Closed vrechson closed 1 week ago
Thanks so much for your contribution @vrechson , we appreciate it!
We also have a Discord server, which you’re more than welcome to join. It's a great place to connect with fellow contributors and stay updated with the latest developments!
@vrechson Thanks for this PR. Could you describe a bit more the use case of this functionality? Are you using interactsh within a pipeline or as SDK? In the second case maybe a callback system would be more functional, allowing to customize the behavior dynamically?
@vrechson Thanks for this PR. Could you describe a bit more the use case of this functionality? Are you using interactsh within a pipeline or as SDK? In the second case maybe a callback system would be more functional, allowing to customize the behavior dynamically?
Example: You are in a pentest and are asked to demonstrate the impact of a RCE in an enviroment where there is only DNS outbound. With this option you can exfiltrate a file such as /etc/passwd
encoded in hex or base64 using multiple DNS interactions and it will concatenate the content back into a file.
Hello, I created the
-ed
option to exfiltrate data. When enabled, it will analyze every DNS request and look for the following pattern:content.filename.extension.interactshdomain.tld
. When the pattern matches, it will append every content sent tofilename.extension
, which means that changing this subdomains you may exfiltrate different files. I also added an example in the readme and the-silent
option that will only hide the banner.