Skip to content

[BUG] Two critical issues: Trust Builder CAPTCHA not solved + QR code verification crash on desktop OS #3

Description

@fgvcbv

Issue 1: Deep Trust Builder — Google Search CAPTCHA Not Auto-Solved

Description

When using Option 1 (SINGLE_FREE), the Deep Trust Builder phase opens Google Search to build trust before account creation. Google frequently presents a CAPTCHA
challenge (anti-bot interception page at google.com/sorry/index), but the program does not attempt to solve it — it just hangs or fails silently.

The CapSolver API key is correctly configured in config/settings.yaml and works fine for the signup page reCAPTCHA.

Steps to Reproduce

  1. Configure settings.yaml with a valid CapSolver API key
  2. Run python main.py → Select Option 1 (SINGLE_FREE)
  3. Deep Trust Builder opens Google Search
  4. Google presents a CAPTCHA challenge
  5. Program does not solve it — hangs indefinitely

Root Cause

The CAPTCHA solver integration (CaptchaSolver class) is only invoked during the Gmail signup flow (creators/web_creator.py), not during the Trust Builder
search/browse operations. The search CAPTCHA (google.com/sorry/index) is a different type from the signup reCAPTCHA but can still be solved via CapSolver's
ReCaptchaV2Task.

Suggested Fix

Add CAPTCHA detection in the Trust Builder's Google Search function:

  1. After navigating to Google Search, check if redirected to /sorry/ or if a CAPTCHA element is present
  2. If detected, call the existing CaptchaSolver to solve it
  3. Retry the search after solving

Issue 2: Signup Crashes at Step 7 — Google Forces QR Code Verification Instead of SMS

Description

After completing Steps 1-6 (name, birthday, username, password), Google presents a QR code scan for phone verification instead of the traditional SMS input field.
The program crashes with:

Finalization failed: ElementHandle.click: Element is not attached to the DOM
This affects both Option 1 (SINGLE_FREE) and Option 2 (PREMIUM_FACTORY).

Root Cause

This is a Google platform change, not a code bug.

Google officially confirmed in early 2025 that they are transitioning from SMS to QR code verification. Google uses passive TCP/IP fingerprinting (p0f) to detect the
operating system:

┌───────────────────────────────┬───────────────────────┐
│ OS Fingerprint │ Verification Method │
├───────────────────────────────┼───────────────────────┤
│ Desktop (Windows/Linux/macOS) │ QR code (forced) │
├───────────────────────────────┼───────────────────────┤
│ Mobile (Android/iOS) │ SMS (still available) │
└───────────────────────────────┴───────────────────────┘

Since Playwright runs on a desktop OS, the TCP/IP fingerprint always identifies it as desktop, so Google forces QR code verification. This cannot be bypassed by browser
fingerprint spoofing alone.

References:

Current Impact

  • SINGLE_FREE (Option 1): Crashes at Step 7 — QR page elements not handled
  • PREMIUM_FACTORY (Option 2): Same crash — SMS flow never reached
  • 5sim / SMS-Activate integration: Effectively useless on desktop since Google no longer presents SMS option

Environment

  • OS: Windows 10 Pro (Build 19044)
  • Python: 3.12.4
  • Playwright: 1.58.0
  • CloakBrowser: 0.3.23
  • Proxy: Residential IP (clean, not the cause)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions