update

endpoints/cloudflare-cookies.js

@@ -0,0 +1,124 @@
+async function cloudflareCookies({ domain, cookies = [], proxy = null, mobile = false }, page) {
+  if (!domain) throw new Error("Missing domain parameter");
+
+  const timeout = global.timeOut || 60000;
+  let isResolved = false;
+
+  const cl = setTimeout(async () => {
+    if (!isResolved) {
+      throw new Error("Timeout Error");
+    }
+  }, timeout);
+
+  try {
+    // Proxy authentication
+    if (proxy?.username && proxy?.password) {
+      await page.authenticate({
+        username: proxy.username,
+        password: proxy.password,
+      });
+    }
+
+    // Set cookies jika ada
+    if (cookies && cookies.length > 0) {
+      console.log('Setting cookies:', cookies.length);
+      
+      const cookieObjects = cookies.map(cookie => {
+        if (typeof cookie === 'string') {
+          // Parse string cookie format: "name=value"
+          const [name, value] = cookie.split('=');
+          return {
+            name: name.trim(),
+            value: value.trim(),
+            domain: new URL(domain).hostname,
+            path: '/'
+          };
+        } else {
+          // Object cookie format
+          return {
+            name: cookie.name,
+            value: cookie.value,
+            domain: cookie.domain || new URL(domain).hostname,
+            path: cookie.path || '/'
+          };
+        }
+      });
+
+      await page.setCookie(...cookieObjects);
+      console.log('Cookies set successfully');
+    }
+
+    // Navigate to the page
+    console.log('Navigating to:', domain);
+    await page.goto(domain, { 
+      waitUntil: 'networkidle0', 
+      timeout: timeout 
+    });
+
+    // Wait a bit for any challenge to process
+    await page.waitForTimeout(5000);
+
+    // Check if we're still on challenge page
+    const isChallenge = await page.evaluate(() => {
+      return document.title.includes('Just a moment') || 
+             document.body.innerHTML.includes('challenge-form') ||
+             document.body.innerHTML.includes('cloudflare');
+    });
+
+    if (isChallenge) {
+      console.log('Cloudflare challenge detected, waiting...');
+      // Wait for challenge to complete (max 45 seconds)
+      try {
+        await page.waitForFunction(() => {
+          return !document.title.includes('Just a moment') && 
+                 !document.body.innerHTML.includes('challenge-form');
+        }, { timeout: 45000 });
+        console.log('Challenge completed!');
+      } catch (error) {
+        console.log('Challenge might still be processing...');
+      }
+    }
+
+    // Get current URL and cookies
+    const finalUrl = page.url();
+    const allCookies = await page.cookies();
+    
+    // Filter important Cloudflare cookies
+    const cfCookies = allCookies.filter(cookie => 
+      cookie.name.includes('cf_') || 
+      cookie.name.includes('__cf') ||
+      cookie.name.toLowerCase().includes('cloudflare')
+    );
+
+    // Get page content info
+    const pageInfo = await page.evaluate(() => {
+      return {
+        title: document.title,
+        url: window.location.href,
+        hasChallenge: document.title.includes('Just a moment') || 
+                     document.body.innerHTML.includes('challenge'),
+        hasFaucet: document.body.innerHTML.includes('faucet') ||
+                  document.body.innerHTML.includes('claim'),
+        hasForm: document.querySelector('form') !== null,
+        contentLength: document.body.innerHTML.length
+      };
+    });
+
+    isResolved = true;
+    clearTimeout(cl);
+
+    return {
+      success: !pageInfo.hasChallenge,
+      url: finalUrl,
+      cookies: cfCookies,
+      pageInfo: pageInfo,
+      allCookies: allCookies // Optional: include all cookies if needed
+    };
+
+  } catch (e) {
+    clearTimeout(cl);
+    throw e;
+  }
+}
+
+module.exports = cloudflareCookies;

