RubyGems - interactsh - Versions diffs - 0.9.7 → 1.0.0 - Mend

interactsh 0.9.7 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/lib/interactsh/client.rb +86 -0
data/lib/interactsh/crypto.rb +54 -0
data/lib/interactsh/http_client.rb +83 -0
data/lib/interactsh/utils.rb +45 -0
data/lib/interactsh.rb +14 -89
metadata +10 -38

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5ebd689434fbf52ffc8c0f50807110ae00d90449f846d0702242c6901a48998b
-  data.tar.gz: 0e0a96410f931f7ca710b663cf21c8cf6846db483550477a2db11f315ae69a0d
+  metadata.gz: 9be22c7721be0a8a30588674e97e2cee74c5b3decfc58ebd2aeb673679396ccf
+  data.tar.gz: 74b359400aa589f489abbc3564d853065d6988a602a5a5c36f635c5173a6824e
 SHA512:
-  metadata.gz: 441e2baef05e29ac9a3928e42a0da8e28cfc61e9603d4568bd7a0b03e4976e49842ee539984cdb868862417a23bd1a853144e43dc2186fa7f89f61916c505649
-  data.tar.gz: 3a61e6ebe450236a0804e3eddc096387f887818eb0331466db6bdee75db295af80771e5c0e71e77fd17bd064e23e27a3db5b038b45c840df65ad3b1ecc9efa38
+  metadata.gz: d09e484e4874db56e46ba2dcffa1bcfcbefd2c95167e64f21aa2fe016c63b26320d81a57edf69a7bc6bff95c3aeed3541b67a041bed312423518adcfe18585b6
+  data.tar.gz: f30a046769f55ec741169ca4f9a9003e93c6c6b5ca7beb4d714215eb707421dbdd1f55c398b20a817a6d924f3c9d85b4977f9561fcda01b79d54289498628484

data/lib/interactsh/client.rb ADDED Viewed

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+module Interactsh
+  # Main client class for Interactsh interaction
+  class Client
+    attr_reader :public_key_encoded, :secret, :server, :random_data, :rsa, :token
+    # Creates a new Interactsh client
+    #
+    # @param server [String] The Interactsh server to use (default: 'oast.me')
+    # @param token [String, nil] Optional authentication token
+    def initialize(server = 'oast.me', token = nil)
+      @rsa = OpenSSL::PKey::RSA.new(2048)
+      @public_key = @rsa.public_key.to_pem
+      @public_key_encoded = Base64.strict_encode64(@public_key)
+      @secret = Utils.generate_uuid
+      @random_data = Utils.generate_random_string(13)
+      @server = server
+      @token = token
+      @http_client = HttpClient.new(server, token)
+      @crypto = Crypto.new(@rsa)
+    end
+    # Generates a new domain for interaction testing
+    #
+    # @return [String] The generated domain name for interaction testing
+    def new_domain
+      correlation_id = Xid.new.to_s
+      register(correlation_id)
+      "#{correlation_id}#{random_data}.#{server}"
+    end
+    # Polls the server for interaction data for a given host
+    #
+    # @param host [String] The host to poll data for
+    # @return [Array] Array of interaction data or empty array if polling failed
+    def poll(host)
+      correlation_id = host[0..19]
+      response = @http_client.make_poll_request(correlation_id, secret)
+      return [] unless @http_client.response_successful?(response)
+      data = JSON.parse(response.body)
+      parse_poll_data(data)
+    end
+    private
+    # Parses and decrypts poll data
+    #
+    # @param data [Hash] The poll data to parse
+    # @return [Array] The decoded interaction data
+    def parse_poll_data(data)
+      decoded_data = []
+      return decoded_data if data.empty? || !data['data'] || data['data'].empty?
+      data['data'].each do |enc_data|
+        decoded_data << @crypto.decrypt_data(data['aes_key'], enc_data)
+      end
+      decoded_data
+    end
+    # Registers a correlation ID with the Interactsh server
+    #
+    # @param correlation_id [String] The correlation ID to register
+    # @return [void]
+    def register(correlation_id)
+      data = {
+        'public-key': public_key_encoded,
+        'secret-key': secret,
+        'correlation-id': correlation_id
+      }
+      response = @http_client.make_register_request(data)
+      return if response && response.code.to_i == 200
+      puts '[!] Interactsh - Problem with domain registration'
+    end
+  end
+end

