Forum Thread: The Only Authentic Way to Hack Instagram!

I know everyone is tired seeing those how-to's on brute forcing instagram and other social media's. Sorry to break this to you but most of them are poorly engineered or do not work at all and claim's false results.

I am writing this post because I really wanted to shout out to everyone ( Atleast for those who really want to learn hacking... ) what is the authentic way to hack instagram. If you tried all other post on hacking instagram ( Which is mostly fake ) , I request you to try this once. I promise you that you will learn what is real hacking.

Okay , How exactly are we gonna do it ? Simple , With a linux only python script called Instagram-Py!

I created Instagram-Py after seeing all those poorly implemented or fake brute force scripts that people actually used , When I first saw those reviews on these tools , I was shocked Because Why would people even use these tools which does not even follow a good code base! Well , Turns out a lot of people who used these tools where just noobs ( No offense ) , I would have done the same when I was just starting to learn hacking ( Trust Me , I was sooo dumb and trusted these tools! Some worked though ).

There is a common misconception that I am not the original author but I am the original author of Instagram-Py , Why People thought I was fake ? Because I deleted my old username which I worked and commited on github. Yes If you analyze the git logs you will know that I am the author but no one does that. ( Because they don't know to do that! ) and there is a new account who is pretending to be me which annoys me a lot. Okay no more booring stories , Time to break some stuff like pro!

Here is the new official github project for instagram-py , Use this repo to support me (By staring it and watching it) and raise issues to get it fixed asap!
( Do not use any other mirrors as it may have backdoors! )

There is a video embeded at the end of this post , If you are a visual learner then see that to get started right away! Thank You sh4dy for making a video out of my tool!

Step 1: Get a Linux Distro of Your Choice!

I recommend using Kali Linux , Why ? Because its a linux distro which is dedicated for hacking stuff , I learned about linux in the very start from Kali Linux ( Because of the urge to learn how to hack and crazy cli animations). So Thank You Offensive Security for your awesome distro's.

If your default operating system is Windows then you can simply Live boot to Kali Linux to just use it without installing it into your computer.

To Live Boot , You need a flash drive which has atleast 8GB storage space ( To run smoothly! ).

Follow the instruction below to create a bootable flash drive to live boot kali linux , if you already on linux then skip this step. ( You can also google , On How to live boot Kali Linux from Windows... )

Create Bootable Flash Drive on Windows!

  • Download the official Kali Linux ISO Image here , Download the version that corresponds to your CPU Architecture
  • Download Rufus from here , Will be used to make bootable flash drive.
  • Run Rufus , It should look something like this...
Image via akeo.ie
  • In rufus , Select the your flash drive as the device.
  • Select MBR (If not select the default ) for partition scheme and target system type
  • Give your new Volume Label to any name you like.
  • Select ISO Image from the drop down list that is close to the Disk Icon.
  • Now click the Disk Icon to browse for the Kali Linux ISO Image file from your computer.
  • After selecting the ISO Image , Click on the Start button to start the process!
  • On finish , You must now have a bootable flash drive that can live boot you kali linux.

Now safely remove the flash drive and Shutdown your PC. Plug in your flash drive and then turn on your PC again , Select Live Boot from the menu once you see the Kali Linux Splash Screen. Now you must have Kali Linux Booted and ready to do some stuff.

Note: In some computers you must enable Boot from USB to use a Bootable Flash Drive so please make sure to enable it from your Boot Menu.

Step 2: Install Instagram-Py from Python Package Index.

For this step , I will be using apt-get package manager because thats the default for Kali Linux but you can do the same for all other package managers , like pacman and dnf.

Open a new Terminal in Kali Linux and execute these commands.

Now we have successfully installed Instagram-Py in Kali Linux , Now its time to configure it.

Step 3: Configuring Instagram-Py and Tor Server.

First lets configure Tor Server , Tor is a project which aims for privacy , it completely hides your network traffic ( Not the data usage ) from your ISP , Its not a proxy because it can be used for anything , Even for selling drugs ( Heard of Dark Web , Tor Network is know as the Dark Web and Tor Server helps us to connect to it).

Execute this command to edit the Tor Configuration in Kali Linux.

Search for line which looks like this , #ControlPort 9051 and only delete the # from that line.
It should look something like this...

Lets start our tor server with our new configuration.

Now lets configure instagram-py , Execute this command and everything will be done for you!

Please see that , the default configuration will only work if you use tor's default configuration ,
if you use a custom configuration for tor then please execute the above command without the
--default-configuration argument and answer some simple questions.

Now everything is set , Only thing to do is to Find a Victim and Start the Attack.

Step 4: Executing the Attack!

Here is the usage for Instagram-Py from my console...

For a simple attack with medium verbosity , Execute this command in a terminal!

Thats it , You actually launched a authentic attack on a instagram account using Instagram-Py!

Are You a Visual Learner ?

