From 439c0e76c2f23d132dd4c0d4f8bd25b77b2ba783 Mon Sep 17 00:00:00 2001 From: Hazegard Date: Fri, 1 Nov 2024 21:53:07 +0100 Subject: [PATCH] Add an option to match only the generated payload When the server is run using the wildcard option, the client displays all interactions. This option allows the client to only match and displays the currently generated payloads. --- README.md | 3 ++- cmd/interactsh-client/main.go | 33 +++++++++++++++++++++++++++------ pkg/options/client_options.go | 1 + 3 files changed, 30 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 8bfd9ff9..4cab538b 100644 --- a/README.md +++ b/README.md @@ -75,11 +75,12 @@ FILTER: -dns-only display only dns interaction in CLI output -http-only display only http interaction in CLI output -smtp-only display only smtp interactions in CLI output + -po, -payloads-only match only generated payloads UPDATE: -up, -update update interactsh-client to latest version -duc, -disable-update-check disable automatic interactsh-client update check - + OUTPUT: -o string output file to write interaction data -json write output in JSONL(ines) format diff --git a/cmd/interactsh-client/main.go b/cmd/interactsh-client/main.go index 905d017f..d88ce2e5 100644 --- a/cmd/interactsh-client/main.go +++ b/cmd/interactsh-client/main.go @@ -65,6 +65,7 @@ func main() { flagSet.BoolVar(&cliOptions.HTTPOnly, "http-only", false, "display only http interaction in CLI output"), flagSet.BoolVar(&cliOptions.SmtpOnly, "smtp-only", false, "display only smtp interactions in CLI output"), flagSet.BoolVar(&cliOptions.Asn, "asn", false, " include asn information of remote ip in json output"), + flagSet.BoolVarP(&cliOptions.MatchOnlyPayloads, "payloads-only", "po", false, "match only generated payloads"), ) flagSet.CreateGroup("update", "Update", @@ -184,13 +185,29 @@ func main() { var matcher *regexMatcher var filter *regexMatcher + if len(cliOptions.Match) > 0 { - if matcher, err = newRegexMatcher(cliOptions.Match); err != nil { + matcher = newRegexMatcher() + if err = matcher.addMatcher(cliOptions.Match); err != nil { + gologger.Fatal().Msgf("Could not compile matchers: %s\n", err) + } + } + + if cliOptions.MatchOnlyPayloads { + var payloads []string + for _, payload := range interactshURLs { + payloads = append(payloads, strings.Split(payload, ".")[0]) + } + if matcher == nil { + matcher = newRegexMatcher() + } + if err := matcher.addMatcher(payloads); err != nil { gologger.Fatal().Msgf("Could not compile matchers: %s\n", err) } } if len(cliOptions.Filter) > 0 { - if filter, err = newRegexMatcher(cliOptions.Filter); err != nil { + filter = newRegexMatcher() + if err = filter.addMatcher(cliOptions.Filter); err != nil { gologger.Fatal().Msgf("Could not compile filter: %s\n", err) } } @@ -313,16 +330,20 @@ type regexMatcher struct { items []*regexp.Regexp } -func newRegexMatcher(items []string) (*regexMatcher, error) { +func newRegexMatcher() *regexMatcher { matcher := ®exMatcher{} + return matcher +} + +func (m *regexMatcher) addMatcher(items []string) error { for _, item := range items { if compiled, err := regexp.Compile(item); err != nil { - return nil, err + return err } else { - matcher.items = append(matcher.items, compiled) + m.items = append(m.items, compiled) } } - return matcher, nil + return nil } func (m *regexMatcher) match(item string) bool { diff --git a/pkg/options/client_options.go b/pkg/options/client_options.go index 835380ec..39e67650 100644 --- a/pkg/options/client_options.go +++ b/pkg/options/client_options.go @@ -31,4 +31,5 @@ type CLIClientOptions struct { DisableUpdateCheck bool KeepAliveInterval time.Duration PdcpAuth string + MatchOnlyPayloads bool }