403 Forbidden error again

Question

403 Forbidden error again

bitshiftr opened this issue 3 years ago · comments

bitshiftr commented 3 years ago

Looks like they have changed something again. Here is the error I am getting:

Unable to Create OTP

<title>403 Forbidden</title>

403 Forbidden

pallupz commented 3 years ago

oh man!

sixfooter · Answer 1 · Thu May 06 2021 19:10:16 GMT+0800 (China Standard Time)

yes, its changing , #80 (comment)

bitshiftr · Answer 2 · Thu May 06 2021 19:11:13 GMT+0800 (China Standard Time)

Cowin site itself seems to be non functional

sixfooter · Answer 3 · Thu May 06 2021 19:12:16 GMT+0800 (China Standard Time)

this time, its with the first step of sending the OTP .
Cowin seems to still work.

bitshiftr · Answer 4 · Thu May 06 2021 19:12:30 GMT+0800 (China Standard Time)

and we are back again!

Sidbeheraunsw · Answer 5 · Thu May 06 2021 19:13:51 GMT+0800 (China Standard Time)

Is it working for you guys ?

pallupz · Answer 6 · Thu May 06 2021 19:14:28 GMT+0800 (China Standard Time)

yea its working but its spotty. not a good sign.

Sidbeheraunsw · Answer 7 · Thu May 06 2021 19:14:29 GMT+0800 (China Standard Time)

I could use it tomorrow but today I am not able to book

pallupz · Answer 8 · Thu May 06 2021 19:14:47 GMT+0800 (China Standard Time)

if they add a captcha, that will be game over

sixfooter · Answer 9 · Thu May 06 2021 19:14:56 GMT+0800 (China Standard Time)

its up again but it keeps getting tapped out once in a while.
While i dont think the script has an issue but the destination is changing sthg in between.

Amogh Dabholkar · Answer 10 · Thu May 06 2021 19:15:04 GMT+0800 (China Standard Time)

Yup working fine for now but need to get to the bottom of this

pallupz · Answer 11 · Thu May 06 2021 19:17:04 GMT+0800 (China Standard Time)

I will keep this open. Otherwise people will keep creating issues.

Sidbeheraunsw · Answer 12 · Thu May 06 2021 19:17:34 GMT+0800 (China Standard Time)

Thanks brother for your efforts

pallupz · Answer 13 · Thu May 06 2021 19:19:30 GMT+0800 (China Standard Time)

If this script was useful, please feel free to spread the word a bit - if you don't mind. Link: https://www.linkedin.com/feed/update/urn:li:activity:6794138228464193536/

Amogh Dabholkar · Answer 14 · Thu May 06 2021 19:25:08 GMT+0800 (China Standard Time)

BITSians ftw!

pallupz · Answer 15 · Thu May 06 2021 19:27:34 GMT+0800 (China Standard Time)

Hahaha.. I did their online course - not a "pure bred" BITSian I guess

Amogh Dabholkar · Answer 16 · Thu May 06 2021 19:28:35 GMT+0800 (China Standard Time)

Still, lovely job with this one, appreciate it!

tanmecolor · Answer 17 · Thu May 06 2021 19:29:57 GMT+0800 (China Standard Time)

Looks like they have changed something again. Here is the error I am getting:

Unable to Create OTP
<title>403 Forbidden</title> # 403 Forbidden

the rate limit for the api is 100 calls every 5 minutes from an IP , so when you schedule the scan for slots it would be better if you can increase the time between each scans, since the script takes values in seconds and the minimum being 5 seconds , it would be good that you increase the value to 120 seconds or in multiples of 60 . This would prevent the server from red flagging the IP (also prevent abuse) .

mrms123 · Answer 18 · Thu May 06 2021 21:36:15 GMT+0800 (China Standard Time)

The issue is if you have a CGNAT IP - many users on your network have the same IP. The rate limiting calculations will have to accommodate that, as more and more people start using scripts.

https://www.remoterig.com/wp/?page_id=3494
https://techenclave.com/threads/isp-in-bangalore-without-cgnat.189602/

Firoze Sethna · Answer 19 · Fri May 07 2021 01:55:18 GMT+0800 (China Standard Time)

the rate limit for the api is 100 calls every 5 minutes from an IP ,

@tanmecolor Is there any official ratelimits page?

Prithu Srinivas · Answer 20 · Fri May 07 2021 02:55:35 GMT+0800 (China Standard Time)

@pallupz I know this could be a silly question, but how did you generate the secret key hardcoded in generate_token_OTP function? is there a undocumented route to BearerAuth or ApiKey?

pallupz · Answer 21 · Fri May 07 2021 03:01:30 GMT+0800 (China Standard Time)

no, I just used developer mode on browser to get it.. fortunately it works in most cases

pallupz · Answer 22 · Fri May 07 2021 03:01:47 GMT+0800 (China Standard Time)

until they stop it, that is