data/lib/interactsh/crypto.rb ADDED Viewed

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+module Interactsh
+  # Cryptographic operations for Interactsh
+  class Crypto
+    def initialize(rsa)
+      @rsa = rsa
+    end
+    # Decrypts interaction data using the provided AES key
+    #
+    # @param aes_key [String] The encrypted AES key
+    # @param enc_data [String] The encrypted data
+    # @return [Hash] The decrypted interaction data
+    def decrypt_data(aes_key, enc_data)
+      decrypted_aes_key = decrypt_aes_key(aes_key)
+      decrypt_payload(decrypted_aes_key, enc_data)
+    rescue StandardError => e
+      puts "[!] Interactsh - Error decrypting data: #{e.message}"
+      {}
+    end
+    private
+    # Decrypts the AES key using RSA
+    #
+    # @param aes_key [String] The encrypted AES key
+    # @return [String] The decrypted AES key
+    def decrypt_aes_key(aes_key)
+      pkey = OpenSSL::PKey::RSA.new(@rsa)
+      encrypted_aes_key = Base64.urlsafe_decode64(aes_key)
+      JOSE::JWA::PKCS1.rsaes_oaep_decrypt(
+        OpenSSL::Digest::SHA256,
+        encrypted_aes_key,
+        pkey
+      )
+    end
+    # Decrypts the payload using the decrypted AES key
+    #
+    # @param decrypted_aes_key [String] The decrypted AES key
+    # @param enc_data [String] The encrypted data
+    # @return [Hash] The decrypted payload as a hash
+    def decrypt_payload(decrypted_aes_key, enc_data)
+      secretdata = Base64.decode64(enc_data)
+      decipher = OpenSSL::Cipher.new('aes-256-cfb')
+      decipher.decrypt
+      decipher.key = decrypted_aes_key
+      # The data minus the size of the IV (first 16 bytes)
+      JSON.parse((decipher.update(secretdata) + decipher.final)[16..])
+    end
+  end
+end

data/lib/interactsh/http_client.rb ADDED Viewed

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+module Interactsh
+  # HTTP client for Interactsh API
+  class HttpClient
+    def initialize(server, token)
+      @server = server
+      @token = token
+    end
+    # Makes the HTTP request to poll for interaction data
+    #
+    # @param correlation_id [String] The correlation ID to poll for
+    # @param secret [String] The secret key
+    # @return [Net::HTTPResponse] The HTTP response
+    def make_poll_request(correlation_id, secret)
+      uri = URI.parse("https://#{@server}/poll?id=#{correlation_id}&secret=#{secret}")
+      http = setup_http_client(uri)
+      request = Net::HTTP::Get.new(uri.request_uri)
+      apply_headers(request)
+      http.request(request)
+    rescue StandardError => e
+      puts "[!] Interactsh - HTTP request error: #{e.message}"
+      nil
+    end
+    # Makes the HTTP request to register a correlation ID
+    #
+    # @param data [Hash] The data to send
+    # @return [Net::HTTPResponse] The HTTP response
+    def make_register_request(data)
+      uri = URI.parse("https://#{@server}/register")
+      http = setup_http_client(uri)
+      request = Net::HTTP::Post.new(uri.request_uri)
+      apply_headers(request, 'Content-Type' => 'application/json')
+      request.body = data.to_json
+      http.request(request)
+    rescue StandardError => e
+      puts "[!] Interactsh - HTTP request error: #{e.message}"
+      nil
+    end
+    # Checks if the HTTP response was successful
+    #
+    # @param response [Net::HTTPResponse, nil] The HTTP response
+    # @return [Boolean] True if response is successful, false otherwise
+    def response_successful?(response)
+      if !response || response.code.to_i != 200
+        puts '[!] Interactsh - Problem with data recovery'
+        return false
+      end
+      true
+    end
+    private
+    # Sets up an HTTP client
+    #
+    # @param uri [URI] The URI to connect to
+    # @return [Net::HTTP] The configured HTTP client
+    def setup_http_client(uri)
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = (uri.scheme == 'https')
+      http
+    end
+    # Applies headers to an HTTP request
+    #
+    # @param request [Net::HTTPRequest] The request to apply headers to
+    # @param additional_headers [Hash] Additional headers to apply
+    # @return [void]
+    def apply_headers(request, additional_headers = {})
+      headers = additional_headers.dup
+      headers['Authorization'] = @token if @token
+      headers.each { |key, value| request[key] = value }
+    end
+  end
+end

data/lib/interactsh/utils.rb ADDED Viewed

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+module Interactsh
+  # Utility methods for Interactsh
+  module Utils
+    module_function
+    # Generates a random string of specified length
+    #
+    # @param length [Integer] Length of the random string
+    # @return [String] Random alphanumeric string
+    def generate_random_string(length)
+      charset = Array('a'..'z') + Array(0..9)
+      Array.new(length) { charset.sample }.join
+    end
+    # Generates a RFC4122 version 4 UUID
+    #
+    # @return [String] The generated UUID
+    def generate_uuid
+      random_bytes = create_uuid_bytes
+      hex = random_bytes.map { |b| b.to_s(16).rjust(2, '0') }.join
+      format_uuid(hex)
+    end
+    # Creates the byte array for UUID with proper version and variant
+    #
+    # @return [Array] Array of bytes for UUID
+    def create_uuid_bytes
+      bytes = Array.new(16) { rand(0..255) }
+      # Set version (4) and variant (RFC4122)
+      bytes[6] = (bytes[6] & 0x0F) | 0x40 # version 4
+      bytes[8] = (bytes[8] & 0x3F) | 0x80 # variant RFC4122
+      bytes
+    end
+    # Formats a hex string as a UUID with hyphens
+    #
+    # @param hex [String] The hex string to format
+    # @return [String] The formatted UUID string
+    def format_uuid(hex)
+      [hex[0..7], hex[8..11], hex[12..15], hex[16..19], hex[20..31]].join('-')
+    end
+  end
+end

