bugsel
commented
4 years ago @PappaPaj Hello, I want to know if you ran a generation enc_password on python?
Open pjsny opened 4 years ago
bugsel
commented
4 years ago @PappaPaj Hello, I want to know if you ran a generation enc_password on python?
Nerixyz
commented
4 years ago Node-JS code to generate header:
You're using an external library. Why? Node has native libraries for this. And all this array magic can be abstracted away using Buffers:
function encrypt({password, publicKey, publicKeyId}) {
const time = Date.now().toString();
const key = crypto.pseudoRandomBytes(32);
const iv = Buffer.alloc(12, 0);
const cipher = crypto.createCipheriv('aes-256-gcm', key, iv).setAAD(Buffer.from(time));
const aesEncrypted = Buffer.concat([cipher.update(Buffer.from(password)), cipher.final()]);
const authTag = cipher.getAuthTag();
const encryptedKey = seal(key, Buffer.from(publicKey, 'hex'));
return {
encrypted: Buffer.concat([
Buffer.from([
1,
Number(publicKeyId),
encryptedKey.byteLength & 255,
(encryptedKey.byteLength >> 8) & 255,
]),
encryptedKey,
authTag,
aesEncrypted,
]).toString('base64'),
time,
};
}
function generateEncPassword({password, publicKey, publicKeyId, encryptionVersion}) {
const { encrypted, time } = encrypt({password, publicKey, publicKeyId});
return `#PWD_INSTAGRAM_BROWSER:${encryptionVersion}:${time}:${encrypted}`;
}seal() is a function from tweetnacl-sealed-box.
belotserkovtsev
commented
4 years ago @Nerixyz doesn't work for me. has anything changed since march?
Alkaymary
commented
4 years ago how I can Make ENC _Password In C#
Thanks
rephlex187
commented
4 years ago @Nerixyz doesn't work for me. has anything changed since march?
Works great, logging in successfully using it
belotserkovtsev
commented
4 years ago @Nerixyz doesn't work for me. has anything changed since march?
Works great, logging in successfully using it
yeah i got it right already. had an issue with NaCl
Nawaf-AlKhaldi
commented
4 years ago Hi Guys i really dont have any knowledge in Python,php,node.js. Can someone write the code in C# or Vb.net i will really appreciate it. Thanks <3
pgrimaud
commented
4 years ago Hello,
I found a temporary workaround : https://github.com/pgrimaud/instagram-user-feed/commit/96ad4cf54d1ad331b337f325c73e664999a6d066
$enc_password = '#PWD_INSTAGRAM_BROWSER:0:' . time() . ':' . $password;Could you try it on your way?
cobrah819
commented
4 years ago 
Andromeda606
commented
3 years ago hi! The best way to block encryption is not to use it :)
The way Instagram uses to prepare the password is very simple.
Here, if you set the TYPE part to 0, you can enter it without a password.
thank you
{PLAINTEXT:'0',ROTATED_ENCRYPT:'6',FALLBACK_ENCRYPT:'9'}
isukantacs
commented
3 years ago hi! The best way to block encryption is not to use it :)
The way Instagram uses to prepare the password is very simple.
thank you
{PLAINTEXT:'0',ROTATED_ENCRYPT:'6',FALLBACK_ENCRYPT:'9'}
What does the last part means? Can you please clarify?
Andromeda606
commented
3 years ago hi! The best way to block encryption is not to use it :) The way Instagram uses to prepare the password is very simple. thank you {PLAINTEXT:'0',ROTATED_ENCRYPT:'6',FALLBACK_ENCRYPT:'9'}
What does the last part means? Can you please clarify?
{PLAINTEXT:'0',ROTATED_ENCRYPT:'6',FALLBACK_ENCRYPT:'9'}
PLAINTEXT = your regular password ROTATED_ENCRYPT = inverted encryption using aes + base64 to your regular password FALLBACK_ENCRYPT = Encryption using special encryption to your normal password
0 = type (0,6 or 9) 1111 = current timestamp thisispassword = your password
The current instagram api has an enc_password header passed in the register request. Although it is not necessary yet I think that instagram might be using this value to filter bot accounts.
Encryption uses a public key, "f5a1fdb4e2e032e5d3b42c3350d69918eebdb640e2f9cc0fe1fc55cd7800cf30" and also a public key version number, "245"
Node-JS code to generate header: https://pastebin.com/raw/nYL2W2bG (The code above has an extra function used to grab the public key)