Text CAPTCHA (ImageToText)
and CapMonster Cloud

Captcha solving, website integration, and testing.

Inherited a site with a captcha or another protection layer but no access to the source code? In that case you naturally ask: which solution is installed, is it configured correctly, and how can the workflow be tested?

In this article, we have tried to answer all the key questions. The first step in solving the task is to determine which protection system is being used. To do this, you can refer to the list of popular captchas and anti-bot protection systems, where you will find visual examples and key indicators that help you quickly understand what you are dealing with.

If you discover that your site uses ImageToText, the next step is to study its properties and operation in more detail. In this article, you can also review the instructions on how to integrate ImageToText so that you fully understand how it functions on your site. This will help you not only understand the current protection, but also properly plan its maintenance.

What Is ImageToText CAPTCHA

ImageToText CAPTCHA is a classic website protection system based on recognizing text from an image. The user must enter characters (letters, numbers, or a combination) shown on a distorted image. This approach helps distinguish humans from automated scripts. It is used to protect registration and login forms, message submissions, comments, and to prevent mass automated requests.

How to Solve ImageToText CAPTCHA Using CapMonster Cloud

When testing forms with ImageToText CAPTCHA, it is often necessary to verify that the captcha works correctly and is properly integrated.

You can manually test the captcha embedded on your website:

Open the page with the form and make sure the captcha is displayed.
Try submitting the form without solving the captcha — the server should return an error.
After successfully solving the captcha, the form should submit without errors.

For automatic captcha recognition, you can use specialized services such as CapMonster Cloud — a tool that accepts captcha parameters, processes them on its servers, and returns a ready-made captcha solution. This response can be inserted into the appropriate field to pass verification without user involvement.

Working with CapMonster Cloud via API typically involves the following steps:

Creating a task

At this stage, you provide your API key, captcha type, and its parameters. The service returns a unique taskId, which can later be used to retrieve the result.

Sending an API request

In a request to solve an image captcha, you need to specify the following parameters:

type - ImageToTextTask

body - the captcha file content encoded in base64. Make sure the value is sent as a single line, without line breaks;

capMonsterModule (optional) - module name, for example “yandex”. An alternative way to pass the module name and a list of all available modules can be found here;

You can also set other optional parameters:

recognizingThreshold - captcha recognition threshold with a possible value from 0 to 100;

case - whether to consider letter case when solving. Possible values: true, false;

numeric - 1 — if the captcha consists of digits only. Possible values: 0, 1;

math - false — not set by default;

true — the captcha requires performing a mathematical operation (for example, captcha 2 + 6 will return the value 8).

Important: for the captcha_math module, do not use the math: true parameter.

Find more details about the parameters and how to gather them automatically before sending a task in the CapMonster Cloud documentation.

Endpoint for sending the task:

https://api.capmonster.cloud/createTask

Request example:

{
  "clientKey":"API_KEY",
  "task": {
	"type":"ImageToTextTask",
	"body":"BASE64_BODY_HERE!"
  }
}

Response:

{
  "errorId":0,
  "taskId":407533072
}

Receiving the result

After creating the task, poll the solution status.

Address to receive the result:

https://api.capmonster.cloud/getTaskResult

Request example:

{
  "clientKey":"API_KEY",
  "taskId": 407533072
}

Response:


{
  "errorId":0,
  "status":"ready",
  "solution": {
	"text":"answer"
  }
}

Placing the token on the page

The received token can be inserted into a hidden form field or passed to a JavaScript function on the site to confirm the solution. After that, the server will accept the form as valid. For automation and testing, it is convenient to use Puppeteer, Selenium, or Playwright, which allow you to emulate user actions, insert tokens, and submit forms.

Image CAPTCHA Recognition Using Ready-Made Libraries

CapMonster Cloud provides ready-made libraries for convenient use in Python, JavaScript (Node.js), and C#.

Python

JavaScript

Solving, Injecting the Answer, and Submitting the Form

A Node.js example for the full captcha recognition cycle on your web page. Possible approaches include using HTTP requests to retrieve HTML and protection system parameters, sending the response, and processing the result. Or, as in the example below, using automation tools (such as Playwright) — open the page, wait for verification, send parameters via the CapMonster Cloud client, get the result, insert it into the appropriate field (for testing you can use both correct and incorrect data), and observe the outcome.


  // npm install playwright @zennolab_com/capmonstercloud-client
  // npx playwright install chromium

import { CapMonsterCloudClientFactory, ClientOptions, ImageToTextRequest, CapMonsterModules } from '@zennolab_com/capmonstercloud-client';
import { chromium } from 'playwright';

const API_KEY = "YOUR_API_KEY"; // Specify your CapMonster Cloud API key

async function solveImageToTextAndFillField() {
    const cmcClient = CapMonsterCloudClientFactory.Create(
        new ClientOptions({ clientKey: API_KEY })
    );

    // You can optionally check your balance
    const balance = await cmcClient.getBalance();
    console.log("Balance:", balance);

    // 1. Launch Playwright and open the page with the form
    const browser = await chromium.launch({ headless: false });
    const context = await browser.newContext();
    const page = await context.newPage();
    await page.goto("https://example.com/form"); // 2. Get the captcha URL from the page (example via <img> selector)

    // 2. Get the captcha URL from the page (example via <img> selector)
    const captchaUrl = await page.getAttribute("#captcha-img", "src");

    // 3. Download the image and convert it to Base64
    const response = await fetch(captchaUrl);
    const imageBuffer = await response.arrayBuffer();
    const imageBase64 = Buffer.from(imageBuffer).toString('base64');