data/lib/interactsh.rb CHANGED Viewed

@@ -1,89 +1,14 @@
-# frozen_string_literal: true
-require 'openssl'
-require 'stringio'
-require 'jose'
-require 'securerandom'
-require 'base64'
-require 'json'
-require 'ruby_xid'
-require 'typhoeus'
-# InteractSH Ruby Library
-class Interactsh
-  attr_reader :public_key_encoded, :secret, :server, :random_data, :rsa, :token
-  def initialize(server = 'oast.me', token = nil)
-    @rsa = OpenSSL::PKey::RSA.new(2048)
-    @public_key = @rsa.public_key.to_pem
-    @public_key_encoded = Base64.encode64(@public_key)
-    @secret = SecureRandom.uuid
-    @random_data = Array.new(13) { (Array('a'..'z') + Array(0..9)).sample }.join
-    @server = server
-    @token = token
-  end
-  def new_domain
-    correlation_id = Xid.new.to_s
-    register(correlation_id)
-    "#{correlation_id}#{random_data}.#{server}"
-  end
-  def poll(host)
-    correlation_id = host[0..19]
-    headers = {}
-    headers['Authorization'] = token if token
-    response = Typhoeus.get(File.join(server, "/poll?id=#{correlation_id}&secret=#{secret}"), headers: headers)
-    unless response&.code == 200
-      puts '[!] Interactsh - Problem with data recovery'
-      return
-    end
-    datas = JSON.parse(response.body)
-    parse_poll_datas(datas)
-  end
-  private
-  def parse_poll_datas(datas)
-    decoded_datas = []
-    unless datas.empty?
-      datas['data'].each do |enc_data|
-        decoded_datas << decrypt_data(datas['aes_key'], enc_data)
-      end
-    end
-    decoded_datas
-  end
-  def register(correlation_id)
-    data = { "public-key": public_key_encoded, "secret-key": secret, "correlation-id": correlation_id }.to_json
-    headers = { 'Content-Type' => 'application/json' }
-    headers['Authorization'] = token if token
-    response = Typhoeus.post(File.join(server, '/register'), body: data, headers: headers)
-    return if response.code == 200
-    puts '[!] Interactsh - Problem with domain registration'
-  end
-  def decrypt_data(aes_key, enc_data)
-    pkey = OpenSSL::PKey::RSA.new(rsa)
-    encrypted_aes_key = Base64.urlsafe_decode64(aes_key)
-    decrypted_aes_key = JOSE::JWA::PKCS1.rsaes_oaep_decrypt(OpenSSL::Digest::SHA256, encrypted_aes_key, pkey)
-    secretdata = Base64.decode64(enc_data)
-    decipher = OpenSSL::Cipher.new('aes-256-cfb')
-    decipher.decrypt
-    decipher.key = decrypted_aes_key
-    # The data minus the size of the IV
-    JSON.parse((decipher.update(secretdata) + decipher.final)[16..])
-  end
-end
+# frozen_string_literal: true
+# Gem dependencies
+require 'openssl'
+require 'jose'
+require 'stringio'
+require 'base64'
+require 'json'
+require 'ruby_xid'
+require 'net/http'
+require 'uri'
+# Internal dependencies
+Dir[File.join(__dir__, 'interactsh/*.rb')].each { |file| require file }

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: interactsh
 version: !ruby/object:Gem::Version
-  version: 0.9.7
+  version: 1.0.0
 platform: ruby
 authors:
 - Joshua MARTINELLE
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-10-12 00:00:00.000000000 Z
+date: 2025-03-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jose
@@ -50,41 +50,8 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.7
-- !ruby/object:Gem::Dependency
-  name: securerandom
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.2.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 0.2.0
-- !ruby/object:Gem::Dependency
-  name: typhoeus
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.0
-description:
+description: Ruby client library for Interactsh - a tool for detecting out-of-band
+  interactions
 email:
 - contact@jomar.fr
 executables: []
@@ -92,6 +59,10 @@ extensions: []
 extra_rdoc_files: []
 files:
 - lib/interactsh.rb
+- lib/interactsh/client.rb
+- lib/interactsh/crypto.rb
+- lib/interactsh/http_client.rb
+- lib/interactsh/utils.rb
 homepage: https://github.com/JoshuaMart/Interactsh-Library
 licenses:
 - MIT
@@ -99,6 +70,7 @@ metadata:
   source_code_uri: https://github.com/JoshuaMart/Interactsh-Library
   homepage_uri: https://github.com/JoshuaMart/Interactsh-Library
   github_repo: https://github.com/JoshuaMart/Interactsh-Library
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -114,7 +86,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.19
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Interactsh Ruby Library