The CAPTCHA system tested so far was relatively straightforward to solve—the black font color meant the text could easily be distinguished from the background, and additionally, the text was level and did not need to be rotated for Tesseract to interpret it accurately. Often, you will find websites using simple custom CAPTCHA systems similar to this, and in these cases, an OCR solution is practical. However, if a website uses a more complex system, such as Google's reCAPTCHA, OCR will take a lot more effort and may not be practical. Here are some more complex CAPTCHA images from around the web:
In these examples, the text is placed at different angles and with different fonts and colors, so a lot more work needs to be done to clean the image before OCR is practical. They are also somewhat difficult for people to interpret, particularly for those with vision disabilities.
To solve these more complex images, we will make use of a CAPTCHA solving service. There are many CAPTCHA solving services available, such as 2captcha.com and deathbycaptcha.com, and they all offer a similar rate of around 1000 CAPTCHAs for $1. When a CAPTCHA image is passed to their API, a person will then manually examine the image and provide the parsed text in an HTTP response, typically within 30 seconds. For the examples in this section, we will use the service at 9kw.eu, which does not provide the cheapest per CAPTCHA rate or the best designed API. However, on the positive side, it is possible to use the API without spending money. This is because 9kw.eu allows users to manually solve CAPTCHAs to build up credit, which can then be spent on testing the API with our own CAPTCHAs.
To start using 9kw, you will need to first create an account at https://www.9kw.eu/register.html:
Then, follow the account confirmation instructions, and when logged in, navigate to https://www.9kw.eu/usercaptcha.html:
On this page, you can solve other people's CAPTCHAs to build up credit to later use with the API. After solving a few CAPTCHAs, navigate to https://www.9kw.eu/index.cgi?action=userapinew&source=api to create an API key.
The 9kw API is documented at https://www.9kw.eu/api.html#apisubmit-tab. The important parts for our purposes to submit a CAPTCHA and check the result are summarized here:
Submit captcha
URL: https://www.9kw.eu/index.cgi (POST)
apikey: your API key
action: must be set to "usercaptchaupload"
file-upload-01: the image to solve (either a file, url or string)
base64: set to "1" if the input is Base64 encoded
maxtimeout: the maximum time to wait for a solution (must be between 60 - 3999 seconds)
selfsolve: set to "1" to solve this CAPTCHA ourself
Return value: ID of this CAPTCHA
Request result of submitted captcha
URL: https://www.9kw.eu/index.cgi (GET)
apikey: your API key
action: must be set to "usercaptchacorrectdata"
id: ID of CAPTCHA to check
info: set to "1" to return "NO DATA" when there is not yet a solution (by default returns nothing)
Return value: Text of the solved CAPTCHA or an error code
Error codes
0001 API key doesn't exist
0002 API key not found
0003 Active API key not found
...
0031 An account is not yet 24 hours in the system.
0032 An account does not have the full rights.
0033 Plugin needs an update.
Here is an initial implementation to send a CAPTCHA image to this API:
import urllib
import urllib2
API_URL = 'https://www.9kw.eu/index.cgi'
def send_captcha(api_key, img_data):
data = {
'action': 'usercaptchaupload',
'apikey': api_key,
'file-upload-01': img_data.encode('base64'),
'base64': '1',
'selfsolve': '1',
'maxtimeout': '60'
}
encoded_data = urllib.urlencode(data)
request = urllib2.Request(API_URL, encoded_data)
response = urllib2.urlopen(request)
return response.read()This structure should hopefully be looking familiar by now—first, build a dictionary of the required parameters, encode them, and then submit this in the body of your request. Note that the selfsolve option is set to '1': this means that if we are currently solving CAPTCHAs at the 9kv web interface, this CAPTCHA image will be passed to us to solve, which saves us credit. If not logged in, the CAPTCHA image is passed to another user to solve as usual.
Here is the code to fetch the result of a solved CAPTCHA image:
def get_captcha(api_key, captcha_id):
data = {
'action': 'usercaptchacorrectdata',
'id': captcha_id,
'apikey': api_key
}
encoded_data = urllib.urlencode(data)
# note this is a GET request
# so the data is appended to the URL
response = urllib2.urlopen(API_URL + '?' + encoded_data)
return response.read()A drawback with the 9kw API is that the response is a plain string rather than a structured format, such as JSON, which makes distinguishing the error messages more complex. For example, if no user is available to solve the CAPTCHA image in time, the ERROR NO USER string is returned. Hopefully, the CAPTCHA image we submit never includes this text!
