Add ability to specify root-path favicon file via commandline parameter in interactsh-server

Question

Add ability to specify root-path favicon file via commandline parameter in interactsh-server

mikedesu opened this issue 9 months ago · 4 comments

Please describe your feature request:

My idea is straight-forward:

I want to pass a cmdline flag like -favicon to interactsh-server in order to specify a local file to serve at the root path for any interactsh-client instances I spin up.

Describe the use case of this feature:

I think it would be interesting to serve a giant local file (1gb+) to a target that makes HTTP requests.

interactsh-server -domain mydomain.site -favicon giantfile

So when I run a local client, asfahfefkhqfreq.mydomain.site/favicon.ico would return the giantfile.

This kind of attack could render some headless browsers vulnerable to DDOS or resource exhaustion.

Answer 1 · 2024-02-14T07:13:57.000Z

@mikedesu there is already support for it - https://github.com/projectdiscovery/interactsh?tab=readme-ov-file#static-file-hosting

Answer 2 · 2024-04-06T19:25:53.000Z

Serving from /s/ isn't good enough. I want to serve and track the favicon that sites load from the root path

Answer 3 · 2024-08-29T13:36:18.000Z

@mikedesu the file can already be served in the /s/ subpath or via dynamic response. Unfortunately without a strong use we prefer to keep the / serve the courtesy page.
Apart from DDOS detection, could you provide more context on the kind of use cases you have in mind?