Jump to content
Frequently Asked Questions
  • Are you not able to open the client? Try following our getting started guide
  • Still not working? Try downloading and running JarFix
  • Help! My bot doesn't do anything! Enable fresh start in client settings and restart the client
  • How to purchase with PayPal/OSRS/Crypto gold? You can purchase vouchers from other users
  • Anyone managed to bypass the Incapsula restrictions for account creation?


    Sicilian7

    Recommended Posts

    It looks like Jagex have installed a new defense on their website: Incapsula. When I try to send a HTTPS request to create more accounts, I get a response with "Incidient Incident", which I am assuming to mean that their systems were able to detect that I was not a human creating the account.

    Has anyone been able to bypass this and still mass create accounts? I'm very curious how Incapsula is detecting that my browser is not human, given that I am spoofing most of the request properties in my HTTPS get.

    Link to comment
    Share on other sites

    Incapsula seems to be a system implemented to stop robots from submitting requests. Without knowing too much on the subject, are you sending a user-agent with your request?

    Link to comment
    Share on other sites

    21 hours ago, Soldtodie said:

    If you want to use httpClient in Java you have to deobfuscate this javascript file: https://secure.runescape.com/af92d108180cb7c3523f6242ce5660c3

    because httpClient can't run javascript.

    Another solution you could try is a browser emulation framework like Selenium.

    Could you elaborate more on that file? what is its purpose? why is it obfuscated? why do i need to deobfuscate it?

    Link to comment
    Share on other sites

    • 4 weeks later...
    On 8/19/2020 at 6:45 PM, Sicilian7 said:

    Could you elaborate more on that file? what is its purpose? why is it obfuscated? why do i need to deobfuscate it?

    <head><script src="/af92d108180cb7c3523f6242ce5660c3" async></script>

     

    This is included at the top of the page source. I assume that's where you were looking for the reference in the page

    Link to comment
    Share on other sites

    27 minutes ago, Sicilian7 said:

    I've since figured out how to bypass Incapsula. With Selenium it wasn't too difficult.

    nice, I had the same issue a while ago, I haven't made a selenium version tho.

     

    Just curious did you make a script to edit the page source of the html file to create a rs account and input your recaptcha token there? or how did you submit a captcha with each signup?

    Link to comment
    Share on other sites

    36 minutes ago, Threadripper said:

    nice, I had the same issue a while ago, I haven't made a selenium version tho.

     

    Just curious did you make a script to edit the page source of the html file to create a rs account and input your recaptcha token there? or how did you submit a captcha with each signup?

    I haven't really made that many accounts so perhaps my approach doesn't scale too well. My understanding is that they only use captcha if you are sending too many requests from a given IP address. To get around this, you can use a rotating proxy. 

    To bypass the Incapsula, you need to make sure whatever browser you're using has cookies and Javascript enabled. You also need to make sure your browser fingerprint matches that of a legitimate  user.

    In the end, I decided to buy accounts from other's as it suits my purposes much better. So I no longer concern myself with all of this. 

    Link to comment
    Share on other sites

    Archived

    This topic is now archived and is closed to further replies.

    ×
    ×
    • Create New...

    Important Information

    We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.