I saw this youtube video from a random guy , Its really awesome , Thank You sh4dy for making a video out of my tool!

Please go to this repo to know more about Instagram-Py!
Thank You for your Time , See ya!

Never Miss a Hacking or Security Guide

Get new Null Byte guides every week.

41 Responses

Features of Instagram-Py!

  • Ultra Portable

As of Instagram-Py v2.0.6 , Instagram is bundled in a single package , which does not require you to install tor or python in your linux distro! Only for linux 64 Bit.

  • Instagram-Py Scripting

Craft your own python script which will embed into Instagram-Py for Maximum Customization of your brute force attack , example: What if you want a message sent to your phone when an account is hacked?

  • Resumes Attacks when the same wordlist is used on the same Username
  • Dumps successfully cracked accounts.
  • Maximum Customization! ( This includes multiple attack vectors! )
  • Fast and Clean Code , no ugly selenum drivers! ( Pure Requests )
  • Elegant Tor Identity Change with Stem ( Tor's Official Library for Python )

How to Get Instagram-Py with Zero Setup ( Instagram-Py Portable )

You just need to execute a single command to get instagram-py , you don't even need python and tor , works for any 64 Bit Linux Distro ( Kali Linux , Ubuntu , Fedora or Arch Linux and etc... )

HERE IS THE PROJECT PAGE -> https://github.com/antony-jr/instagram-py
You can only get Instagram-Py Portable at the project page!

can u pls help me and give me ur email, i got my instagram hacked i cannot get it back so i need ur help pls

Erm .. Sorry , But do know that we can only hack an active target , Why ? Because brute force attack always blocks the account. Most users will ignore the warning and just do the verification. Once they do the verification we could log in again after a day or two...

You can always ask me anything here

I got this >>> fatal error:: Connection to host failed , check your connection and tor configuration.

This happens in the last update, but in previous version (when it's still on the deathsec repository) I have no problem at all.

I've set up it properly, like create default configuration, start the tor service, and opening control port on torrc file.

Can you help? Sorry for My English..

Did you restart your Tor Server every time you make changes to the torrc. You can always open an issue on github here

Always report errors on github , it will be solved asap. I'm planning to release a easy to use AppImage for the tool and tor to avoid these types of errors.

Hey refer this issue, it has been resolved , It might help you. If not rise a new issue in the project page

Is there a way to message you directly? I am not a hacker AT ALL and this is all foreign language for me, also I have a Mac -_-.. I need to hack someone's Instagram account I can give you more information personally. Please.

In mac , You can use the Tor Browser's In-Built Tor Server , Start the Tor Browser and then go to Network Settings and there you can see the socks proxy ip and port , Configure Instagram-Py with IP-> 127.0.0.1 and the port shown in the network settings of your tor browser and the control port be the a addition of 1 to the port shown in the network settings of your tor browser.( Example: if the port is 9150 then control port be 9151). But you can open a issue in the project page at github.

You can get in touch with me here but thats public , If you get there , I can share a Discord link.

Hey , Sorry about earlier on github and keep up your good work!

Step 1: Script Is Working but How Do I Bypass Security of Instagram?

Hello Anthony,
As soon as I get the password cracked, Instagram opens this suspicion login page, Is there any way I can bypass it?

As I said earlier ,

Erm .. Sorry , But do know that we can only hack an active target , Why ? Because brute force attack always blocks the account. Most users will ignore the warning and just do the verification. Once they do the verification we could log in again after a day or two...

Just stay cool and wait a bit , till the original user verifies him/her -self. Most of the time , Nobody will change the password , Even me. ( But I don't use Instagram though! )

Hacking is always like a magic trick , Your whole plan can be destroyed in a single change of a bit.

Hey sorry for the late response , See issue for more information.

I managed to do everything but intagram-py and did not get the account password, what could I do?

Hey there , Brute Force attacks have only 50% chance to hack a account so don't get your hopes high... In Hacking brute force is the safest way to hack social media accounts since it avoid us from interacting with the user, with the best wordlist you could crack any account....

The best wordlist is rocky.txt or dou you recommend another one?

root@kali:~# sudo pip3 install stem
Collecting stem
Downloading stem-1.6.0.tar.gz (2.0MB)
100% |¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦| 2.1MB 30kB/s
Building wheels for collected packages: stem
Running setup.py bdist_wheel for stem ... done
Stored in directory: /root/.cache/pip/wheels/a8/14/32/c7d3560a2ccf8ddb5e5be92b4c11015712d88299b13c19968e
Successfully built stem
Installing collected packages: stem
Successfully installed stem-1.6.0
root@kali:~# sudo pip3 install instagram-py
Collecting instagram-py
Downloading instagram-py-2.0.4.tar.gz
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-UyeWMG/instagram-py/setup.py", line 13, in <module>
from InstagramPy import _version_
File "InstagramPy/_init_.py", line 10, in <module>
from .InstagramPyCLI import InstagramPyCLI
File "InstagramPy/InstagramPyCLI.py", line 133
end='')
^
SyntaxError: invalid syntax

----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-UyeWMG/instagram-py/
root@kali:~#

i am having this problem

I think you need to have python3-setuptools , Make sure you are running the script with python v3.6 , Instagram-py only runs with python 3.6 >=

I downloaded the Python v3.6 its still using v3.7 how can I exucute python v3.6

Does the first step "apt-get update && apt-get upgrade" seriously need 950 MB?

