Back to Details

gpt-agreement-payment-replay

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Gpt-Agreement-Payment Replay Toolkit

Gpt-Agreement-Payment 重放工具包

Skill by ara.so — Daily 2026 Skills collection.
End-to-end protocol replay toolkit that automates the 
Stripe Checkout → PayPal billing agreement → ChatGPT manual-approval → Codex OAuth + PKCE
chain. Includes a from-scratch hCaptcha visual solver (~4000 lines), empirical anti-fraud research data, and a 12-path self-healing daemon.
ara.so 开发的技能工具 — 2026每日技能合集。
一款端到端协议重放工具包,可自动完成
Stripe Checkout → PayPal计费协议 → ChatGPT手动审核 → Codex OAuth + PKCE
流程链。包含从零构建的hCaptcha视觉求解器(约4000行代码)、反欺诈实证研究数据,以及具备12种自愈路径的守护进程。

Installation

安装

System Requirements

系统要求

  • Linux (Ubuntu 22.04+ recommended), ~5 GB disk, ~2 GB RAM
  • Python 3.11+
  • Xvfb for headless browser automation
bash
undefined
  • Linux(推荐Ubuntu 22.04+),约5GB磁盘空间,约2GB内存
  • Python 3.11+
  • Xvfb(用于无头浏览器自动化)
bash
undefined

System dependencies

System dependencies

sudo apt-get install -y xvfb xauth gost
sudo apt-get install -y xvfb xauth gost

Clone

Clone

git clone https://github.com/DanOps-1/Gpt-Agreement-Payment cd Gpt-Agreement-Payment
git clone https://github.com/DanOps-1/Gpt-Agreement-Payment cd Gpt-Agreement-Payment

Core Python dependencies

Core Python dependencies

pip install requests curl_cffi playwright camoufox browserforge mitmproxy pybase64
pip install requests curl_cffi playwright camoufox browserforge mitmproxy pybase64

Install browser engines

Install browser engines

playwright install firefox camoufox fetch
undefined
playwright install firefox camoufox fetch
undefined

ML Dependencies for hCaptcha Solver (optional, ~4 GB)

hCaptcha求解器的机器学习依赖(可选,约4GB)

bash
python -m venv ~/.venvs/ctfml
~/.venvs/ctfml/bin/pip install torch transformers opencv-python pillow numpy
bash
python -m venv ~/.venvs/ctfml
~/.venvs/ctfml/bin/pip install torch transformers opencv-python pillow numpy

WebUI (recommended for first-time setup)

WebUI(首次设置推荐使用)

bash
pip install -r webui/requirements.txt
cd webui/frontend && pnpm i && pnpm build && cd ../..
python -m webui.server
bash
pip install -r webui/requirements.txt
cd webui/frontend && pnpm i && pnpm build && cd ../..
python -m webui.server

Open http://127.0.0.1:8765 — runs 14-step wizard, generates configs

Open http://127.0.0.1:8765 — runs 14-step wizard, generates configs


---

---

Prerequisites Checklist

前置检查清单

Before running, you need:
RequirementNotes
PayPal account (EU)Must be EU-based (IE, DE, FR, etc.); first run needs manual OTP 2FA
EU/US proxyPayPal is region-locked; Stripe is country-locked
Cloudflare zoneFor catch-all subdomain email registration
Linux with Camoufox + Playwright~5 GB disk + 2 GB RAM
VLM API key (optional)OpenAI-compatible endpoint for hCaptcha solving
CAPTCHA platform API key (optional)createTask/getTaskResult protocol, fallback for passive captcha
运行前,你需要准备:
要求说明
PayPal账户(欧盟地区)必须为欧盟地区(爱尔兰、德国、法国等);首次运行需手动完成OTP双因素认证
欧盟/美国代理PayPal存在区域限制;Stripe存在国家限制
Cloudflare区域用于泛域名邮箱注册
安装Camoufox + Playwright的Linux环境约5GB磁盘 + 2GB内存
VLM API密钥(可选)兼容OpenAI的端点,用于hCaptcha求解
CAPTCHA平台API密钥(可选)遵循createTask/getTaskResult协议,作为被动验证码的备选方案

