

## 🛠️ Usage

### Configuring Services

1. Go to the "Services" tab

2. Enter your API keys for one or more services

3. Enable the services you want to use

4. The balance will be automatically checked and displayed when a valid API key is entered

### Using CAPTCHA Placeholders

Add CAPTCHA placeholders to your requests using the following format:

```

{{CAPTCHA[:]TYPE[:]SITEKEY[:]URL[:][OPTIONAL_PARAMS]}}

```

Where:

- `TYPE` is the CAPTCHA type code (e.g., `recaptchav2`, `recaptchav3`)

- `SITEKEY` is the site key for the CAPTCHA

- `URL` is the URL where the CAPTCHA is located

- `OPTIONAL_PARAMS` are additional parameters as key-value pairs (comma-separated)

### Optional Parameters

The following optional parameters are supported:

- `timeout_seconds` - Custom timeout duration for CAPTCHA solving (default: 30 seconds)

  - Minimum value: 10 seconds

  - Maximum value: 120 seconds

  - Example: `timeout_seconds=60` to set a 60-second timeout

- `invisible` - Indicates that the reCAPTCHA v2 is an invisible type

  - Example: `invisible` to mark the CAPTCHA as invisible

- `enterprise` - Indicates that the reCAPTCHA is an enterprise version

  - Example: `enterprise` to use enterprise solving methods

- For reCAPTCHA v3:

  - `action` - The action name for reCAPTCHA v3 (default: "verify")

  - `min_score` - Minimum score threshold for reCAPTCHA v3 (default: varies by service)

### Basic Examples

**reCAPTCHA v2 with default timeout:**

```

{{CAPTCHA[:]recaptchav2[:]6LcwIQwfAAAAANmAYa9nt-J_x0Sfh6QcY-x1Vioe[:]https://example.com}}

```

**reCAPTCHA v2 with custom timeout (60 seconds):**

```

{{CAPTCHA[:]recaptchav2[:]6LcwIQwfAAAAANmAYa9nt-J_x0Sfh6QcY-x1Vioe[:]https://example.com[:]timeout_seconds=60}}

```

**reCAPTCHA v2 Enterprise invisible with custom timeout:**

```

{{CAPTCHA[:]recaptchav2[:]6LcwIQwfAAAAANmAYa9nt-J_x0Sfh6QcY-x1Vioe[:]https://example.com[:]invisible,enterprise,timeout_seconds=60}}

```

**reCAPTCHA v3 with default parameters:**

```

{{CAPTCHA[:]recaptchav3[:]6LcwIQwfAAAAANmAYa9nt-J_x0Sfh6QcY-x1Vioe[:]https://example.com}}

```

**reCAPTCHA v3 Enterprise with action and min_score:**

```

{{CAPTCHA[:]recaptchav3[:]6LcwIQwfAAAAANmAYa9nt-J_x0Sfh6QcY-x1Vioe[:]https://example.com[:]enterprise,action=login,min_score=0.7}}

```

### Viewing Statistics

Navigate to the "Statistics" tab to view metrics about:

- Number of attempts (success/failure)

- Average solving time

- Success rate per CAPTCHA type and service

## 📝 Real-world Examples with 2Captcha Demo

These examples demonstrate how to use reSolver with the 2Captcha demo site. You can test these examples to see the extension in action.

### reCAPTCHA v2 Standard

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6LfD3PIbAAAAAJs_eEHvoOl75_83eXSqpPSRFJ_u",

    "answer": "{{CAPTCHA[:]recaptchav2[:]6LfD3PIbAAAAAJs_eEHvoOl75_83eXSqpPSRFJ_u[:]https://2captcha.com/demo/recaptcha-v2}}"

  }

  ```

### reCAPTCHA v2 Invisible

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6LdO5_IbAAAAAAeVBL9TClS19NUTt5wswEb3Q7C5",

    "answer": "{{CAPTCHA[:]recaptchav2[:]6LdO5_IbAAAAAAeVBL9TClS19NUTt5wswEb3Q7C5[:]https://2captcha.com/demo/recaptcha-v2-invisible[:]invisible}}"

  }

