Issue
$username = "login";
$password = "pass";
$cookie = $username.".txt";
$useragent = "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/50.0.2661.102 Chrome/50.0.2661.102 Safari/537.36";
$url = 'https://instagram.com/';
$arrSetHeaders = array(
"User-Agent: $useragent",
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Language: en-US,en;q=0.5',
'Accept-Encoding: deflate, br',
'Connection: keep-alive',
'cache-control: max-age=0'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $arrSetHeaders);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__)."/".$cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__)."/".$cookie);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POSTREDIR, 3);
$page = curl_exec($ch);
curl_close($ch);
echo $page;
sleep(5);
preg_match_all('/^Set-Cookie:\s*([^;]*)/mi', $page, $matches);
$cookieFileContent = '';
foreach($matches[1] as $item)
{
$cookieFileContent .= "$item; ";
}
$cookieFileContent = rtrim($cookieFileContent, '; ');
$cookieFileContent = str_replace('sessionid=; ', '', $cookieFileContent);
$oldContent = file_get_contents(dirname(__FILE__)."/".$cookie);
$oldContArr = explode("\n", $oldContent);
if(count($oldContArr)) {
foreach($oldContArr as $k => $line){
if(strstr($line, '# ')){
unset($oldContArr[$k]);
}
}
$newContent = implode("\n", $oldContArr);
$newContent = trim($newContent, "\n");
file_put_contents( dirname(__FILE__)."/".$cookie, $newContent);
}
preg_match('|csrftoken(.*)|', file_get_contents(dirname(__FILE__)."/".$cookie), $csrf);
$crf = trim($csrf[1]);
$arrSetHeaders = array(
"User-Agent: $useragent",
"X-CSRFToken: $crf",
"x-csrftoken: $crf",
'X-Instagram-AJAX: 1',
'X-Requested-With: XMLHttpRequest',
"Referer: https://instagram.com",
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'Accept-Language: en-US,en;q=0.5',
'Accept-Encoding: deflate, br',
'Connection: keep-alive',
'cache-control: max-age=0',
);
$post = array('username' => $username, 'password' => $password, 'csrfmiddlewaretoken' => $crf);
$url = 'https://instagram.com/accounts/login/ajax/';
curl_setopt($ch, CURLOPT_HTTPHEADER, $arrSetHeaders);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEJAR, dirname(__FILE__)."/".$cookie);
curl_setopt($ch, CURLOPT_COOKIEFILE, dirname(__FILE__)."/".$cookie);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_REFERER, 'https://instagram.com/');
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_POSTREDIR, 3);
$page = curl_exec($ch);
curl_close($ch);
var_dump($page);
returns bool(false)
what is wrong? how to log in instagram using curl request to accounts/login/ajax/
Solution
UPDATE:
I'm able to do a request in this way, i'm using curl.
I don't use any sort of cookie. Just the straight request
curl -H "Content-Type: application/x-www-form-urlencoded"
-H "Accept: */*"
-H "Accept-Encoding: gzip, deflate, br"
-H "Host: www.instagram.com"
-H "Origin: https://www.instagram.com"
-H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.2 Safari/605.1.15"
-H "Referer: https://www.instagram.com/accounts/login/"
-H "Connection: keep-alive"
-H "X-Requested-With: XMLHttpRequest"
-H "X-IG-WWW-Claim: 0"
-H "X-CSRFToken: $token"
--data "username=$us&enc_password=%23PWD_INSTAGRAM_BROWSER%3A0%3A$rand%3A$line&queryParams=%7B%7D&optIntoOneTap=false" --compressed "https://www.instagram.com/accounts/login/ajax/"
^^^ ^^^^^ ^^^^^
$token is a 32 LENGTH ALPHANUMERIC STRING
Example: ZHMFltOnFJZMPdXyFdCCTsJrzEfSmGCg
$us is the username in PLAIN ASCII TEXT
Example: myaccount
$rand is a 10 LENGTH DIGIT STRING
Example: 9719014829
$line is the password in PLAIN ASCII TEXT
Example: mypassword
There are 3 possibile responses if the username is correct
authenticated:true -> Password was ok
authenticated:false -> Password not ok
checkpoint_required -> Password ok but request was blocked, the user has 2FA or
the ip is blacklisted
:)
Answered By - simone Answer Checked By - Candace Johnson (WPSolving Volunteer)