Configuration

配置

Copy and Edit Config Templates

复制并编辑配置模板

bash
cp CTF-pay/config.paypal.example.json     CTF-pay/config.paypal.json
cp CTF-reg/config.paypal-proxy.example.json   CTF-reg/config.paypal-proxy.json
bash
cp CTF-pay/config.paypal.example.json     CTF-pay/config.paypal.json
cp CTF-reg/config.paypal-proxy.example.json   CTF-reg/config.paypal-proxy.json

config.paypal.json — Key Fields

config.paypal.json — 关键字段

json
{
  "proxy": {
    "host": "your-proxy-host",
    "port": 1080,
    "username": "PROXY_USER",
    "password": "PROXY_PASS",
    "protocol": "socks5"
  },
  "paypal": {
    "email": "your-paypal-email@example.com",
    "password": "PAYPAL_PASS",
    "totp_secret": "PAYPAL_TOTP_SECRET"
  },
  "cloudflare": {
    "api_token": "CF_API_TOKEN",
    "zone_id": "CF_ZONE_ID",
    "domain": "yourdomain.com"
  },
  "webshare": {
    "api_key": "WEBSHARE_API_KEY"
  },
  "vlm": {
    "base_url": "https://api.openai.com/v1",
    "api_key": "VLM_API_KEY",
    "model": "gpt-4o"
  },
  "captcha_platform": {
    "api_key": "CAPTCHA_PLATFORM_KEY",
    "base_url": "https://api.2captcha.com"
  },
  "subscription_type": "team",
  "output_path": "output/results.jsonl"
}
json
{
  "proxy": {
    "host": "your-proxy-host",
    "port": 1080,
    "username": "PROXY_USER",
    "password": "PROXY_PASS",
    "protocol": "socks5"
  },
  "paypal": {
    "email": "your-paypal-email@example.com",
    "password": "PAYPAL_PASS",
    "totp_secret": "PAYPAL_TOTP_SECRET"
  },
  "cloudflare": {
    "api_token": "CF_API_TOKEN",
    "zone_id": "CF_ZONE_ID",
    "domain": "yourdomain.com"
  },
  "webshare": {
    "api_key": "WEBSHARE_API_KEY"
  },
  "vlm": {
    "base_url": "https://api.openai.com/v1",
    "api_key": "VLM_API_KEY",
    "model": "gpt-4o"
  },
  "captcha_platform": {
    "api_key": "CAPTCHA_PLATFORM_KEY",
    "base_url": "https://api.2captcha.com"
  },
  "subscription_type": "team",
  "output_path": "output/results.jsonl"
}

Environment Variables (alternative to config file)

环境变量(配置文件的替代方案)

bash
export PROXY_HOST="your-proxy-host"
export PROXY_PORT="1080"
export PAYPAL_EMAIL="your@email.com"
export PAYPAL_PASS="yourpassword"
export CF_API_TOKEN="your-cloudflare-token"
export CF_ZONE_ID="your-zone-id"
export VLM_API_KEY="your-vlm-key"
export WEBSHARE_API_KEY="your-webshare-key"
bash
export PROXY_HOST="your-proxy-host"
export PROXY_PORT="1080"
export PAYPAL_EMAIL="your@email.com"
export PAYPAL_PASS="yourpassword"
export CF_API_TOKEN="your-cloudflare-token"
export CF_ZONE_ID="your-zone-id"
export VLM_API_KEY="your-vlm-key"
export WEBSHARE_API_KEY="your-webshare-key"

Running the Pipeline

运行流水线

Single Run (full flow)

单次运行(完整流程)

bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal
Output: 
output/results.jsonl
containing 
refresh_token
on success.
bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal
输出:成功时
output/results.jsonl
文件中会包含
refresh_token

Daemon Mode (continuous pool maintenance)

守护进程模式(持续维护池)

bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --daemon
bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --daemon

Batch Mode

批量模式

bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --batch \
  --count 10
bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --batch \
  --count 10

Self-Dealer Mode

自交易模式

bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --self-dealer
bash
xvfb-run -a python pipeline.py \
  --config CTF-pay/config.paypal.json \
  --paypal \
  --self-dealer

