Merge branch 'dev'

Author: ehsandeep

.github/docker/client/Dockerfile

@@ -1,13 +1,13 @@
 # Base
-FROM golang:1.20.4-alpine AS builder
+FROM golang:1.20.5-alpine AS builder
 RUN apk add --no-cache git build-base gcc musl-dev
 WORKDIR /app
 COPY . /app
 RUN go mod download
 RUN go build ./cmd/interactsh-client
 
 # Release
-FROM alpine:3.18.0
+FROM alpine:3.18.2
 RUN apk -U upgrade --no-cache \
     && apk add --no-cache bind-tools ca-certificates
 COPY --from=builder /app/interactsh-client /usr/local/bin/

.github/docker/server/Dockerfile

@@ -1,5 +1,5 @@
 # Base
-FROM golang:1.20.4-alpine AS builder
+FROM golang:1.20.5-alpine AS builder
 RUN apk add --no-cache git build-base gcc musl-dev
 WORKDIR /app
 COPY . /app
@@ -8,7 +8,7 @@ RUN go build ./cmd/interactsh-server
 
 
 # Release
-FROM alpine:3.18.0
+FROM alpine:3.18.2
 RUN apk -U upgrade --no-cache \
     && apk add --no-cache bind-tools ca-certificates python3 libffi curl \
     && apk add --no-cache --virtual .build-deps python3-dev py3-pip py3-wheel libffi-dev build-base \

.github/release.yml

@@ -0,0 +1,17 @@
+changelog:
+  exclude:
+    authors:
+      - dependabot
+  categories:
+    - title: 🎉 Features
+      labels:
+        - "Type: Enhancement"
+    - title: 🐞 Bugs
+      labels:
+        - "Type: Bug" 
+    - title: 🔨 Maintenance
+      labels:
+        - "Type: Maintenance" 
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/build-test.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest-16-cores, windows-latest-8-cores, macOS-latest]
+        os: [ubuntu-latest, windows-latest, macOS-latest]
     steps:
       - name: Set up Go
         uses: actions/setup-go@v4

.github/workflows/codeql-analysis.yml

@@ -12,7 +12,7 @@ on:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest-16-cores
+    runs-on: ubuntu-latest
     permissions:
       actions: read
       contents: read

.github/workflows/lint-test.yml

@@ -10,7 +10,7 @@ on:
 jobs:
   lint:
     name: Lint Test
-    runs-on: ubuntu-latest-16-cores
+    runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
@@ -19,7 +19,7 @@ jobs:
         with:
           go-version: 1.20.x
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v3.4.0
+        uses: golangci/golangci-lint-action@v3.6.0
         with:
           version: latest
           args: --timeout 5m

README.md

@@ -81,9 +81,11 @@ UPDATE:
    -duc, -disable-update-check  disable automatic interactsh-client update check
 
 OUTPUT:
-   -o string  output file to write interaction data
-   -json      write output in JSONL(ines) format
-   -v         display verbose interaction
+   -o string                         output file to write interaction data
+   -json                             write output in JSONL(ines) format
+   -ps, -payload-store               enable storing generated interactsh payload to file
+   -psf, -payload-store-file string  store generated interactsh payloads to given file (default "interactsh_payload.txt")
+   -v                                display verbose interaction
 
 DEBUG:
    -version            show version of the project

cmd/interactsh-client/main.go

@@ -7,6 +7,7 @@ import (
 	"os/signal"
 	"path/filepath"
 	"regexp"
+	"strings"
 	"time"
 
 	jsoniter "github.com/json-iterator/go"
@@ -70,6 +71,9 @@ func main() {
 	flagSet.CreateGroup("output", "Output",
 		flagSet.StringVar(&cliOptions.Output, "o", "", "output file to write interaction data"),
 		flagSet.BoolVar(&cliOptions.JSON, "json", false, "write output in JSONL(ines) format"),
+		flagSet.BoolVarP(&cliOptions.StorePayload, "payload-store", "ps", false, "write generated interactsh payload to file"),
+		flagSet.StringVarP(&cliOptions.StorePayloadFile, "payload-store-file", "psf", settings.StorePayloadFileDefault, "store generated interactsh payloads to given file"),
+
 		flagSet.BoolVar(&cliOptions.Verbose, "v", false, "display verbose interaction"),
 	)
 
