Hey Folks, in this tutorial we are going to demonstrate a method using which you can easily take over the user’s Instagram account. Actually this is a minor weakness in Instagram’s website that allows us to embed any external URL with the official URL of Instagram and redirect users to the external site provided by us. Well now you will know everything by staying with us till the end.
Let’s move on 🙂 !!
So we can’t make much profit by embedding normal URL and we are writing this article specifically to takeover Instagram account so we need to create phishing URL of Instagram for which we will use advphishing tool. You can visit the below mentioned URL once for complete setup of advphishing tool. Just hold on tight to the phishing URL.
Grab Original URL of Instagram
Listen carefully 🙁 !! As we know that most of the Instagram users keep on adding some external sources to their Instagram profile as shown in the image below. So all you have to do is copy the hidden URL by double clicking on it.
Modify and Embedding
Now paste the entire copied URL in your notepad but in our case we are doing this all through kali linux for some reason. Ok 🙂 !! Just look at the highlighted part of the copied URL which we need to replace with our created phishing URL and after doing this the URL will look like shown in the picture. Now as you can see the URL does not look like any malicious URL and now anyone can click on it without much thought. Now it’s time to send the URL to the victim through fake social media handlers.
GOOD 🙂 !! Now as soon as the victim clicks on that URL, the phishing page will magically open on the victim’s device instead of the original page.
BOOOM 🙂 !! Now when the victim will enter the credentials to login to his account, in reality he will come to us.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.