Solves proof-of-work challenges served by TecharoHQ/anubis (https://anubis.techaro.lol/).
Bots will always find a way to bypass WAFs while real users are forced to waste CPU cycles on a loading screen. This is a proof of concept to show how easy it is to bypass this type of antibot protection.
This project comes with two different modes of operation. The former approach is recommended if you require quick solves, the latter is (supposed to be) more future-proof.
To solve the challenge almost instantly, without evaluating any of the JavaScript challenge code, pass in the --native flag:
$ go run main.go --nativeThis solves the challenge even faster than a real browser could!
To solve the challenge in a more 'legit' manner, by evaluating the JavaScript challenge code, omit the flag:
$ go run main.goTo make this a little more interesting for myself, I set some goals for this project:
- Use the V8 engine directly to execute the JavaScript code dynamically. No browser automation. No hardcoding.
- Make (almost) no changes to the original challenge JS bundle.
- Speed.