@@ -138,9 +142,17 @@ func main() {
 		gologger.Fatal().Msgf("Could not create client: %s\n", err)
 	}
 
+	interactshURLs := generatePayloadURL(cliOptions.NumberOfPayloads, client)
+
 	gologger.Info().Msgf("Listing %d payload for OOB Testing\n", cliOptions.NumberOfPayloads)
-	for i := 0; i < cliOptions.NumberOfPayloads; i++ {
-		gologger.Info().Msgf("%s\n", client.URL())
+	for _, interactshURL := range interactshURLs {
+		gologger.Info().Msgf("%s\n", interactshURL)
+	}
+
+	if cliOptions.StorePayload && cliOptions.StorePayloadFile != "" {
+		if err := os.WriteFile(cliOptions.StorePayloadFile, []byte(strings.Join(interactshURLs, "\n")), 0644); err != nil {
+			gologger.Fatal().Msgf("Could not write to payload output file: %s\n", err)
+		}
 	}
 
 	// show all interactions
@@ -257,6 +269,14 @@ func main() {
 	}
 }
 
+func generatePayloadURL(numberOfPayloads int, client *client.Client) []string {
+	interactshURLs := make([]string, numberOfPayloads)
+	for i := 0; i < numberOfPayloads; i++ {
+		interactshURLs[i] = client.URL()
+	}
+	return interactshURLs
+}
+
 func writeOutput(outputFile *os.File, builder *bytes.Buffer) {
 	if outputFile != nil {
 		_, _ = outputFile.Write(builder.Bytes())

cmd/interactsh-server/main.go

@@ -142,8 +142,15 @@ func main() {
 
 	if cliOptions.IPAddress == "" && cliOptions.ListenIP == "0.0.0.0" {
 		publicIP, _ := getPublicIP()
-		gologger.Info().Msgf("Public IP: %s\n", publicIP)
 		outboundIP, _ := iputil.GetSourceIP("scanme.sh")
+
+		if publicIP == "" && outboundIP == nil {
+			gologger.Fatal().Msgf("Could not determine public IP address\n")
+		}
+		if publicIP == "" && outboundIP != nil {
+			publicIP = outboundIP.String()
+		}
+		gologger.Info().Msgf("Public IP: %s\n", publicIP)
 		gologger.Info().Msgf("Outbound IP: %s\n", outboundIP)
 		// it's essential to be able to bind to cliOptions.DnsPort on any of the two ips
 		bindableIP, err := iputil.GetBindableAddress(cliOptions.DnsPort, publicIP, outboundIP.String())

deploy/deploy.yaml

@@ -2,7 +2,7 @@
   become: true
   vars:
     container_name: "interactsh"
-    container_tag: "v1.1.2"
+    container_tag: "v1.1.5"
     container_image: "projectdiscovery/interactsh-server:{{container_tag}}"
     container_command: "-dr -d {{domain_name}} -metrics"
     certmagic_host_path: "/root/.local/share/certmagic"
@@ -12,7 +12,9 @@
       name: aptitude
       state: latest
       update_cache: true
-    tags: apt
+    tags:
+    - apt
+    - setup
 
   - name: Install required system packages
     apt:
@@ -28,32 +30,42 @@
       - gnupg
       state: latest
       update_cache: true
-    tags: apt
+    tags:
+    - apt
+    - setup
 
 
   - name: Add Docker GPG apt Key
     apt_key:
       url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg
       state: present
-    tags: docker
+    tags:
+    - docker
+    - setup
 
   - name: Add Docker Repository
     apt_repository:
       repo: deb https://download.docker.com/linux/{{ ansible_distribution | lower }}  {{ ansible_distribution_release }} stable
       state: present
-    tags: docker
+    tags:
+    - docker
+    - setup
 
   - name: Update apt and install docker-ce
     apt:
       name: docker-ce
       state: latest
       update_cache: true
-    tags: docker
+    tags:
+    - docker
+    - setup
 
   - name: Install Docker Module for Python
     pip:
       name: docker
-    tags: docker
+    tags:
+    - docker
+    - setup
 
