.png)
1 week ago
32 BOOK THIS SPACE FOR AD
ARTICLE AD
- EC2 instance / VPS
- DNS RecordsSetting up the serverSetting up the web application (Optional)
- Web application setup
- Nginx Reverse ProxyUsing the web application
Interactsh is an open-source tool for detecting out-of-band interactions. It is a tool designed to detect vulnerabilities that cause external interactions.
This guide walks you through setting up a private Interact.sh server on a subdomain, along with deploying its web application.
With just an AWS EC2 or VPS instance and a domain, you can create a robust solution tailored to your needs.
AWS EC2 / VPS with a static IPOwn domain name or a subdomainEC2 instance / VPS
Start with creating a security group/firewall rules that allow inbound connections for next ports:
DNS: UDP port 53.HTTP: TCP port 80.HTTPS: TCP port 443.SMTP: TCP ports 25 and 587.SMTPS: TCP port 465.Alternative HTTPs: TCP 8443 (Optional. For interact.sh web app)Launch an EC2 instance that utilizes this security group. Attach an Elastic IP to this EC2 machine.
DNS Records
Head to your DNS provider. In my case it was Namecheap. Buy a domain you like. Head to domain settings -> advanced DNS.
This time I decided to use the next subdomains for my interact.sh setup:
interact.domain.tld — interact.sh server itself, so the payloads would look like “<payload>.interact.domain.tld”ns1.interact.domain.tld — subdomain for a nameserverinteractapp.domain.tld (optional) — subdomain to set up interact.sh web clientTherefore, the next DNS records should be added:
A Record for “ns1.interact” pointing to the Elastic IPNS Record for “interact” pointing to ns1.interact.domain.tldA Record for “interactapp” pointing to the Elastic IP where the web application will be hosted (optional)Log in to the EC2 machine.
Install Go:
sudo apt install golangDownload the latest interact.sh server go binary from: https://github.com/projectdiscovery/interactsh
go install -v github.com/projectdiscovery/interactsh/cmd/interactsh-server@latestNext, set up a system service that runs this binary:
nano /etc/systemd/system/interactsh.serviceAs a TOKEN you may use any random string.
Description=InteractShAfter=network.target
[Service]
ExecStart=/home/ubuntu/go/bin/interactsh-server -domain interact.domain.tld -t TOKEN -cidl 5 -cidn 6
Restart=always
User=root
Group=root
Environment=PATH=/usr/bin:/bin:/usr/local/bin
WorkingDirectory=/home/ubuntu/go/bin
[Install]
WantedBy=multi-user.target
You can add additional parameters to the ExecStart. For example, I use -cidl and -cidn to make the payloads shorter.
Instead of parameters, you could also use a config file, the default config is at /home/ubuntu/.config/interactsh-server/config.yaml.
In this case, just specify the -config <path> parameter.
Start the server. The HTTPS certificates would be added automatically:
sudo systemctl enable interactshsudo systemctl start interactsh
From now you can already use the CLI client, Burp Extensions, or publicly hosted web client:
Web application setup
Interactsh-web is a free and open-source web client that displays Interactsh interactions in a well-managed dashboard in your browser. It uses the browser’s local storage to store and display interactions.
You may use a separate EC2/VPS or use the same one.
Clone the latest version of the web application from GitHub and build the image:
git clone https://github.com/projectdiscovery/interactsh-web.gitcd interactsh-web
sudo docker build -m=1400m -t interactshwebserv .
After the image build is complete, you may start the container with your presets, so you can just open the web app at <http://YOUR_IP:3000> and use it instantly:
sudo docker run -e REACT_APP_HOST=interact.domain.tld \-e REACT_APP_CIDL=5 -e REACT_APP_CIDN=6 \
-e REACT_APP_TOKEN=<YOUR_TOKEN> -m=1400m \
-it -p 0.0.0.0:3000:3000 interactshwebserv
However, exposing the application to the Internet is a bad idea, as no authentication mechanisms are present and the port is plain HTTP. Do not use 0.0.0.0 or filter the 3000 port with the firewall.
Nginx Reverse Proxy
As a workaround, to enable authentication you may use nginx reverse proxy with basic auth:
#Install apache-utilssudo apt-get install apache2-utils
# Create a user
htpasswd -c .htpasswd admin
#Install certbot
sudo apt install certbot python3-certbot-nginx
#Get an HTTPS certificate for interactapp subdomain:
sudo certbot certonly -d interactapp.domain.tld
>Spin up a temporary webserver (standalone)
#Copy the certificates
sudo cp /etc/letsencrypt/live/interactapp.doman.tld/fullchain.pem .
sudo cp /etc/letsencrypt/live/interactapp.doman.tld/privkey.pem .
Run the nginx container:
sudo docker run - name nginx-basic-auth-proxy \-v $(pwd)/.htpasswd:/etc/nginx/.htpasswd:ro \
-v $(pwd)/fullchain.pem:/etc/nginx/ssl/fullchain.pem:ro \
-v $(pwd)/privkey.pem:/etc/nginx/ssl/privkey.pem:ro \
-p 8443:443 -d nginx
Open a shell inside the nginx container:
sudo docker exec -it nginx-basic-auth-proxy bashEdit the nginx configuration:
nano /etc/nginx/conf.d/default.confReplace YOR_WEB_APP_CONTAINER_IP with the container/host address with the web application.
As a quick and dirty way, you may just proceed with the docker host IP (172.17.0.1), as the 3000 port of the interact-sh web application is exposed within the 0.0.0.0. Otherwise, use the IP of the interactsh-web container created on the previous step.
Once again: do not expose 3000 port to the Internet.
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
proxy_pass http://<YOUR_WEB_APP_CONTAINER_IP>:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Now, reload the nginx:
sudo docker exec -it nginx-basic-auth-proxy nginx -s reloadVisit https://interactapp.domain.tld:8443, and log in with the credentials you’ve added to .htpasswd:
After logging in you may use your application right away, as all presets were done at the web application startup:
Bengali (Bangladesh) · 
English (United States) ·