Can't connect to my custom interactsh server

[JoshuaMart]

Hi,
Following the instructions I set up my own Interactsh server, however after starting it, I can't connect to it with the interactsh client.

Server running :

Attempt to connect with the client :

And I think my DNS configuration is good because if I run a custom DNS that I wrote in Ruby, it responds well to queries

Regards

[ehsandeep]

@JoshuaMart this might be related to ongoing issue related to SSL server and we are tracking it here - #127, most probably the HTTPS server is not running in your self-hosted instance as well, using -server http://DOMAIN.com should work.

[JoshuaMart]

Hi,
If you look the second screenshot, I've tried with http and https :)

Regards

[user123bvtrbrtntr]

Hi, I have the same issue. Is there any debugging tips or information I could provide to facilitate the process?
The only difference in my installation process is that I used an Azure VM instead of DigitalOcean droplet.

[EndPositive]

I'm having the same issue. ZAP's interactsh client does work, so it seems to be an issue in the client and not the server.

Their register code is here: https://github.com/zaproxy/zap-extensions/blob/9394dabee50bfbcdf92af232a44c1b93652aa52b/addOns/oast/src/main/java/org/zaproxy/addon/oast/services/interactsh/InteractshService.java#L148

[ehsandeep]

I'm having the same issue. ZAP's interactsh client does work, so it seems to be an issue in the client and not the server.

Their register code is here: https://github.com/zaproxy/zap-extensions/blob/9394dabee50bfbcdf92af232a44c1b93652aa52b/addOns/oast/src/main/java/org/zaproxy/addon/oast/services/interactsh/InteractshService.java#L148

this might be related to interactsh server in use at https://github.com/zaproxy/zap-extensions/blob/3261bf26c3fb23796441f1a59d79c47f764301cb/addOns/oast/src/main/java/org/zaproxy/addon/oast/services/interactsh/InteractshParam.java#L54, currently, interactsh.com is down due to known issue we are tracking here #127 and interact.sh is used across all projects.

[EndPositive]

No, I'm using a privately hosted interactsh server in ZAP as well. In ZAP is does work, in Nuclei / interactsh-client it does not. I'll add a debugger to interactsh-client locally and inform you with better req/resp traces.

[EndPositive]

@ehsandeep you can reproduce the problem on the public interactsh server as well:

interactsh-client -server https://interact.sh/

Note the / at the end. The request will be made using https://interact.sh//register. The response is:

{"error":"could not decode json body: EOF"}

[EndPositive]

The issue propagates to Nuclei, so starting nuclei without the trailing / is a workaround.

EDIT: Looking at the OP again, not sure if this is the same issue as originally stated..

[JoshuaMart]

I managed to set up in a different way

@EndPositive That's actually another problem I think :)

[ehsandeep]

@JoshuaMart is it possible to share the root cause of this issue that you identified/fixed it eventually? information might be helpful as other users are facing similar issues #146

[JoshuaMart]

As I did not succeed in following the steps described and after several tries, I can't get a configuration without subdomain, by modifying the NS of the domain so I've set up a sub-domain and there it work.

So instead of having for example on your domain DNS configuration :

ns1.domain.tld NS server_ip

I have the following on my DNS zone configuration :

interact.domain.tld NS ns1.interact.domain.tld
ns1.interact.domain.tld A server_ip

And with this configuration it works