iPhone Phone Farm

I have already automated these apps via real devices on iOS and my clients enjoy good results. I do not recommend using any emulation of any kind. It is very easily detectable, that goes for both iOS and Android.



I am looking into Xcode and Xcui for web app for Instagram automation with Appium and cannot get it work. to start up recording, build or whatsoever it needs a valid executable which I don't have since i am not building an app. is there any way to launch Safari as the app and then record it and run tests? i want use Appium.



would i have to create a quick application that holds a web view in the app, that launches to my respective web page.?

I can write automated tests for this app which will simply land you on my web page
I will not have access to elements, like table views, cells, or anything in the XCUIelement tree
I will have to do everything based on frames and coordinates
I can determine where all your elements are and set them up as variables and call them like this:


XCUIApplication().windows.element(boundBy: 0).coordinate(withNormalizedOffset: CGVector(dx: 0.5, dy: 0.30))`


Is this the right Path ?
 
I have already automated these apps via real devices on iOS and my clients enjoy good results. I do not recommend using any emulation of any kind. It is very easily detectable, that goes for both iOS and Android.
Hello, could you contact me on telegram?

@investorBCD

I need your help.
 
Forgive my language but there is no other way to express this: It was a shitty solution. Beyond shit. & A huge pain in the ass for the entire duration we ran it for. It's a novice solution for people that don't know how to do it right, especially if you're trying to scale to fill / send tens of millions of instagram likes or tens of millions of instagram followers using them.

It just doesn't work or make sense to do using iPhones. The reason we stopped is because we became more advanced and switched to using Pi's, and then eventually, switched to 4x Ubuntu 32-core servers which now perform and send the same amount of actions equivalent to thousands of iPhones. So 1x server = roughly 1452 iphones.

Our evolution chain was:
- Bypassing SSL Pinning and hooking the Instagram iOS app via tweaks to intercept and replicate requests. That way 1x iPhone would become 5-6x iPhones because it would run 5-6 accounts at the same time and simply replace the POST / GET data relative to simultaneous account data. AutoTouch would be active on runtime. & we even hooked certain functions to disable post loading and used uiopen:// to speed up the load posts process. Ex: uiopen://instagram?mediaid=1

- Eventually got rid of all iPhones, switched to a ton of raspberry PI 4b+'s. Horrible solution and investment. The code would run on each pi and it would virtualize all of the requests, however, each pi could barely support more than 2-3x dongles and would constantly need daily reboots.

- Present day. We got rid of all PI's and all iPhones. We no longer run our own proxy farm and have setup strategic deals with good 4G proxy providers. We use a custom web & iOS API back-end that I built. All requests are sent through it and we're scaling creation / setup / fulfillment to run around 1,300,000 Instagram accounts per month. Hoping to simultaneously control / run 10,000,000+ IG accounts at the same time in the next 3-6 months max.

We've wasted $400k+ USD trying to figure the above out ^ It's definitely nostalgic to hear people talking about using physical iPhone automation lol.
Now running on Android? Proxy or sim card?
 
If jailbreak aren't allowed from big app what should i do:
1-use Chrome's Dev Tools with remote debugging enabled .


2- using a jailbroken iPhone.
Remove the sim/turn on airplane mode, we need all data to be routed through our network. configure the device to use WiFi, it should be the same network as your PC/Mac. Configure the testing device's proxy to be your PC/Mac internal IP address, on port 8080 where you'll be acting as a man-in-the-middle for all HTTP/S requests
Install Burp Suite, OWASP ZAP, or Fiddler on your PC/Mac. These are intercepting proxies that will allow you to intercept, log, and manipulate the requests from your smart phone's wifi connection and the remote servers, capturing all the traffic from an application.
Generate a root certificate with Burp Suite, install it on your iPhone. I will need to find a way to get the device to trust user-provided self-signed certificates with the same level of trust as other system certificates. This is necessary in order to decrypt the applications encrypted HTTPS requests, which nearly all applications use.
Fire up the application and use it, start analyzing the requests and seeing what you can learn.
Back to the point, awesome progress Lucky. Very inspirational.

Should i go for Path 1/2?
I'm at the same point as you !
 
I have already automated these apps via real devices on iOS and my clients enjoy good results. I do not recommend using any emulation of any kind. It is very easily detectable, that goes for both iOS and Android.
don’t recommend him, we paid around $2k and it’s super unstable
 
Forgive my language but there is no other way to express this: It was a shitty solution. Beyond shit. & A huge pain in the ass for the entire duration we ran it for. It's a novice solution for people that don't know how to do it right, especially if you're trying to scale to fill / send tens of millions of instagram likes or tens of millions of instagram followers using them.

It just doesn't work or make sense to do using iPhones. The reason we stopped is because we became more advanced and switched to using Pi's, and then eventually, switched to 4x Ubuntu 32-core servers which now perform and send the same amount of actions equivalent to thousands of iPhones. So 1x server = roughly 1452 iphones.

Our evolution chain was:
- Bypassing SSL Pinning and hooking the Instagram iOS app via tweaks to intercept and replicate requests. That way 1x iPhone would become 5-6x iPhones because it would run 5-6 accounts at the same time and simply replace the POST / GET data relative to simultaneous account data. AutoTouch would be active on runtime. & we even hooked certain functions to disable post loading and used uiopen:// to speed up the load posts process. Ex: uiopen://instagram?mediaid=1

- Eventually got rid of all iPhones, switched to a ton of raspberry PI 4b+'s. Horrible solution and investment. The code would run on each pi and it would virtualize all of the requests, however, each pi could barely support more than 2-3x dongles and would constantly need daily reboots.

- Present day. We got rid of all PI's and all iPhones. We no longer run our own proxy farm and have setup strategic deals with good 4G proxy providers. We use a custom web & iOS API back-end that I built. All requests are sent through it and we're scaling creation / setup / fulfillment to run around 1,300,000 Instagram accounts per month. Hoping to simultaneously control / run 10,000,000+ IG accounts at the same time in the next 3-6 months max.

We've wasted $400k+ USD trying to figure the above out ^ It's definitely nostalgic to hear people talking about using physical iPhone automation lol.
Aware this was a while ago but I'm wondering if you could give me some good sources for learning how to build a system like yours. I'm a computer science graduate, relatively good coder and system architect but where I really shine is just learning every little autistic detail of these technologies to build the most efficient system. Only problem I'm having with building an instagram bot network is finding sufficient resources for information on how bot detection/automating emulators or physical devices/best proxy practices etc. etc.. If you would be willing to give me some info or even point me in the right direction I'd really appreciate it.
 
Yeah we ran into a similar issue where IG wiped all of our accounts around last January. Was a very painful situation and we barely survived (near-bankruptcy).

I replicate every single request now, including logging_client_events etc.

& am forced to update the code every 2 weeks :(, it's a constant battle.

Our entire team is just me and my business partner. It's hard to find competent coders.
I'm just curious about one thing in all your reverse engineering journey and I have been finding the answer to this question since few months or more.
How do you reverse engineer the enc_password field for IG?
I mean where can I learn to reverse engineer stuff like that?
 
Forgive my language but there is no other way to express this: It was a shitty solution. Beyond shit. & A huge pain in the ass for the entire duration we ran it for. It's a novice solution for people that don't know how to do it right, especially if you're trying to scale to fill / send tens of millions of instagram likes or tens of millions of instagram followers using them.

It just doesn't work or make sense to do using iPhones. The reason we stopped is because we became more advanced and switched to using Pi's, and then eventually, switched to 4x Ubuntu 32-core servers which now perform and send the same amount of actions equivalent to thousands of iPhones. So 1x server = roughly 1452 iphones.

Our evolution chain was:
- Bypassing SSL Pinning and hooking the Instagram iOS app via tweaks to intercept and replicate requests. That way 1x iPhone would become 5-6x iPhones because it would run 5-6 accounts at the same time and simply replace the POST / GET data relative to simultaneous account data. AutoTouch would be active on runtime. & we even hooked certain functions to disable post loading and used uiopen:// to speed up the load posts process. Ex: uiopen://instagram?mediaid=1

- Eventually got rid of all iPhones, switched to a ton of raspberry PI 4b+'s. Horrible solution and investment. The code would run on each pi and it would virtualize all of the requests, however, each pi could barely support more than 2-3x dongles and would constantly need daily reboots.

- Present day. We got rid of all PI's and all iPhones. We no longer run our own proxy farm and have setup strategic deals with good 4G proxy providers. We use a custom web & iOS API back-end that I built. All requests are sent through it and we're scaling creation / setup / fulfillment to run around 1,300,000 Instagram accounts per month. Hoping to simultaneously control / run 10,000,000+ IG accounts at the same time in the next 3-6 months max.

We've wasted $400k+ USD trying to figure the above out ^ It's definitely nostalgic to hear people talking about using physical iPhone automation lol.
What you guys doing all those thousand of millions of IG accounts? selling or marketing? long ago i did myspace but right now how many guys knows about it !!
 
I'm just curious about one thing in all your reverse engineering journey and I have been finding the answer to this question since few months or more.
How do you reverse engineer the enc_password field for IG?
I mean where can I learn to reverse engineer stuff like that?
you just decompile the binary, and read the code, and learn what it does, you can find bugs, hiddens things, how the software really works,
but it is not easy at all, it takes time, because some softwares use obfuscation, encryption, and other measure to slow you and make you give up.
to do it you just need to use the right softwares, like ida pro for example, and you should know the assembly code if the software is running on intel on windows as an example, you should be familiar with assembly, executable format win32 in this case.
everything is on the web.
this is just an example, but the same concept apply for every platform.
 
You recommend selling the iphones and getting androids instead? If so, which Androids?

Huawei (brand)

Don't use Android phones if you want to automate things.

Android allows to transfer very sensitive device date to the app owners to detect your automation (IMEI, MAC address, DeviceID, local IP address, WiFi networks your neighbors use, several Google IDs, ...)
 
Don't use Android phones if you want to automate things.

Android allows to transfer very sensitive device date to the app owners to detect your automation (IMEI, MAC address, DeviceID, local IP address, WiFi networks your neighbors use, several Google IDs, ...)
I like to use Huawei phones

Because Huawei is so cool
 
Don't do it.

As written above:
Hey, I've been doing research on a project im starting and ive found you to be quite knowledge on BHW. I'm mass managing fan accounts on tiktok,youtube,and instagram accounts to mass distribute short form content for creators, coaches, and podcasts. I'm looking for the most optimal setup to grow the accounts quickly and cost effectively. From what I can tell you know a thing or two related to this so I would love if you could give me some pointers. I am willing to pay for you time and expertise if you can help me
 
This is why I dont use that shitty overpriced iPhone. I ditched Apples products since 2011. I was an Apple fanboy before that.

With Android phones you can do this easily.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock