Documentation
¶
Index ¶
- Constants
- Variables
- type Client
- func (c *Client) Close() error
- func (c *Client) CorrelationID() string
- func (c *Client) Domain() string
- func (c *Client) EncodedResponse(statusCode int, headers []string, body string) string
- func (c *Client) IsClosed() bool
- func (c *Client) IsPolling() bool
- func (c *Client) SaveSession(path string) error
- func (c *Client) ServerHost() string
- func (c *Client) StartPolling(interval time.Duration, callback InteractionCallback) error
- func (c *Client) StopPolling() error
- func (c *Client) URL() stringdeprecated
- type Interaction
- type InteractionCallback
- type Options
- type ResponseConfig
Constants ¶
const CIDEncodingAlphabet = "0123456789abcdefghijklmnopqrstuv"
CIDEncodingAlphabet is the base32 alphabet used by the interactsh protocol (and xid).
Variables ¶
var ( // ErrSessionEvicted indicates the server evicted the session. // Typically due to inactivity. ErrSessionEvicted = errors.New("session evicted by server") ErrUnauthorized = errors.New("unauthorized: invalid or missing token") // ErrClientClosed indicates an operation was attempted on a closed client. ErrClientClosed = errors.New("client is closed") // ErrAlreadyPolling indicates StartPolling was called while already polling. ErrAlreadyPolling = errors.New("polling already started") )
var DefaultOptions = Options{ ServerURLs: []string{"oscar.oastsrv.net", "alpha.oastsrv.net", "sierra.oastsrv.net", "tango.oastsrv.net"}, HTTPTimeout: 10 * time.Second, KeepAliveInterval: 60 * time.Second, CorrelationIdLength: 20, CorrelationIdNonceLength: 13, }
DefaultOptions provides protocol-compatible defaults with go-appsec server URLs. CorrelationIdLength and CorrelationIdNonceLength use standard interactsh values safe for any server. When using the default server URLs, the client automatically applies optimized values (see defaultServer* constants).
var Version = "dev"
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client communicates with an interactsh server to capture OOB interactions. A Client is safe for concurrent use by multiple goroutines.
The typical lifecycle of a Client is:
- Create with New() or LoadSession()
- Generate payload domains with Domain()
- Start polling with StartPolling()
- Process interactions via callback
- Stop polling with StopPolling() (optional, Close() will stop it)
- Close with Close()
func LoadSession ¶
LoadSession restores a client from previously saved session credentials. The context controls the timeout/cancellation of the re-registration request.
If opts is provided, behavioral settings (KeepAliveInterval, DisableHTTPFallback, HTTPTimeout, CorrelationIdNonceLength) are applied. Crypto material and server URL are always restored from the session file.
If the server still has the session, re-registration succeeds silently. If the session was evicted, the client re-registers with the same credentials, preserving the correlation-id and allowing continued use of previously generated payload URLs.
Returns an error if the session file cannot be read, parsed, or if re-registration fails.
func New ¶
New creates and registers a new client with an interactsh server. The context controls the timeout/cancellation of the registration request.
If opts is nil, DefaultOptions is used. The client will try servers from opts.ServerURLs in random order until one successfully accepts the registration. If HTTPS fails and DisableHTTPFallback is false, HTTP will be attempted as a fallback. When using default servers, fallbackServerURLs are tried if all defaults fail.
Returns an error if registration fails with all configured servers. Use errors.Is() to check for specific error conditions like ErrUnauthorized.
func (*Client) Close ¶
Close stops polling (if active) and deregisters from the server. After Close returns, the client cannot be reused.
Close is safe to call multiple times; subsequent calls return nil.
func (*Client) CorrelationID ¶ added in v0.2.3
CorrelationID returns the unique identifier prefix shared by all domains from this client.
func (*Client) Domain ¶
Domain returns a unique domain for external interaction requests. Each call generates a new domain with a different nonce, suitable for correlating specific test cases with their interactions.
Example: "cn4h7pjqdka31f8e5g6bry8djt4un3h1x.alpha.oastsrv.net"
Returns a bare domain (no scheme). Prepend http:// or https:// as needed, or use directly for DNS, SMTP, FTP, LDAP, etc.
func (*Client) EncodedResponse ¶ added in v0.2.4
EncodedResponse returns an HTTP URL with dynamic response query parameters. Requires --dynamic-resp on the server. On unauthenticated servers with --dynamic-resp, only 302/307 redirects with a Location header are served; other configurations are silently ignored. Zero values omit parameters.
func (*Client) IsPolling ¶
IsPolling returns true if the client is actively polling for interactions.
func (*Client) SaveSession ¶
SaveSession persists session credentials to a file for later restoration. This allows maintaining the same correlation-id across process restarts, which is useful for long-running tests or when you need to preserve the payload URLs.
