Instagram Private API Requests Exported From Charles Proxy
Requests are separated by Instagram's Android versions
Note: You should have a Facebook account and an Instagram account associated with it. (Login to Instagram with Facebook)
-
Check "Enable user installed Certificate Authorities (CAs) for your Facebook account" and "Enable user installed CAs for your Whitehat Test Accounts."
-
Choose Instagram in "Select on which apps you want to enable the Mobile Settings."
-
Force Stop Instagram and Clear Data.
-
Login to Instagram with Your Facebook Account.
-
Go to Instagram's Settings -> Internal -> Whitehat Settings
-
Check "Allow user installed certificates" and "Do not use TLS 1.3"
-
Force Stop Instagram and Clear Data
-
Set WIFI's proxy to Charles Proxy Address
-
Open Instagram and Export Requests in Charles Session File Format (.chls) (note: Give it a Suitable Name)
-
Move the exported file to its related Instagram android version.
Cheers 🥳
Check User-Agent Header in Requests for version and version code:
- Install Frida using
pip install frida
- Run frida-server on your device using adb.
- Run Instagram on Your Phone or Emulator
- Put Below Code in a File Name
script.js
and Run Using Python (python script.py
):
import frida, sys
def on_message(message, data):
print(message)
process = frida.get_usb_device().attach('com.instagram.android')
jscode = """
Interceptor.attach(Module.findExportByName("libscrambler.so", "_ZN9Scrambler9getStringESs"), {
onLeave: function (retval) {
console.log(Memory.readCString(retval));
}
});
"""
script = process.create_script(jscode)
script.on('message', on_message)
print('[*] Running sniffer')
script.load()
sys.stdin.read()
- Make a Request in Instagram to Get Signature Printed: