I checked your code and found that the login api did not encrypt the password, but I found that the ins login password of the current webpage was encrypted

ErrorxCode / JxInsta

An object-oriented reverse engineered instagram web API made in Java. Now build bots, scrap data, create instagram apps, and a lot more in your favourite language

Apache License 2.0

17 stars 5 forks source link

I checked your code and found that the login api did not encrypt the password, but I found that the ins login password of the current webpage was encrypted #2

Closed 0x3F940AA closed 5 months ago

0x3F940AA commented 6 months ago

    var encPassword = "#PWD_INSTAGRAM_BROWSER:0:" + new Date().getTime() + ":" + password;

I checked your code and found that the login api did not encrypt the password, but I found that the ins login password of the current webpage was encrypted

ErrorxCode commented 5 months ago

Is this even an issue? Yess. The password is not encrypted as it is not needed. If you compare more, you will also find that the browser has 10 in its enc. password after the first colon. i.e #PWD_INSTAGRAM_BROWSER:10 followed by the enc. password. That's the version of encryption.

The Instagram web uses version 10 while JxInsta uses version 0 which does not require encryption.