This post will walkthrough running a Python scrip (Toutatis) in Gitpod that will find information on an Instagram account such as a partial email or phone number that is privately registered with the account. Once you have the partial email, you can make an educated guess about the full email and then search for it in a data breach website to see if such an email does exist.
We will use the Toutatis Python Script written by Megadose and can be obtained from https://github.com/megadose/toutatis.
Recall that a previous post Find if A Phone has an Instagram Account, showed how to use a Python script (Ignorant) to find out if a phone number was registered with an unidentified account on Instagram.
So if you start with a phone and run the script, you will know there is an account out there and therefore you can go look for an account that you think is used by the phone’s owner. Once you find an account you can now use this new script (Toutatis) to confirm if you found the right one by checking if the account is registered to the same phone number with which you started.
Before running Toutatis we must get our Instagram SessionID and then the second is to run the actual script.
Get Instagram SessionID
Open instagram and then right-click and choose “inspect” from the dropdown menu
Then (this is for chrome but it is similar for other browsers) click on Application, then the down arrow next to Cookies, and then http://www.instagram…
The SessionID is 2nd down in the menu in the middle. Double click on it to make it copy-able.
1 – Log into github.com and gitpod.io (for first-time users, registering is quick and easy)
2 – Open a new tab and type in the url:
You will see something like this image on your screen for about 1 minute:
Then this screen will appear:
If this screen above does not appear after 5 minutes, you can change your default IDE which will usually fix the problem. See the Trouble Shooting Section at the bottom for how to change your default IDE.
3 – Then type:
sudo python3 setup.py install
4 – type the command
“toutatis -u USERNAME -s SESSIONID”
But replace USERNAME with the username and SESSIONID with the session id
So I will be using the username paulwalker1 and the sessionid 26902806300%3ANXEuxHSiGWtS1F%3A10. So as you see in the screenshot below, I will type:
“toutatis -u paulwalker1 -s 26902806300%3ANXEuxHSiGWtS1F%3A10 “
5 – And my results include a partial of a private email and a private phone number
(I have blocked them out with red for the sake of the user’s privacy)
I know that the number of * in the partials correlates to the correct number of hidden characters so I can make an educated guess about the email and phone.
Now you can guess the email and verify if it exists or not by searching for it in a data breach website. You could also use the Profil3r script to search for social media accounts and email addresses that use the same username (see walkthrough in the post titled Python for OSINT: Find If a Username is listed as an Email or Social Media Account).
You can guess the phone number and check it in Trucaller (trucaller.com), a callerid database (calleridservice.com), or people-searching website (truepeoplesearch.com). These websites would tell you if the phone exists and then who owns it. To help confirm that you have the right phone number, it would be good to go back to the Ignorant script ( Find if A Phone has an Instagram Account) to make sure that the phone number you guessed does in fact have an Instagram account.
See below if you were having trouble logging into your virtual environment.
Trouble Shooting Section
If your computer keeps running for more than 5 minutes when you try to set up a virtual environment, then:
1 – open a new tab and log into gitpod.
2 – go to settings
3 – then preferences
4 – then switch the IDE on the right, sometimes VS Code works better, sometimes Theia
That should help