Pipeline Architecture

流水线架构

pipeline.py
  └─ CTF-reg/browser_register.py   # Camoufox + Cloudflare Turnstile
  └─ CTF-pay/card.py               # Stripe Checkout replay (8000 lines)
       └─ Stripe confirm
       └─ ChatGPT /approve
       └─ Camoufox PayPal billing agreement
       └─ Stripe poll state=succeeded
       └─ Camoufox second login → Codex OAuth + PKCE
  └─ output/results.jsonl          # Final refresh_token
pipeline.py
  └─ CTF-reg/browser_register.py   # Camoufox + Cloudflare Turnstile
  └─ CTF-pay/card.py               # Stripe Checkout replay (8000 lines)
       └─ Stripe confirm
       └─ ChatGPT /approve
       └─ Camoufox PayPal billing agreement
       └─ Stripe poll state=succeeded
       └─ Camoufox second login → Codex OAuth + PKCE
  └─ output/results.jsonl          # Final refresh_token

hCaptcha Solver

hCaptcha求解器

Standalone Usage

独立使用

python
import sys
sys.path.insert(0, '/path/to/Gpt-Agreement-Payment')
python
import sys
sys.path.insert(0, '/path/to/Gpt-Agreement-Payment')

Activate ML venv first if using VLM/CLIP paths

Activate ML venv first if using VLM/CLIP paths

from CTF_pay.hcaptcha_auto_solver import HCaptchaSolver
solver = HCaptchaSolver( vlm_base_url="https://api.openai.com/v1", vlm_api_key="VLM_API_KEY", vlm_model="gpt-4o", use_clip_fallback=True, use_opencv_fallback=True, )
from CTF_pay.hcaptcha_auto_solver import HCaptchaSolver
solver = HCaptchaSolver( vlm_base_url="https://api.openai.com/v1", vlm_api_key="VLM_API_KEY", vlm_model="gpt-4o", use_clip_fallback=True, use_opencv_fallback=True, )

With a Playwright page that has an hCaptcha iframe

With a Playwright page that has an hCaptcha iframe

async def solve_on_page(page): result = await solver.solve(page) return result # True if solved, False if failed
undefined
async def solve_on_page(page): result = await solver.solve(page) return result # True if solved, False if failed
undefined

Three-Layer Decision Flow

三层决策流程

1. VLM primary path     — sends challenge image to VLM, parses coordinate response
2. CLIP heuristic       — cosine similarity between challenge prompt and image tiles
3. OpenCV fallback      — contour/template matching for known visual patterns
1. VLM主路径     — 将挑战图像发送至VLM,解析坐标响应
2. CLIP启发式    — 挑战提示与图像块之间的余弦相似度匹配
3. OpenCV备选方案 — 针对已知视觉模式的轮廓/模板匹配

Supported Challenge Types (12)

支持的挑战类型(12种)

TypeDescription
select-image
Select all images matching description
bounding-box
Draw bounding box around object
image-label
Label images as matching/not-matching
click-point
Click specific point on image
drag-drop
Drag element to target
3d-rotate
Rotate 3D object to match
object-count
Count objects in image
text-in-image
Identify text shown in image
shape-match
Match shapes by property
spatial-relation
Identify spatial relationships
color-match
Match by color
pattern-complete
Complete a visual pattern
类型描述
select-image
选择所有符合描述的图像
bounding-box
在目标周围绘制边界框
image-label
将图像标记为匹配/不匹配
click-point
点击图像上的特定点
drag-drop
将元素拖至目标位置
3d-rotate
旋转3D对象以匹配要求
object-count
统计图像中的对象数量
text-in-image
识别图像中显示的文本
shape-match
根据属性匹配形状
spatial-relation
识别空间关系
color-match
根据颜色匹配
pattern-complete
完成视觉图案

Adding a New Challenge Type

添加新挑战类型

python
undefined
python
undefined

In CTF-pay/hcaptcha_auto_solver.py, extend the solver class:

In CTF-pay/hcaptcha_auto_solver.py, extend the solver class:

class HCaptchaSolver: # ... existing code ...
async def _solve_my_new_type(self, challenge_data: dict) -> list[tuple[int, int]]:
    """
    Solver for 'my-new-type' challenge.
    challenge_data keys: 'prompt', 'images', 'type'
    Returns list of (x, y) click coordinates.
    """
    prompt = challenge_data['prompt']
    images = challenge_data['images']  # list of PIL.Image or base64 strings

    # Option A: VLM path
    coords = await self._vlm_solve(prompt, images)

    # Option B: CLIP heuristic
    scores = self._clip_score(prompt, images)
    coords = [(img['x'], img['y']) for img, s in zip(images, scores) if s > 0.25]

    return coords

# Register it:
CHALLENGE_HANDLERS = {
    # ... existing handlers ...
    'my-new-type': '_solve_my_new_type',
}

---
class HCaptchaSolver: # ... existing code ...
async def _solve_my_new_type(self, challenge_data: dict) -> list[tuple[int, int]]:
    """
    Solver for 'my-new-type' challenge.
    challenge_data keys: 'prompt', 'images', 'type'
    Returns list of (x, y) click coordinates.
    """
    prompt = challenge_data['prompt']
    images = challenge_data['images']  # list of PIL.Image or base64 strings

