- Status
- Offline
- Joined
- Mar 3, 2026
- Messages
- 330
- Reaction score
- 7
Anyone remember those ancient banner ads for StudioHoppe games?
They rebranded to DitoGames, but the underlying engine for titles like Delta Wars and Alpha Wars is still the same browser-based RTS grindfest. If you have played them, you know the drill: Concrete, Steel, Carbon, and Fuel. It is heavily gated by "Titanium" (the premium currency), forcing you into 1-minute production loops unless you cough up cash for 15-hour batches.
The Automation Problem
Naturally, the play here is to automate the resource loop. A simple Python script with pixel detection seems like the move for navigating the minimap and factory UI, but the developers implemented a surprisingly effective custom captcha system to kill off basic bots.
The Captcha Layers:
Packet vs. Script
Trying to bypass the UI by sending raw packets—telling the server "production started"—does not work as a clean bypass. The server tracks the captcha state; if it is triggered, the captcha persists through page refreshes and relogs on the same account. The backend holds the session hostage until that square is clicked.
Automation here requires either a trained model (likely overkill for an old browser game) or finding the logic in the HTML5/JS client that handles the click validation. If we can reverse how the client determines the "correct" coordinates or if the square's position is leaked in the initial packet, we can bypass the visual hurdle entirely.
Anyone dug into the WebSocket traffic or the JS obfuscation on these DitoGames titles lately?
They rebranded to DitoGames, but the underlying engine for titles like Delta Wars and Alpha Wars is still the same browser-based RTS grindfest. If you have played them, you know the drill: Concrete, Steel, Carbon, and Fuel. It is heavily gated by "Titanium" (the premium currency), forcing you into 1-minute production loops unless you cough up cash for 15-hour batches.
The Automation Problem
Naturally, the play here is to automate the resource loop. A simple Python script with pixel detection seems like the move for navigating the minimap and factory UI, but the developers implemented a surprisingly effective custom captcha system to kill off basic bots.
The Captcha Layers:
- Tier 1: A popup with 1-5 triangles and a single square. You have to click the square to start production. Positions, sizes, and angles are randomized and frequently overlap.
- Tier 2: A full-screen cluster of triangles with a single square hidden inside. This one uses varying alpha levels (translucency) and distorted lines, making basic OpenCV or simple color-matching scripts useless.
Captchas trigger on roughly 1/10 to 1/25 actions. Simple pixel reading fails because the shapes are not static and the alpha blending makes the "square" hard to isolate from the background noise without a proper OCR or AI model.
Packet vs. Script
Trying to bypass the UI by sending raw packets—telling the server "production started"—does not work as a clean bypass. The server tracks the captcha state; if it is triggered, the captcha persists through page refreshes and relogs on the same account. The backend holds the session hostage until that square is clicked.
Automation here requires either a trained model (likely overkill for an old browser game) or finding the logic in the HTML5/JS client that handles the click validation. If we can reverse how the client determines the "correct" coordinates or if the square's position is leaked in the initial packet, we can bypass the visual hurdle entirely.
Anyone dug into the WebSocket traffic or the JS obfuscation on these DitoGames titles lately?
