interactsh v1.0.5 releases: Open-Source Solution for Out of band Data Extraction
interactsh
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example – Blind SQLi, Blind CMDi, SSRF, etc.
Features
- DNS/HTTP/SMTP Interaction support
- CLI Client / Web Dashboard support
- AES encryption with zero logging
- Automatic ACME based Wildcard TLS w/ Auto-Renewal
- SELF Hosting version support
A hosted instance of the service with WEB UI is available here.
Use
interactsh-client -h
This will display help for the tool. Here are all the switches it supports.
| Flag | Description | Example |
|---|---|---|
| n | Number of interactable URLs to generate (default 1) | interactsh-client -n 2 |
| persistent | Enables persistent interactsh sessions | interactsh-client persistent |
| poll-interval | Number of seconds between each poll request (default 5) | interactsh-client -poll-interval 1 |
| url | URL of the interactsh server (default “hxxps://interact.sh”) | interactsh-client -url hxxps://example.com |
| json | Show JSON output | interactsh-client -json |
| o | Store interaction logs to file | interactsh-client -o logs.txt |
| v | Show verbose interaction | interactsh-client -v |
Changelog v1.0.5
- Added support for multi-domain use in interactsh server by @Mzack9999 in #286
- Added support to run interact server behing nginx proxy by @dhd0004 in #272
- Added wildcard acao header to work with web client by @ehsandeep in #291
- Fixed bug in DNS server to support Cloud VM’s @Mzack9999 in #309
- Fixed bug in DNS server to capture case-insensitive interactions by @pulse-michaelfincham in #305
Download
Copyright (c) 2021 ProjectDiscovery, Inc Permission