Hi Antony,
Everything went smoothly upto the last step, then it says

fatal error: can't find the password list

Do we have to use anything else in place of password_list.txt?

_ can you please help me and rewrite the last line of the programme for me? Please? Also can you please tell me if I want to use some other wordlist document what should I do? Like if you update a new document then what changes should be made in the programme in future?

Thanks in advance.
I really need help. Please reply asap.

Here is the same
Also the line sudo easy_install3 - U pip
Is not working

Hey Antony ,i think Instagram has blocked my ip address even when changing the my ip address through tor please check blow verbose i am getting

b'{"message": "Sorry, there was a problem with your request.", "status": "fail", "errortype": "sentryblock"}'

normally if server is part of a IP network/host that has had serious spammers on it. Instagram has blacklisted its network/IP.

How many tries did you try ?

In tor network we have 300 IP's ( Approx. ) , with each IP we could check 10 Times ( Approx. ) , we can check again with the same IP if we wait a minute or two ( It increases exponentially ). So we have 30000 Tries atleast and at the time we reach the last server ip , we have another 30000 Tries , maximum time taken to try 10 passwords wih a ip = 1 Min ( 6 Secs x 10 ). Time taken to finish all the 300 servers = 1x300 = 300 Min = 5 Hr. Thus Every ip has a time wait of 5 hr. the moment when instagram blocks us to wait for 5 Hr. is where the attack fails!

Thus the maximum tries we could try until we wait another 5 Hr. is 196608000 Tries which is 1.9 Billion , Its working as I promised.

But I really did not think about the blacklisted ip's since tor changes its ip frequently..

Hey Everyone!

Download the new Instagram-Py Portable.
All You need to do is to execute a single command to get Instagram-Py, You don't even need python and tor server!

I'm getting a
fatal error:: password list not found at /home/ubuntu/Developer/.exploits/facebook-phished.txt
Can you help please??

OK so.. I dont think that will work since instagram has captcha verification.IT would work if it was offline attack but since it is an online one I am not so sure about it.

Hello anthony, i want to ask you something. firstly i'm not a hacker at all. but i understand this. if brute-force attack only have 50% chance to crack the password which is based on it's wordlist, then the unique password will never have chance to be cracked right? here's more simple thought. "if i'm trying to hack instagram account of people that they doesn't even speak 'english' well let say the password will be something like ;bangsattelolet (which is an indonesian language) even though we have enough alphabet to crack password (i mean we have a-z in the list) doesn't ever mean we can crack it right?" is there any explanation around this topics so you can tell the readers in the first sentence and they didn't even have to read till end. Thanks by the way appreciate your works

please reply-

how to rectify the fatcl error:: password list not found at/home/david/Pentest/wordlists/wordlist.txt.(on ubuntu)

can you help me??
And I sorry for my english

Hi, how would I do this if my account is inactive? Somebody took it and isn't using it, so can this method still work?

Can you do it for me ? I'll pay you

Hi Antony, I was able to follow all the steps with good results. However, in my case, one password is attempted every one second, which I think is very slow. How can I speed up the process and try, lets say, 1000 passwords per second? Is that even possible? Thanks.

Ok listen... I installed Kali with Rufus and had my USB ready and so rebooted my PC, but on boot menu my device did not allow me to boot from the USB. The reason was because it was blocked from my device's security protocol... How do I disable it, in order to boot from the USB?

I actually know the answer to this one. You have to turn secure boot off in your boot settings. UEFI mode still. And you can also bump the usb drive up in settings so that if there's a usb drive it'll boot there and if not then it'll boot to your normal mBR. To get to your boot settings, boot your computer and when the logo comes up, press F2and it should pull up. If not, just google how to get to your boot settings on your particular model. In fact, Google is your best go to for any of these answers because whatever you want to ask has been asked by someone before. Also, if you want to hack anything ever you're going to have to learn to search for and effectively gather information.

Hey Antony I am not a hacker.so is there any way through which I can learn all the above from start.please reply asap.

Amazing! It Works perfectly. I've Tried This in My Own Account and It's Cool!

Can you help me access my temporarily disabled account if I have forgotten my password?

How to fix the problem with the password list?

can we use this in termux?
sir?

The script says that the
Password list not found at path/to/password_list. Txt

Share Your Thoughts

  • Hot
  • Active