    # Option A: VLM path
    coords = await self._vlm_solve(prompt, images)

    # Option B: CLIP heuristic
    scores = self._clip_score(prompt, images)
    coords = [(img['x'], img['y']) for img, s in zip(images, scores) if s > 0.25]

    return coords

# Register it:
CHALLENGE_HANDLERS = {
    # ... existing handlers ...
    'my-new-type': '_solve_my_new_type',
}

---

Daemon Mode — 12 Self-Healing Paths

守护进程模式 — 12种自愈路径

The 
daemon()
function in 
pipeline.py
handles these failure modes automatically:
TriggerRecovery Action
IP flagged / rate-limitedWebshare API auto-rotate IP
Cloudflare DNS quota exceededCF DNS quota cleanup
tmpfs orphan processesOrphan process reap
gost relay downgost relay watchdog restart
DataDome slider challengeAuto-drag slider synthesis
Stripe fingerprint driftRuntime re-alignment
PayPal session expiredRe-authentication flow
hCaptcha solve failureVLM → CLIP → platform fallback
Account batch-association banDelay + fresh identity
Codex OAuth token expiredPKCE refresh flow
Browser crash / hangCamoufox process restart
Output file lockTmpfs rotation + re-open
pipeline.py
中的
daemon()
函数可自动处理以下故障模式:
触发条件恢复操作
IP被标记/速率限制Webshare API自动切换IP
Cloudflare DNS配额耗尽清理CF DNS配额
tmpfs孤儿进程回收孤儿进程
gost中继故障gost中继监控重启
DataDome滑块挑战自动生成滑块拖动操作
Stripe指纹漂移运行时重新校准
PayPal会话过期重新认证流程
hCaptcha求解失败VLM → CLIP → 平台备选方案 fallback
批量账户关联封禁延迟操作 + 全新身份
Codex OAuth令牌过期PKCE刷新流程
浏览器崩溃/挂起重启Camoufox进程
输出文件锁定Tmpfs轮换 + 重新打开

Daemon Status Monitoring

守护进程状态监控

python
undefined
python
undefined

pipeline.py exposes a status endpoint when --daemon is active

pipeline.py exposes a status endpoint when --daemon is active

import requests
status = requests.get("http://localhost:8766/daemon/status").json()
import requests
status = requests.get("http://localhost:8766/daemon/status").json()

{

{

"active_workers": 3,

"active_workers": 3,

"completed_today": 12,

"completed_today": 12,

"alive_rate_24h": 0.02,

"alive_rate_24h": 0.02,

"current_ip": "x.x.x.x",

"current_ip": "x.x.x.x",

"last_success": "2026-04-30T12:00:00Z",

"last_success": "2026-04-30T12:00:00Z",

"healing_events": [...]

"healing_events": [...]

}

}


---

---

Reading Output

读取输出结果

python
import json

results = []
with open("output/results.jsonl") as f:
    for line in f:
        results.append(json.loads(line))
python
import json

results = []
with open("output/results.jsonl") as f:
    for line in f:
        results.append(json.loads(line))

Each result:

Each result:

{

{

"email": "user@subdomain.yourdomain.com",

"email": "user@subdomain.yourdomain.com",

"refresh_token": "...",

"refresh_token": "...",

"subscription_type": "team",

"subscription_type": "team",

"created_at": "2026-04-30T...",

"created_at": "2026-04-30T...",

"proxy_ip": "x.x.x.x",

"proxy_ip": "x.x.x.x",

"success": true

"success": true

}

}

successful = [r for r in results if r.get("success")] print(f"Success rate: {len(successful)}/{len(results)}")

---
successful = [r for r in results if r.get("success")] print(f"Success rate: {len(successful)}/{len(results)}")

---

WebUI API (when server is running)

WebUI API(服务器运行时)

python
import requests

BASE = "http://127.0.0.1:8765"
python
import requests

BASE = "http://127.0.0.1:8765"

Check preflight / system health

Check preflight / system health

health = requests.get(f"{BASE}/api/preflight").json()
health = requests.get(f"{BASE}/api/preflight").json()