Another difficulty is that the get_captcha() function will return error messages until another user has had time to manually examine the CAPTCHA image, as mentioned earlier, typically 30 seconds later. To make our implementation friendlier, we will add a wrapper function to submit the CAPTCHA image and wait until the result is ready. Here is an expanded version that wraps this functionality in a reusable class, as well as checking for error messages:
import time
import urllib
import urllib2
import re
from io import BytesIO
class CaptchaAPI:
def __init__(self, api_key, timeout=60):
self.api_key = api_key
self.timeout = timeout
self.url = 'https://www.9kw.eu/index.cgi'
def solve(self, img):
"""Submit CAPTCHA and return result when ready
"""
img_buffer = BytesIO()
img.save(img_buffer, format="PNG")
img_data = img_buffer.getvalue()
captcha_id = self.send(img_data)
start_time = time.time()
while time.time() < start_time + self.timeout:
try:
text = self.get(captcha_id)
except CaptchaError:
pass # CAPTCHA still not ready
else:
if text != 'NO DATA':
if text == 'ERROR NO USER':
raise CaptchaError('Error: no user available to solve CAPTCHA')
else:
print 'CAPTCHA solved!'
return text
print 'Waiting for CAPTCHA ...'
raise CaptchaError('Error: API timeout')
def send(self, img_data):
"""Send CAPTCHA for solving
"""
print'Submitting CAPTCHA'
data = {
'action': 'usercaptchaupload',
'apikey': self.api_key,
'file-upload-01': img_data.encode('base64'),
'base64': '1',
'selfsolve': '1',
'maxtimeout': str(self.timeout)
}
encoded_data = urllib.urlencode(data)
request = urllib2.Request(self.url, encoded_data)
response = urllib2.urlopen(request)
result = response.read()
self.check(result)
return result
def get(self, captcha_id):
"""Get result of solved CAPTCHA
"""
data = {
'action': 'usercaptchacorrectdata',
'id': captcha_id,
'apikey': self.api_key,
'info': '1'
}
encoded_data = urllib.urlencode(data)
response = urllib2.urlopen(self.url + '?' + encoded_data)
result = response.read()
self.check(result)
return result
def check(self, result):
"""Check result of API and raise error if error code """
if re.match('00dd w+', result):
raise CaptchaError('API error: ' + result)
class CaptchaError(Exception):
pass The source for the CaptchaAPI class is also available at https://bitbucket.org/wswp/code/src/tip/chapter07/api.py, which will be kept updated if 9kw.eu modifies their API. This class is instantiated with your API key and a timeout, by default, set to 60 seconds. Then, the solve() method submits a CAPTCHA image to the API and keeps requesting the solution until either the CAPTCHA image is solved or a timeout is reached. To check for error messages in the API response, the check() method merely examines whether the initial characters follow the expected format of four digits for the error code before the error message. For more robust use of this API, this method could be expanded to cover each of the 34 error types.
Here is an example of solving a CAPTCHA image with the CaptchaAPI class:
>>> API_KEY = ...
>>> captcha = CaptchaAPI(API_KEY)
>>> img = Image.open('captcha.png')
>>> text = captcha.solve(img)
Submitting CAPTCHA
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
Waiting for CAPTCHA ...
CAPTCHA solved!
>>> text
juxhvgyThis is the correct solution for the first complex CAPTCHA image shown earlier in this chapter. If the same CAPTCHA image is submitted again soon after, the cached result is returned immediately and no additional credit is used:
>>> text = captcha.solve(img_data) Submitting CAPTCHA >>> text juxhvgy
Now that we have a working CAPTCHA API solution, we can integrate it with the previous form. Here is a modified version of the register function that now takes a function to solve the CAPTCHA image as an argument so that it can be used with either the OCR or API solutions:
def register(first_name, last_name, email, password, captcha_fn):
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
html = opener.open(REGISTER_URL).read()
form = parse_form(html)
form['first_name'] = first_name
form['last_name'] = last_name
form['email'] = email
form['password'] = form['password_two'] = password
img = extract_image(html)
form['recaptcha_response_field'] = captcha_fn(img)
encoded_data = urllib.urlencode(form)
request = urllib2.Request(REGISTER_URL, encoded_data)
response = opener.open(request)
success = '/user/register' not in response.geturl()
return successHere is an example of how to use it:
>>> captcha = CaptchaAPI(API_KEY) >>> register(first_name, last_name, email, password, captcha.solve) Submitting CAPTCHA Waiting for CAPTCHA ... Waiting for CAPTCHA ... Waiting for CAPTCHA ... Waiting for CAPTCHA ... Waiting for CAPTCHA ... Waiting for CAPTCHA ... Waiting for CAPTCHA ... True
It worked! The CAPTCHA image was successfully extracted from the form, submitted to the 9kv API, solved manually by another user, and then the result was submitted to the web server to register a new account.