    // 4. Create a request to solve ImageToText
    const imageToTextRequest = new ImageToTextRequest({
        body: imageBase64,
        CapMonsterModule: CapMonsterModules.YandexWave, // or another module
        Case: true,
        numeric: 0,
        recognizingThreshold: 65,
        math: false
    });

    // 5. Get the captcha solution
    const result = await cmcClient.Solve(imageToTextRequest);
    console.log("Captcha solution:", result.solution.text);

    // 6. Insert the solution into the form field and submit
    await page.fill("#captcha-input", result.solution.text); // Replace with your selector
    await page.click("#submit-button"); // Replace with your button selector
    await page.waitForLoadState("networkidle");

    console.log("Form submitted with captcha solution");

    // 7. Close the browser
    await browser.close();
}

solveImageToTextAndFillField().catch(console.error);

There is also a great opportunity to test captcha recognition using the CapMonster Cloud browser extension, which allows you to quickly check captcha behavior directly on the page and track the solving process in real time without writing code — available for Chrome and Firefox.

How to Connect a Text CAPTCHA to Your Website

To confidently navigate how captcha works on your site, understand its verification logic, reconnect it, or reconfigure it, we recommend studying this section. It describes the protection integration process and helps you quickly understand all the nuances.

Step 1. Choose an Approach

First, you need to decide how exactly you will use the captcha:

Option 1 — Third-party vendor

Suitable if fast implementation and minimal maintenance are important.

Pros:

Quick integration
Ready-made bot protection
No need to update algorithms yourself

Cons:

Dependency on an external service
Limited customization

Option 2 — Custom text CAPTCHA

Suitable if you need full control and integration tailored to your needs.

Pros:

Full control over logic and design
No external dependencies
Can be adapted to specific scenarios

Cons:

You need to implement bot protection yourself
Requires maintenance and updates over time

Step 2. Implement CAPTCHA Generation

For a vendor

Register with the service
Obtain keys (site key / secret key)
Include the script on the page with the form

For a custom captcha

Generate a random string (digits or letters)
Render it on an image (Canvas, SVG, or server-side generation)
Add distortions: noise, lines, character rotation

If you want to create your own captcha from scratch, we recommend checking out our detailed and visual guide, where all key implementation aspects are explained step by step.

Step 3. Display the CAPTCHA to the User

Place the captcha image next to the form
Add a text input field
Implement a captcha refresh button

Important: each load must generate a new code.

Step 4. Send Data to the Server

When submitting the form, send:

The text entered by the user
Captcha identifier or session token

For a custom captcha, the code must not be stored on the client — only on the server.

Step 5. Verify the CAPTCHA on the Server

Vendor

Send the captcha token to the vendor's server
Receive the verification result (success / error)

Custom captcha

Compare the entered text with the stored value
Consider captcha expiration time (e.g., 1–2 minutes)

Step 6. Make a Decision

If the captcha is solved — perform the action (login, registration, form submission)
If not — show an error and generate a new captcha

Step 7. Strengthen Protection (Recommended)

Even for a text captcha, it is worth adding:

Limit on the number of attempts
Binding to IP, session, or cookies
Temporary (one-time) tokens
Logging of suspicious activity

Possible errors and debugging

Image CAPTCHA Does Not Load

(Empty image, 404/500, or generation error) — most often caused by incorrect generation logic. Make sure the server correctly creates the image and returns it to the client, and that the endpoint path is specified correctly.

Invalid or Empty CAPTCHA Code

Check that the user input is actually sent to the server and compared with the stored captcha value.

Code Mismatch with Correct Input

Make sure that:

The captcha is not regenerated before verification;
The code is stored separately for each session or token;
The captcha has not expired.

Expired CAPTCHA Lifetime

Increase the captcha TTL on the server or refresh it on repeated input attempts.

Protection resilience checks

After integration, make sure the system really protects the site from automated actions.

Try submitting the form without a captcha value — the server should reject the request.

Submit random or empty text instead of the correct answer — validation should fail.

Test an expired captcha — the server must reject such requests.

Try reusing an already validated captcha code — repeated validation should not be possible.

Perform load testing (for example, using k6 or JMeter) — under high request volume, the captcha should be generated correctly and the backend should process validations stably.

Security and optimization tips

Store the correct captcha answer only on the <b>server</b> (in memory, Redis, or a database), do not send it to the client.

Store the correct captcha answer only on the server (in memory, Redis, or a database), do not send it to the client.

Use one-time tokens or captcha identifiers.

Limit the number of input attempts for a single captcha.

Always use HTTPS to transmit form data and captcha responses.

Log captcha generation and validation errors (time, IP, reason for rejection) — this simplifies debugging and attack analysis.

Log captcha generation and validation errors (time, IP, reason for rejection) — this simplifies debugging and attack analysis.

Regularly update the generation algorithm (fonts, distortions, noise).

Conclusion

If you inherited a website with an already installed captcha or another protection system and do not have access to the code — no problem! Determining which technology is used is quite easy. And to verify correct operation, you can use the CapMonster Cloud recognition service in an isolated test environment to ensure that token handling and validation logic work correctly.

In the case of an image-based captcha, it is enough to recognize the system, study its behavior, and ensure that the protection functions correctly. In this article, we showed how to identify an image captcha (ComplexImage) and how to connect or reconfigure it to confidently maintain and control the protection.

Helpful links

CapMonster Cloud Documentation (Working with Text CAPTCHA) →

Guide: How to Create Your Own CAPTCHA →

The CapMonster Cloud browser extension is available for Chrome and Firefox. Full installation and usage instructions are available here.

Text CAPTCHA (ImageToText) and CapMonster Cloud

How to Solve ImageToText CAPTCHA Using CapMonster Cloud

Text CAPTCHA (ImageToText)
and CapMonster Cloud