  ```

### reCAPTCHA v2 Callback

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6LfD3PIbAAAAAJs_eEHvoOl75_83eXSqpPSRFJ_u",

    "answer": "{{CAPTCHA[:]recaptchav2[:]6LfD3PIbAAAAAJs_eEHvoOl75_83eXSqpPSRFJ_u[:]https://2captcha.com/demo/recaptcha-v2-callback}}"

  }

  ```

### reCAPTCHA v2 Enterprise

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha-enterprise/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6Lf26sUnAAAAAIKLuWNYgRsFUfmI-3Lex3xT5N-s",

    "token": "{{CAPTCHA[:]recaptchav2[:]6Lf26sUnAAAAAIKLuWNYgRsFUfmI-3Lex3xT5N-s[:]https://2captcha.com/demo/recaptcha-v2-enterprise[:]enterprise}}"

  }

  ```

### reCAPTCHA v3

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6Lcyqq8oAAAAAJE7eVJ3aZp_hnJcI6LgGdYD8lge",

    "answer": "{{CAPTCHA[:]recaptchav3[:]6Lcyqq8oAAAAAJE7eVJ3aZp_hnJcI6LgGdYD8lge[:]https://2captcha.com/demo/recaptcha-v3[:]min_score=0.7}}"

  }

  ```

### reCAPTCHA v3 Enterprise

  View

  

  ```http

  POST /api/v1/captcha-demo/recaptcha-enterprise/verify HTTP/2

  Host: 2captcha.com

  Content-Type: application/json

  

  {

    "siteKey": "6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b",

    "token": "{{CAPTCHA[:]recaptchav3[:]6Lel38UnAAAAAMRwKj9qLH2Ws4Tf2uTDQCyfgR6b[:]https://2captcha.com/demo/recaptcha-v3-enterprise[:]enterprise,min_score=0.9}}"

  }

  ```

## 📦 Building from Source

1. Clone the repository:

   ```bash

   git clone https://github.com/TheQmaks/reSolver.git

   cd reSolver

   ```

2. Build using Gradle:

   ```bash

   ./gradlew build

   ```

   or for Windows:

   ```bash

   gradlew.bat build

   ```

3. Find the JAR file in the `build/libs` directory

4. Load the extension in Burp Suite from the Extensions tab

## 🔄 Compatibility

- **Burp Suite**: 2024.x and newer

- **Java**: 11 and newer

- **Operating Systems**: Windows, macOS, Linux

## ❓ FAQ

Which CAPTCHA solving service is the best?

 Each service has its advantages. 2Captcha is typically cheaper, while Anti-Captcha and CapMonster are often faster. We recommend configuring multiple services with different priorities for optimal results. 


How do I find the SiteKey for a CAPTCHA?

Usually, the SiteKey can be found in the page source code. Look at the HTML code and find the "data-sitekey" attribute in a div element with class "g-recaptcha" or similar.


Why does CAPTCHA solving take a long time?

Solving time depends on the workload of the chosen service. During high demand periods, waiting times can increase. You can adjust the timeout using the timeout_seconds parameter.


## 👥 Contributing

Contributions are welcome! If you want to contribute:

1. Fork the repository

2. Create a branch for your changes:

   ```bash

   git checkout -b feature/amazing-feature

   ```

3. Make your changes and commit them:

   ```bash

   git commit -m 'Add some amazing feature'

   ```

4. Push to your fork:

   ```bash

   git push origin feature/amazing-feature

   ```

5. Create a Pull Request

## 📄 License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

This means you are free to:

- Use, copy, modify, and distribute the software

- Use the software for commercial purposes

- Sublicense and distribute copies of the software as part of your own projects

Under the following terms:

- The original copyright notice and permission notice shall be included in all copies or substantial portions of the software

- The software is provided "as is", without any warranties