Start a single run via API

Start a single run via API

run = requests.post(f"{BASE}/api/run", json={ "mode": "single", "subscription_type": "team" }).json() run_id = run["run_id"]
run = requests.post(f"{BASE}/api/run", json={ "mode": "single", "subscription_type": "team" }).json() run_id = run["run_id"]

Stream logs via SSE

Stream logs via SSE

import sseclient response = requests.get(f"{BASE}/api/run/{run_id}/logs", stream=True) client = sseclient.SSEClient(response) for event in client.events(): print(event.data)
import sseclient response = requests.get(f"{BASE}/api/run/{run_id}/logs", stream=True) client = sseclient.SSEClient(response) for event in client.events(): print(event.data)

Stop a run

Stop a run

requests.post(f"{BASE}/api/run/{run_id}/stop")

---
requests.post(f"{BASE}/api/run/{run_id}/stop")

---

Troubleshooting

故障排除

Pipeline Hangs at PayPal OTP

流水线在PayPal OTP环节挂起

undefined
undefined

First run requires manual 2FA completion

首次运行需要手动完成双因素认证

Run WITHOUT xvfb-run to see the browser:

不使用xvfb-run运行以显示浏览器:

python pipeline.py --config CTF-pay/config.paypal.json --paypal --no-headless
python pipeline.py --config CTF-pay/config.paypal.json --paypal --no-headless

Complete OTP manually; subsequent runs use saved session

手动完成OTP;后续运行将使用保存的会话

undefined
undefined

Stripe Fingerprint Drift

Stripe指纹漂移

bash
undefined
bash
undefined

Symptoms: Stripe returns 400 or challenge page unexpectedly

症状:Stripe意外返回400错误或挑战页面

CTF-pay/card.py contains runtime.version / js_checksum / rv_timestamp

CTF-pay/card.py包含runtime.version / js_checksum / rv_timestamp字段

These drift every few weeks — check docs/debugging.md for realignment procedure

这些字段每隔几周会发生漂移 — 查看docs/debugging.md获取校准步骤

Quick check: compare your values against a fresh mitmproxy capture

快速检查:将你的值与新的mitmproxy捕获结果对比

mitmproxy --mode transparent -p 8080 --set console_eventlog_verbosity=debug
undefined
mitmproxy --mode transparent -p 8080 --set console_eventlog_verbosity=debug
undefined

hCaptcha Solver Falling Back Constantly

hCaptcha求解器持续触发备选方案

bash
undefined
bash
undefined

Check VLM endpoint is reachable

检查VLM端点是否可达

curl -H "Authorization: Bearer $VLM_API_KEY"
"$VLM_BASE_URL/models" | python -m json.tool
curl -H "Authorization: Bearer $VLM_API_KEY"
"$VLM_BASE_URL/models" | python -m json.tool

Check CLIP venv is active when running

运行时确保CLIP虚拟环境已激活

~/.venvs/ctfml/bin/python pipeline.py --config ...
~/.venvs/ctfml/bin/python pipeline.py --config ...

Enable verbose solver logging

启用求解器详细日志

export HCAPTCHA_DEBUG=1
undefined
export HCAPTCHA_DEBUG=1
undefined

Low Survival Rate (~2%)

存活率较低(约2%)

This is expected per the anti-fraud research. Key findings from 
docs/anti-fraud-research.md
:
  • Batch-association delayed banning: Accounts registered in the same batch are banned together ~12–24 hours after creation
  • IP-string-level fingerprinting: Exact IP (not just subnet) is tracked
  • Probe layer vs ban layer separation: Initial probe passes, ban fires later
Mitigation strategies documented in 
docs/anti-fraud-research.md
:
  • Use residential IPs, not datacenter
  • Introduce timing jitter between registrations (daemon does this automatically)
  • Avoid reusing Cloudflare subdomains across batches
根据反欺诈研究,这属于预期情况。
docs/anti-fraud-research.md
中的关键发现:
  • 批量关联延迟封禁:同一批次注册的账户会在创建后约12–24小时被集体封禁
  • IP字符串级指纹识别:系统会追踪精确IP(而非仅子网)
  • 探测层与封禁层分离:初始探测通过后,封禁会在后续触发
docs/anti-fraud-research.md
中记录的缓解策略:
  • 使用住宅IP,而非数据中心IP
  • 在注册之间引入时间抖动(守护进程会自动执行此操作)
  • 避免跨批次重复使用Cloudflare子域名

