Finding ‘Interactsh’ servers with Shodan
Today, we explore Interactsh, an open-source tool for detecting out-of-band interactions. We’ll also provide exclusive Shodan hunting rules to uncover servers running Interactsh. Get ready to bolster your cybersecurity prowess, pinpointing vulnerabilities with unparalleled precision using these powerful tools. Let’s navigate this intricate cyber landscape together. Let the hunt begin!
Interactsh
Interactsh is a freely available, open-source tool engineered to identify out-of-band interactions and vulnerabilities resulting in such interactions. This platform offers an array of features including DNS/HTTP(S)/SMTP(S)/LDAP Interaction, client support for CLI, Web, Burp, ZAP, and Docker, and AES encryption with no logging. It also provides automatic ACME-based Wildcard TLS with auto-renewal, DNS entries for cloud metadata service, and dynamic HTTP response control.
For those who opt for self-hosting, Interactsh supports multiple domains, and includes an NTLM/SMB/FTP/RESPONDER listener. Furthermore, it offers customizable index and file hosting, payload length, and SSL certificates. It also has capabilities for wildcard and protected interactions.
Shodan Hunting Rules for Interactsh
| Query |
|---|
| http.html:”Interactsh” |
| http.title:”InteractSH self hosted server” |
| http.title:”Interactsh | Web Client” |
| ssl.jarm:”40d1db40d0000001dc43d1db1db43de0a012c76cf078b8d06f4620c2286f5e” |
| ssl.jarm:”3fd21b20d00000021c43d21b21b43de0a012c76cf078b8d06f4620c2286f5e” |
| ssl.ja3s:”fd45585efaa8bdce5097aa7539274dac” |
| product:”Interactsh HTTP Server” |