The file is written in YAML format and contains sensitive cryptographic keys. Ensure appropriate file permissions (0600 recommended).
func (*Client) ServerHost ¶ added in v0.2.3
ServerHost returns the host of the registered interactsh server.
func (*Client) StartPolling ¶
func (c *Client) StartPolling(interval time.Duration, callback InteractionCallback) error
StartPolling begins polling the server for interactions at the specified interval. The callback is invoked for each received interaction. Callbacks may be invoked concurrently from the polling goroutine.
Returns ErrAlreadyPolling if polling is already active. Returns ErrClientClosed if the client has been closed.
func (*Client) StopPolling ¶
StopPolling stops the polling loop. Returns ErrClientClosed if the client has been closed.
type Interaction ¶
type Interaction struct {
// Protocol identifies the type of interaction.
// Values: "http", "dns", "smtp", "ftp", "ldap", "smb", "responder"
Protocol string `json:"protocol"`
// UniqueID is the subdomain portion matching correlation-id + nonce.
UniqueID string `json:"unique-id"`
// FullId is the complete identifier including any subdomain prefixes.
FullId string `json:"full-id"`
// QType is the DNS query type, populated only when Protocol is "dns".
// Values: "A", "AAAA", "CNAME", "MX", "TXT", "NS", "SOA"
QType string `json:"q-type,omitempty"`
// RawRequest contains the raw request data captured by the server.
// For HTTP, this includes headers and body. For DNS, the query details.
RawRequest string `json:"raw-request,omitempty"`
// RawResponse is the raw response data, if applicable.
RawResponse string `json:"raw-response,omitempty"`
// SMTPFrom is the MAIL FROM address. Only for "smtp" protocol.
SMTPFrom string `json:"smtp-from,omitempty"`
// SMTPTo is the RCPT TO address. Only for "smtp" protocol.
SMTPTo string `json:"smtp-to,omitempty"`
// RemoteAddress is the client IP or IP:port that made the interaction.
RemoteAddress string `json:"remote-address"`
// Timestamp is when the server captured the interaction.
Timestamp time.Time `json:"timestamp"`
}
Interaction represents a captured OOB interaction from the server.
type InteractionCallback ¶
type InteractionCallback func(*Interaction)
InteractionCallback is invoked for each received interaction. May be called concurrently; should not block.
type Options ¶
type Options struct {
// ServerURLs specifies interactsh servers to try.
// The list is tried starting at a random index, until one succeeds.
// Default: public go-appsec servers (oscar.oastsrv.net, alpha.oastsrv.net, sierra.oastsrv.net, tango.oastsrv.net)
ServerURLs []string
// Token is an optional authentication token for protected servers.
// Leave empty for public servers that don't require authentication.
Token string
// HTTPClient is an optional custom HTTP client. If provided, HTTPTimeout is ignored.
HTTPClient *http.Client
// HTTPTimeout is the timeout for HTTP requests when using the default client.
// Ignored if HTTPClient is provided.
// Default: 10 seconds
HTTPTimeout time.Duration
// KeepAliveInterval is how often to re-register to prevent session eviction.
// Default: 60 seconds
KeepAliveInterval time.Duration
// DisableKeepAlive disables periodic re-registration.
// When true, KeepAliveInterval is ignored.
DisableKeepAlive bool
// DisableHTTPFallback prevents falling back to HTTP if HTTPS fails.
// Default: false (fallback enabled)
DisableHTTPFallback bool
// Response configures a stored HTTP response served for
// interactions matching this session's correlation ID.
// Supported only by the interactsh-lite server implementation.
Response *ResponseConfig
// CorrelationIdLength is the length of the correlation ID preamble.
// Must match server configuration exactly. Cannot be customized with default servers.
// Minimum: 4. Default: 16 for default servers, 20 for user-provided servers.
CorrelationIdLength int
// CorrelationIdNonceLength is the length of the nonce suffix for unique URLs.
// Must be >= the server's configured cidn for interactions to be matched.
// Minimum: 4. Default: 4 for default servers, 13 for user-provided servers.
CorrelationIdNonceLength int
}
Options configures the client behavior.
type ResponseConfig ¶ added in v0.3.4
type ResponseConfig struct {
StatusCode int `json:"status-code,omitempty"` // HTTP status code
Headers []string `json:"headers,omitempty"` // "Name: Value" format
Body string `json:"body,omitempty"` // response body
}
ResponseConfig defines an HTTP response served for interactions matching a session's correlation ID. Supported only by the interactsh-lite server. On unauthenticated servers, only 302/307 redirects with a Location header are allowed.
func (*ResponseConfig) IsAllowedUnauthenticated ¶ added in v0.3.4
func (c *ResponseConfig) IsAllowedUnauthenticated() bool
IsAllowedUnauthenticated reports whether this config is valid for an unauthenticated server.
Source Files