hakuneko: [Bug] CloudFlare Challenge get stuck in Infinite Loop

Describe the bug

When opening any website that is protected through a CloudFlare JavaScript challenge, the website is stuck in an infinite reload loop instead of solving the challenge and redirecting to the content of the website.

This affects many websites right now that can no longer be used in HakuNeko due to this issue!

To Reproduce

Steps to reproduce the behavior:

With HakuNeko

  1. Start HakuNeko
  2. Open the Website choosing List
  3. Search for raws.mangazuki.co
  4. Open the manual website interaction link on the result => Observe the website re-loads forever

With Electron

  1. Start electron ./node_modules/.bin/electron
  2. Open the developer tools (e.g. from electron menu)
  3. Switch to the console tab and type window.location = 'https://cloudscraper.cf/cloudflare/challenge.html' => Observe the website re-loads forever

References

About this issue

  • Original URL
  • State: open
  • Created 3 years ago
  • Reactions: 1
  • Comments: 44 (24 by maintainers)

Most upvoted comments

Updates for users on this issue. The fix requires to upgrade the main component that HakuNeko is using. It needs a non negligeable amount of work and Ronny is having a lot of IRL work and therefore not a lot of free time time to contribute on this. He’s the most knowledgeable on this matter and as such we kindly ask for your patience.

+6
Sheepux on Feb 6, 2021

I haven’t tested this yet with the provided user agent, but i guess this was just a lucky hit. It would be way too simple if it could be bypassed that easily.

+3
ronny1982 on May 21, 2021

This comment was for a temp solution for current hakuneko

+2
Sheepux on Aug 7, 2023

apparently the loop is caused by the current user-agent hakuneko uses. I verified this:

  1. Copying hakuneko’s user-agent to my local firefox causes my browser the same loop
  2. Forcing this user-agent (‘Mozilla/5.0 (Linux; Android 9; Pixel) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4026.0 Mobile Safari/537.36’) in hakuneko fixes the problem. Here is my commit for AsuraScans bcf2a64

I’m not a programmer, so I’m not sure how does this fix work.

But will this user-agent fix also work on other website that uses cloudflare?

Tested in IchirinNoHanaYuri, not working.

+2
M4lho on May 23, 2021

fun fact, you can pass cloudflare just by changing useragent to windows - opera or another one that can pass cloudflare https://b.catgirlsare.sexy/pJRrpsgr8Aok.mp4

+1
therootaf on Oct 10, 2022

The electron fix seems to have been added somewhere between v9.0.0-nightly.20200121 and v9.0.0-beta.1

❌ Electron 6.0.0 ❌ Electron 6.1.12 ❌ Electron 7.0.0 ❌ Electron 7.3.3 ❌ Electron 8.0.0 ❌ Electron 8.5.5 ❌ Electron 9.0.0-nightly.20191122 ❌ Electron 9.0.0-nightly.20200121 ✔️ Electron 9.0.0-beta.1 ✔️ Electron 9.0.0 ✔️ Electron 9.4.1 ✔️ Electron 10.0.0-nightly.20200209 ✔️ Electron 10.0.0 ✔️ Electron 10.3.0 ✔️ Electron 11.0.0 ✔️ Electron 11.2.0

+1
ronny1982 on Jan 17, 2021
Read more comments on GitHub
← angular-oauth2-oidc: Validating access_token failed, wrong state/nonce
manga-py: Bug: webtoons  →