Instagram: Login using a script/program


Mar 6, 2019
Reaction score
Hello everyone,

This is a general topic that is prolly broader than I will be stating. Since I am a skiddie, I decided to take a peek at potentially brute-forcing IG (I got bored) a while back. Anyways, my findings lead to several things and no, this wasn't for malicious purposes. I used my own account(s) for my 'tests'. First of all, there is what I call a 'hidden' login on their site. The path via the home URL is:


Of course I examined the source code and saw that it contained forms. Mech in like Perl I know can do the trick, but of course there was other things at play since we all know that nothing is that easy. I started to suspect that CSRF and JavaScript was at play which is why I abandoned my 'project' (?). Anyways, the reason why I am stating this is I have looked at Instagram's API, but was dismayed to see that they require you to send your program/app to the Instagram team themselves. This was on a whim at the time, but I am curious if there could be some potential/use for this? It is obvious that this is a workaround and if you look in the past, Instagram supposedly patched the vulnerability to disallow bruteforcing on accounts. I don't think they patched it 100% if that login exists. Any thoughts are welcomed.

~Regards _4