Free Account Path Broken

免费账户路径失效

undefined
undefined

Known limitation — OpenAI redirects free accounts to /add-phone

已知限制 — OpenAI会将免费账户重定向至/add-phone页面

No workaround without a real phone number

若无真实电话号码则无解决办法

Codex API audience mismatch with ChatGPT-Web access_token

Codex API受众与ChatGPT-Web access_token不匹配

Only Plus/Team/Pro subscription paths are currently functional

当前仅支持Plus/Team/Pro订阅路径

undefined
undefined

Common Error Messages

常见错误信息

ErrorCauseFix
PayPal region rejected
Non-EU proxySwitch to EU/IE proxy
Turnstile solve timeout
Browser fingerprint detectedUpdate Camoufox: 
camoufox fetch
Stripe 3DS required
Card requires 3DS authUse a non-3DS card config
CF DNS quota exceeded
Too many subdomain createsDaemon auto-cleans; manual: see 
docs/debugging.md
gost relay not responding
gost process crashedDaemon restarts; manual: 
systemctl restart gost
Codex PKCE state mismatch
Clock skew
ntpdate -u pool.ntp.org
错误原因修复方案
PayPal region rejected
使用了非欧盟代理切换至欧盟/爱尔兰代理
Turnstile solve timeout
浏览器指纹被检测到更新Camoufox:
camoufox fetch
Stripe 3DS required
卡片需要3DS认证使用非3DS卡片配置
CF DNS quota exceeded
创建了过多子域名守护进程会自动清理;手动操作请查看
docs/debugging.md
gost relay not responding
gost进程崩溃守护进程会重启;手动操作:
systemctl restart gost
Codex PKCE state mismatch
时钟偏差执行
ntpdate -u pool.ntp.org

Project Structure

项目结构

Gpt-Agreement-Payment/
├── pipeline.py                    # Main entry point, daemon orchestrator
├── CTF-pay/
│   ├── card.py                    # Stripe Checkout replay (~8000 lines)
│   ├── hcaptcha_auto_solver.py    # hCaptcha visual solver (~4000 lines)
│   ├── config.paypal.example.json
│   └── config.auto.json           # Generated by webui wizard
├── CTF-reg/
│   ├── browser_register.py        # Camoufox + Turnstile registration
│   └── config.paypal-proxy.example.json
├── webui/
│   ├── server.py                  # FastAPI backend
│   ├── frontend/                  # React/pnpm frontend
│   └── README.md
├── output/
│   └── results.jsonl              # refresh_token output
└── docs/
    ├── anti-fraud-research.md     # Empirical data, 45-account 24h study
    ├── architecture.md
    ├── configuration.md
    ├── daemon-mode.md
    ├── debugging.md
    ├── hcaptcha-solver.md
    ├── installation.md
    └── operating-modes.md
Gpt-Agreement-Payment/
├── pipeline.py                    # Main entry point, daemon orchestrator
├── CTF-pay/
│   ├── card.py                    # Stripe Checkout replay (~8000 lines)
│   ├── hcaptcha_auto_solver.py    # hCaptcha visual solver (~4000 lines)
│   ├── config.paypal.example.json
│   └── config.auto.json           # Generated by webui wizard
├── CTF-reg/
│   ├── browser_register.py        # Camoufox + Turnstile registration
│   └── config.paypal-proxy.example.json
├── webui/
│   ├── server.py                  # FastAPI backend
│   ├── frontend/                  # React/pnpm frontend
│   └── README.md
├── output/
│   └── results.jsonl              # refresh_token output
└── docs/
    ├── anti-fraud-research.md     # Empirical data, 45-account 24h study
    ├── architecture.md
    ├── configuration.md
    ├── daemon-mode.md
    ├── debugging.md
    ├── hcaptcha-solver.md
    ├── installation.md
    └── operating-modes.md

Key Timing Expectations

关键时间预期

PhaseTypical Duration
First-time config + PayPal 2FA1–3 hours
Single pipeline run (after setup)~5 minutes
WebUI wizard setup~15 minutes
Daemon stabilization30–60 minutes
Account survival window12–24 hours (2% survive 24h)
阶段典型时长
首次配置 + PayPal双因素认证1–3小时
单次流水线运行(完成设置后)~5分钟
WebUI向导设置~15分钟
守护进程稳定30–60分钟
账户存活窗口12–24小时(2%的账户可存活24小时)