endpoints/recaptchav2.js

@@ -1,82 +0,0 @@
-async function recaptchav2({ domain, siteKey, proxy }, page) {
-  if (!domain) throw new Error("Missing domain parameter");
-  if (!siteKey) throw new Error("Missing siteKey parameter");
-
-  const timeout = global.timeOut || 60000;
-
-  try {
-    if (proxy?.username && proxy?.password) {
-      await page.authenticate({
-        username: proxy.username,
-        password: proxy.password,
-      });
-    }
-
-    // Inject HTML dengan recaptcha
-    const htmlContent = `
-      <!DOCTYPE html>
-      <html>
-      <head>
-        <script src="https://www.google.com/recaptcha/api.js" async defer></script>
-      </head>
-      <body>
-        <div class="g-recaptcha" data-sitekey="${siteKey}" data-callback="onSuccess"></div>
-        <script>
-          window.onSuccess = function(token) {
-            document.getElementById('token-result').value = token;
-          };
-        </script>
-        <input type="hidden" id="token-result">
-      </body>
-      </html>
-    `;
-
-    await page.setRequestInterception(true);
-    page.on('request', async (request) => {
-      if (request.url() === domain && request.resourceType() === 'document') {
-        await request.respond({
-          status: 200,
-          contentType: 'text/html',
-          body: htmlContent
-        });
-      } else {
-        await request.continue();
-      }
-    });
-
-    await page.goto(domain, { waitUntil: "networkidle0", timeout: timeout });
-
-    // Tunggu recaptcha load
-    await page.waitForSelector('.g-recaptcha', { timeout: timeout });
-
-    // Cari frame recaptcha
-    const frameElement = await page.$('.g-recaptcha iframe');
-    if (!frameElement) throw new Error("Recaptcha iframe not found");
-    
-    const frame = await frameElement.contentFrame();
-    if (!frame) throw new Error("Could not get recaptcha frame");
-
-    // Klik checkbox
-    await frame.waitForSelector('#recaptcha-anchor', { timeout: timeout });
-    await frame.click('#recaptcha-anchor');
-
-    // Tunggu token
-    await page.waitForFunction(() => {
-      const tokenInput = document.getElementById('token-result');
-      return tokenInput && tokenInput.value && tokenInput.value.length > 10;
-    }, { timeout: timeout });
-
-    const token = await page.evaluate(() => {
-      return document.getElementById('token-result').value;
-    });
-
-    if (!token || token.length < 10) throw new Error("Failed to get recaptcha v2 token");
-    
-    return token;
-
-  } catch (e) {
-    throw e;
-  }
-}
-
-module.exports = recaptchav2;

index.js

@@ -6,7 +6,7 @@ const path = require("path")
 const app = express()
 const port = process.env.PORT || 7860
 const authToken = process.env.authToken || null
-const DOMAIN = 'https://rezaharis-captcha.hf.space'
+const DOMAIN = process.env.DOMAIN || 'https://rezaharis-captcha.hf.space'
 
 global.browserLimit = Number(process.env.browserLimit) || 20
 global.timeOut = Number(process.env.timeOut) || 60000
@@ -52,24 +52,33 @@ app.use(express.urlencoded({ extended: true }))
 app.get('/', (req, res) => {
   res.json({ 
     status: "active",
-    message: "Server is running"
+    message: "Cloudflare Bypass API is running",
+    endpoints: {
+      "/cloudflare": "Solve Cloudflare challenges (turnstile/iuam)",
+      "/cloudflare-cookies": "Bypass Cloudflare with cookies",
+      "/turnstile": "Solve Turnstile captcha",
+      "/recaptchav3": "Solve reCAPTCHA v3"
+    },
+    usage: "curl -X POST https://your-app.hf.space/cloudflare-cookies -H 'Content-Type: application/json' -d '{\"domain\":\"https://example.com\",\"cookies\":[\"cookie1=value1\"]}'"
   })
 })
 
-if (process.env.NODE_ENV !== 'development') {
-  let server = app.listen(port, () => {
-    console.log(`Server running on port ${port}`)
-  })
-  try {
-    server.timeout = global.timeOut
-  } catch {}
-}
-
 async function createBrowser(proxyServer = null) {
   const connectOptions = {
-    headless: false,
+    headless: true,
     turnstile: true,
-    connectOption: { defaultViewport: null },
+    connectOption: { 
+      defaultViewport: { width: 1920, height: 1080 },
+      args: [
+        '--no-sandbox',
+        '--disable-setuid-sandbox',
+        '--disable-dev-shm-usage',
+        '--disable-accelerated-2d-canvas',
+        '--no-first-run',
+        '--no-zygote',
+        '--disable-gpu'
+      ]
+    },
     disableXvfb: false,
   }
   