   - name: Make sure certmagic directory is created
     file:
@@ -67,7 +79,9 @@
     community.docker.docker_image:
       name: "{{ container_image }}"
       source: pull
-    tags: deploy
+    tags:
+    - deploy
+    - pull
 
   - name: Launch interactsh docker container
     community.docker.docker_container:
@@ -77,9 +91,11 @@
       memory: "4g"
       memory_swap: "-1"
       network_mode: host
-      restart: true
+      restart: true # always restart the container
       restart_policy: "unless-stopped"
       volumes:
       - "{{certmagic_host_path}}:{{certmagic_host_path}}"
       state: started
-    tags: deploy
+    tags:
+    - deploy
+    - test

go.mod

@@ -6,29 +6,29 @@ require (
 	git.mills.io/prologic/smtpd v0.0.0-20210710122116-a525b76c287a
 	github.com/Mzack9999/ldapserver v1.0.2-0.20211229000134-b44a0d6ad0dd
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
-	github.com/caddyserver/certmagic v0.17.2
+	github.com/caddyserver/certmagic v0.18.2
 	github.com/docker/go-units v0.5.0
 	github.com/goburrow/cache v0.1.4
 	github.com/google/uuid v1.3.0
 	github.com/json-iterator/go v1.1.12
 	github.com/libdns/libdns v0.2.1
 	github.com/mackerelio/go-osstat v0.2.4
-	github.com/miekg/dns v1.1.54
+	github.com/miekg/dns v1.1.55
 	github.com/pkg/errors v0.9.1
 	github.com/projectdiscovery/asnmap v1.0.4
-	github.com/projectdiscovery/goflags v0.1.8
+	github.com/projectdiscovery/goflags v0.1.10
 	github.com/projectdiscovery/gologger v1.1.10
-	github.com/projectdiscovery/retryabledns v1.0.24
-	github.com/projectdiscovery/retryablehttp-go v1.0.16
-	github.com/projectdiscovery/utils v0.0.32
+	github.com/projectdiscovery/retryabledns v1.0.30
+	github.com/projectdiscovery/retryablehttp-go v1.0.18
+	github.com/projectdiscovery/utils v0.0.39
 	github.com/remeh/sizedwaitgroup v1.0.0
 	github.com/rs/xid v1.5.0
-	github.com/stretchr/testify v1.8.3
+	github.com/stretchr/testify v1.8.4
 	github.com/syndtr/goleveldb v1.0.0
 	go.uber.org/multierr v1.11.0
 	go.uber.org/ratelimit v0.2.0
 	go.uber.org/zap v1.24.0
-	goftp.io/server/v2 v2.0.0
+	goftp.io/server/v2 v2.0.1
 	gopkg.in/corvus-ch/zbase32.v1 v1.0.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -54,16 +54,17 @@ require (
 	github.com/google/go-github/v30 v30.1.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/gorilla/css v1.0.0 // indirect
-	github.com/klauspost/cpuid/v2 v2.1.1 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
 	github.com/logrusorgru/aurora v2.0.3+incompatible // indirect
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/mattn/go-runewidth v0.0.14 // indirect
-	github.com/mholt/acmez v1.0.4 // indirect
+	github.com/mholt/acmez v1.2.0 // indirect
 	github.com/mholt/archiver v3.1.1+incompatible // indirect
-	github.com/microcosm-cc/bluemonday v1.0.23 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.24 // indirect
 	github.com/minio/selfupdate v0.6.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
@@ -81,15 +82,15 @@ require (
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/yuin/goldmark v1.5.4 // indirect
 	github.com/yuin/goldmark-emoji v1.0.1 // indirect
-	go.uber.org/atomic v1.10.0 // indirect
-	golang.org/x/crypto v0.7.0 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
+	golang.org/x/crypto v0.10.0 // indirect
 	golang.org/x/exp v0.0.0-20230315142452-642cacee5cc0 // indirect
-	golang.org/x/mod v0.9.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.9.0 // indirect
-	golang.org/x/tools v0.7.0 // indirect
+	golang.org/x/mod v0.11.0 // indirect
+	golang.org/x/net v0.11.0 // indirect
+	golang.org/x/oauth2 v0.9.0 // indirect
+	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/text v0.10.0 // indirect
+	golang.org/x/tools v0.10.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/djherbis/times.v1 v1.3.0 // indirect