Interactsh : An OOB Interaction Gathering Server And Client Library

Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example – Blind SQLi, Blind CMDi, SSRF, etc.

Features

  • DNS/HTTP/SMTP Interaction support
  • CLI Client / Web Dashboard support
  • AES encryption with zero logging
  • Automatic ACME based Wildcard TLS w/ Auto Renewal
  • SELF Hosting version support

A hosted instance of the service with WEB UI is available at https://interact.projectdiscovery.io.

Note: As hosted version doesn’t store anything locally, restarting server for maintenance / unexpected server crash / updates will result into loss of previous data.

Installing Interactsh Client

Interactsh Client requires go1.15+ to install successfully. Run the following command to get the repo –

GO111MODULE=on go get -v github.com/projectdiscovery/interactsh/cmd/interactsh-client

Usage

interactsh-client -h

This will display help for the tool. Here are all the switches it supports.

FlagDescriptionExample
nNumber of interactable URLs to generate (default 1)interactsh-client -n 2
persistentEnables persistent interactsh sessionsinteractsh-client persistent
poll-intervalNumber of seconds between each poll request (default 5)interactsh-client -poll-interval 1
urlURL of the interactsh server (default “hxxps://interact.sh”)interactsh-client -url hxxps://example.com
jsonShow JSON outputinteractsh-client -json
oStore interaction logs to fileinteractsh-client -o logs.txt
vShow verbose interactioninteractsh-client -v

Running Interactsh Client

This will generate single URL that can be used for interaction.

interactsh-client
() / /_ __ / // /_
/ / _ \/ / \/ / ‘/ / / / \
/ / / / / // / / / // / // /(_ ) / / /
/// //_/___// _,/__/__//
/ /_/ v0.0.1
projectdiscovery.io
[INF] Listing 1 URL for OOB Testing
[INF] c23b2la0kl1krjcrdj10cndmnioyyyyyn.interact.sh
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received DNS interaction (A) from 172.253.226.100 at 2021-26-26 12:26
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received DNS interaction (AAAA) from 32.3.34.129 at 2021-26-26 12:26
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received HTTP interaction from 43.22.22.50 at 2021-26-26 12:26
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received DNS interaction (MX) from 43.3.192.3 at 2021-26-26 12:26
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received DNS interaction (TXT) from 74.32.183.135 at 2021-26-26 12:26
[c23b2la0kl1krjcrdj10cndmnioyyyyyn] Received SMTP interaction from 32.85.166.50 at 2021-26-26 12:26

Sending Interaction to Discord,Slack,Telegram with Notify

interactsh-client | notify

Setting up self-hosted instance

  • Start with setting up Debian box, Debian is required as you need to setup your own Name servers.
  • Navigate to https://dcc.godaddy.com/manage/{{domain}}/dns/hosts > Advanced Features > Host names, add ns1 and ns2 as hostnames with the IP of your server.
  • Navigate to https://dns.godaddy.com/{{domain}}/nameservers > Enter my own nameservers (advanced) > Add ns1.{{domain}} and ns2.{{domain}} as name servers.
  • Installing interactsh-server on your server.

GO111MODULE=on go get -v github.com/projectdiscovery/interactsh/cmd/interactsh-server

  • Starting interactsh-server, to ensure server is always running in the background, make sure to start the server in the screen session.

interactsh-server -domain {{Domain}} -hostmaster admin@{{Domain}} -ip {{Server_IP}}


interactsh-server -domain example.com -hostmaster admin@example.com -ip XX.XX.XX.XX

Server setup should be completed with this, now client can be used to generate your own payloads.

  • Installing interactsh-client for using interactsh service.

GO111MODULE=on go get -v github.com/projectdiscovery/interactsh/cmd/interactsh-client

  • Running interactsh-client with self-hosted domain.

interactsh-client -url https://example.com

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

14 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

14 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

14 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

14 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

15 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

18 hours ago