@@ -82,8 +91,6 @@ async function createBrowser(proxyServer = null) {
   const pages = await browser.pages()
   const page = pages[0]
 
-  await page.goto('about:blank')
-
   await page.setRequestInterception(true)
   page.on('request', (req) => {
     const type = req.resourceType()
@@ -97,8 +104,94 @@ async function createBrowser(proxyServer = null) {
   return { browser, page }
 }
 
-const recaptchav2 = require('./endpoints/recaptchav2')
+// Import endpoints
+const turnstile = require('./endpoints/turnstile')
+const cloudflare = require('./endpoints/cloudflare')
+const cloudflareCookies = require('./endpoints/cloudflare-cookies')
+
+// Cloudflare Challenge dengan Cookies
+app.post('/cloudflare-cookies', async (req, res) => {
+  const data = req.body;
+  
+  if (!data || !data.domain) {
+    return res.status(400).json({ 
+      message: "Parameter 'domain' diperlukan",
+      status: "failed"
+    });
+  }
+
+  if (authToken && data.authToken !== authToken) {
+    return res.status(401).json({ 
+      message: "Unauthorized",
+      status: "failed"
+    });
+  }
+
+  if (global.browserLimit <= 0) {
+    return res.status(429).json({ 
+      message: "Too Many Requests",
+      status: "failed"
+    });
+  }
+
+  const cacheKey = JSON.stringify(data);
+  const cached = readCache(cacheKey);
+  if (cached) {
+    return res.status(200).json({ 
+      ...cached,
+      cached: true,
+      status: "success"
+    });
+  }
+
+  global.browserLimit--;
+  let result;
+  let browser, page;
+
+  try {
+    const proxyServer = data.proxy ? `${data.proxy.hostname}:${data.proxy.port}` : null;
+    const ctx = await createBrowser(proxyServer);
+    browser = ctx.browser;
+    page = ctx.page;
+
+    // Set user agent mobile jika diperlukan
+    if (data.mobile) {
+      await page.setUserAgent('Mozilla/5.0 (Linux; Android 14; CPH2641 Build/UP1A.231005.007) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.7390.97 Mobile Safari/537.36');
+      await page.setViewport({ width: 980, height: 1743 });
+    }
+
+    result = await cloudflareCookies(data, page)
+      .then(r => ({ 
+        ...r,
+        status: "success"
+      }))
+      .catch(err => ({ 
+        code: 500, 
+        message: err.message,
+        status: "failed"
+      }));
+
+    if (result.status === "success") {
+      writeCache(cacheKey, result);
+    }
+
+  } catch (err) {
+    result = { 
+      code: 500, 
+      message: err.message,
+      status: "failed"
+    };
+  } finally {
+    if (browser) {
+      try { await browser.close() } catch {}
+    }
+    global.browserLimit++;
+  }
+
+  res.status(result.code ?? 200).json(result);
+});
 
+// Endpoint Cloudflare yang sudah ada
 app.post('/cloudflare', async (req, res) => {
   const data = req.body
   
@@ -130,25 +223,34 @@ app.post('/cloudflare', async (req, res) => {
     })
   }
 
-  global.browserLimit--
-  let result
-  let browser, page
+  let cacheKey, cached;
+  if (data.mode === "iuam") {
+    cacheKey = JSON.stringify(data);
+    cached = readCache(cacheKey);
+    if (cached) {
+      return res.status(200).json({ 
+        ...cached,
+        cached: true,
+        status: "success"
+      });
+    }
+  }
+
+  global.browserLimit--;
+  let result;
+  let browser, page;
 
   try {
-    const proxyServer = data.proxy ? `${data.proxy.hostname}:${data.proxy.port}` : null
-    const ctx = await createBrowser(proxyServer)
-    browser = ctx.browser
-    page = ctx.page
+    const proxyServer = data.proxy ? `${data.proxy.hostname}:${data.proxy.port}` : null;
+    const ctx = await createBrowser(proxyServer);
+    browser = ctx.browser;
+    page = ctx.page;
 
