z555

Rebooting my computer didn't solve the problem. Reinstalling the software did solve the problem.

I tried to log in, but the poker client failed to open. Watch the screen capture on youtube to see what I mean.

Yes, it's a bypass that almost certainly has no further significant security implications.

Deleting one file fools the system enough to provide a new ID for captcha purposes. making cross-session evaluation impossible for the captcha. That seems like a bypass.

1. A login can only be done through the poker client. Encryption protocols are secret and safely tucked into the poker client. So all attacks have to happen through the client. This is good because the client is always between the attacker and the server. 2. Every installed poker client should be uniquely identifiable. As any poker player has a unique login name, a poker client should have a unique client-id. This client-id is set during the first client-server interaction after installation. In principle, it is set once and remains the same forever. The server will request a new captcha token from Google to be used with this poker client. This means all login attempts from a poker-client are linked to a single captcha-token. This is the way it should be. 3. The problem. Deleting the cookie-file fools the client into thinking this is a new installation. It will contact the server claiming it is a new installation. The server believes the client and grants a new poker-client-id every time. The server also requests a new captcha-token from Google. This means every login from the same poker-client uses a different captcha-token. @Stubbe-Unibet I don't know how to manage a large product like a poker site. It requires a lot of skills that I don't possess. However, my skills include SQL , C++ , and JS. It's hard to be sure who misunderstood who.

Should I install a new future on the disk drive? In my opinion, 99% of all Cleaner programs are viruses. They work like this: A website will fake a virus using some harmless JS/HTML code. This might look scary, but it's confined to the browser sandbox. At this point, nothing is compromised, but it spooks the uninformed user to install a PC cleaner program. Cleaner programs are .exe files. These are installed outside the browser sandbox and have full access to all the computer resources. To be clear. I don't fear for my computer's safety. Deleting that cookie from the poker client isn't harmful to my computer. However I still remain critical towards workaround.

First, let's have a moment to appreciate the surreal situation. Humans are now using automated batch scripts to avoid bot detection. On a more serious note, we could ask ourselves. Why? Why is the captcha there in the first place? It's placed after we type in the "password and user" but before we send that data to the server. In this spot, the captcha protects against two distinct threats, Brute Force Attacks (BFAs) and Automated-Login-Threats (ALTs). A Brute Force Attack is a hacker trying to guess your login and password. An Automated-Login-Threat is more related to people deploying poker bots or collusion software. Captcha has at least two mechanisms of protection delaying tactics and intelligence detection. Delay tactics render brute force attacks impossible. Intelligence detection mainly hampers ALTs. Captcha technology is useful in protecting client accounts and the poker environment. So why are we celebrating that Captcha can be circumvented with a single line in a .bat file? Don't get me wrong; solving a captcha before (re)entering the client is hugely annoying. And that's the reason why I stopped playing. But seeing a possible security vulnerability glorified as a workaround is mind-blowing. The workaround shows how easy it is, and was, to bypass Captcha challenges. Deleting one file is enough. I'm no expert in cybersecurity, but this looks clumsy. There may be deeper safety checks in the (login)-system; in that case, I'm worrying over nothing.

One way you could do this is by throwing a curve ball. 99.9% of the capchas where (cars,bus, fire hydrant,crossing,bicycle, motorbike and traffic lights). A well trained bot could solve these with ease. But every 0.1% is an outlier. (Like: parking meters.) A piece of cake for human, but a complete unkown for the bot. I got bored after a while, but i did unlock the final boss message of captha. ( your computer or network is sending automatic replies, please try again later.) which locked me out for 15 minutes.

I'm live on Twitch, trying to log in to this dumpster fire.

If you take it as a coin flip, the odds will be 1 in 16384 (or 1 in 2^14).

My workaround for this moment. Make a partypoker account, make a 500€ transaction and play without any hassle.