Skip to main content

Crate interactsh

Crate interactsh 

Source
Expand description

Async Rust client for out-of-band interaction servers.

Register a unique URL, inject it into scan targets, then poll for callbacks. Detects blind vulnerabilities (SSRF, blind XSS, DNS exfiltration) that produce no visible response but trigger outbound requests to your interaction server.

use interactsh::{InteractshClient, ClientConfig, InteractionContext};

let client = InteractshClient::new(ClientConfig::default()).await?;
let url = client.generate_url(
    InteractionContext::new("my-scan").with_attribute("scanner", "demo")
)?;
// inject url.url into your target...
let interactions = client.poll().await?;
for hit in &interactions {
    println!("callback: {}", hit.event.protocol);
}

Re-exports§

pub use payload_helpers::blind_cmdi_payloads;
pub use payload_helpers::blind_sqli_payloads;
pub use payload_helpers::blind_ssrf_payloads;
pub use payload_helpers::blind_xss_payloads;
pub use payload_helpers::blind_xxe_payloads;
pub use payload_helpers::SqliDialect;

Modules§

payload_helpers
Blind-vulnerability payload templates parameterized by an OOB callback URL. OOB-server-agnostic — use with interactsh, Burp Collaborator, or any DNS catcher. Blind-vulnerability payload helpers parameterized by an out-of-band callback URL or DNS name.

Structs§

ClientConfig
Configuration for constructing an crate::InteractshClient.
CorrelatedInteraction
An interactsh event correlated back to the user-provided request context.
GeneratedUrl
Generated interactsh URL plus the local nonce used for correlation.
InteractionContext
Logical metadata attached to a generated interactsh URL.
InteractionEvent
A raw interaction event returned by the interactsh service.
InteractshClient
Async client for registering interactsh URLs and polling correlated callbacks.

Enums§

ConfigField
Which configuration field failed validation.
ConfigProblem
Why a configuration field failed validation.
Error
Public error type for interactsh operations.
TransportStage
Which transport phase failed while communicating with the interactsh service.

Constants§

MAX_GENERATED_LABEL_BYTES
Maximum DNS label length for the generated <correlation><nonce> host label.

Type Aliases§

Result
Convenience result alias for interactsh operations.