-    await page.goto('about:blank')
+    await page.goto('about:blank');
 
     switch (data.mode) {
-      case "recaptchav2":
-        result = await recaptchav2({
-          domain: data.domain,
-          siteKey: data.siteKey, 
-          proxy: data.proxy
-        }, page)
+      case "turnstile":
+        result = await turnstile(data, page)
           .then(token => ({ 
             token,
             status: "success"
@@ -157,39 +259,121 @@ app.post('/cloudflare', async (req, res) => {
             code: 500, 
             message: err.message,
             status: "failed"
+          }));
+        break;
+
+      case "iuam":
+        result = await cloudflare(data, page)
+          .then(r => ({ 
+            ...r,
+            status: "success"
           }))
-        break
+          .catch(err => ({ 
+            code: 500, 
+            message: err.message,
+            status: "failed"
+          }));
 
+        if (!result.code || result.code === 200) {
+          writeCache(cacheKey, result);
+        }
+        break;
+        
       default:
         result = { 
           code: 400, 
           message: 'Invalid mode',
           status: "failed"
-        }
+        };
     }
   } catch (err) {
     result = { 
       code: 500, 
       message: err.message,
       status: "failed"
+    };
+  } finally {
+    if (browser) {
+      try { await browser.close() } catch {}
     }
+    global.browserLimit++;
+  }
+
+  res.status(result.code ?? 200).json(result);
+});
+
+// Endpoint khusus Turnstile
+app.post('/turnstile', async (req, res) => {
+  const data = req.body;
+  
+  if (!data || !data.siteKey || !data.domain) {
+    return res.status(400).json({ 
+      message: "Parameter 'siteKey' dan 'domain' diperlukan",
+      status: "failed"
+    });
+  }
+
+  if (authToken && data.authToken !== authToken) {
+    return res.status(401).json({ 
+      message: "Unauthorized",
+      status: "failed"
+    });
+  }
+
+  global.browserLimit--;
+  let result;
+  let browser, page;
+
+  try {
+    const proxyServer = data.proxy ? `${data.proxy.hostname}:${data.proxy.port}` : null;
+    const ctx = await createBrowser(proxyServer);
+    browser = ctx.browser;
+    page = ctx.page;
+
+    result = await turnstile(data, page)
+      .then(token => ({ 
+        token,
+        status: "success"
+      }))
+      .catch(err => ({ 
+        code: 500, 
+        message: err.message,
+        status: "failed"
+      }));
+
+  } catch (err) {
+    result = { 
+      code: 500, 
+      message: err.message,
+      status: "failed"
+    };
   } finally {
     if (browser) {
       try { await browser.close() } catch {}
     }
-    global.browserLimit++
+    global.browserLimit++;
   }
 
-  res.status(result.code ?? 200).json(result)
-})
+  res.status(result.code ?? 200).json(result);
+});
 
 app.use((req, res) => {
   res.status(404).json({ 
     message: "Not Found",
     status: "failed"
-  })
-})
+  });
+});
+
+if (process.env.NODE_ENV !== 'development') {
+  let server = app.listen(port, () => {
+    console.log(`Server running on port ${port}`);
+    console.log(`Domain: ${DOMAIN}`);
+  });
+  try {
+    server.timeout = global.timeOut;
+  } catch {}
+}
 
 if (process.env.NODE_ENV === 'development') {
-  module.exports = app
+  module.exports = app;
 }

package.json

@@ -1,16 +1,20 @@
 {
-  "name": "cf-bypass",
-  "version": "1.0",
-  "description": "get the cf_clearance cookie from any website",
+  "name": "cloudflare-bypass-api",
+  "version": "1.0.0",
+  "description": "API untuk bypass Cloudflare challenge dengan cookies",
+  "main": "index.js",
   "scripts": {
     "start": "node index.js",
-    "dev": "nodemon index.js"
+    "dev": "node index.js"
   },
   "dependencies": {
-    "express": "^5.1.0",
-    "puppeteer-real-browser": "^1.4.0"
+    "express": "^4.18.2",
+    "puppeteer": "^21.5.2",
+    "puppeteer-extra": "^3.3.6",
+    "puppeteer-extra-plugin-stealth": "^2.11.2",
+    "puppeteer-real-browser": "^0.0.9"
   },
-  "devDependencies": {
-    "nodemon": "^3.1.10"
+  "engines": {
+    "node": ">=18.0.0"
   }
-}
+}