fix(interactsh): skip DNS lookups on interactsh domains

[dwisiswant0]

Proposed changes

fix(interactsh): skip DNS lookups on interactsh domains

to prevent false positives.

Prevents nuclei from resolving interactsh domains
injected in "Host" headers, which would cause
self-interactions to be incorrectly reported as
matches.

Changes:

• Add GetHostname() method to interactsh.Client
  to expose active server domain.
• Skip CNAME DNS lookups in
  (*http.Request).addCNameIfAvailable when
  hostname matches the
  (*interactsh.Client).GetHostname.

Fixes #6613

Checklist

• Pull request is created against the dev branch
• All checks passed (lint, unit/integration/regression tests etc.) with my changes
• I have added tests that prove my fix is effective or that my feature works
• I have added necessary documentation (if appropriate)

Summary by CodeRabbit

• Performance Improvements

  • DNS handling optimized to skip unnecessary CNAME resolution when targeting the configured Interactsh domain, reducing lookup overhead.

• API Enhancements

  • Exposed a new accessor to retrieve the currently configured Interactsh server hostname.

[coderabbitai]

Walkthrough

Adds a public GetHostname() accessor for the Interactsh client and modifies CNAME extraction to short‑circuit DNS lookups when the target hostname is an Interactsh domain, preventing DNS-based CNAME resolution in that case.

Changes

Cohort / File(s)	Summary
Interactsh hostname accessor pkg/protocols/common/interactsh/interactsh.go	Adds public GetHostname() string on Client that delegates to internal getHostname() to expose the configured Interactsh server hostname.
CNAME resolution short-circuit pkg/protocols/http/request.go	Updates addCNameIfAvailable() to obtain the Interactsh hostname and return early (skip DNS CNAME resolution) when the target hostname ends with the Interactsh domain.

Sequence Diagram(s)

sequenceDiagram
    participant Req as Request flow
    participant Logic as addCNameIfAvailable
    participant Interact as Interactsh client
    participant DNS as DNS resolver

    Req->>Logic: prepare hostname for target
    Note right of Logic: New: call GetHostname()
    Logic->>Interact: GetHostname()
    Interact-->>Logic: interactsh.example.com
    alt target ends with interactsh.example.com
        Logic-->>Req: short-circuit (skip DNS/CNAME)
        Note right of Logic `#CDE5D8`: No DNS lookup performed
    else otherwise
        Logic->>DNS: resolve CNAMEs / perform DNS lookup
        DNS-->>Logic: CNAME/A records
        Logic-->>Req: attach discovered CNAMEs
    end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Areas to check:
  • Correctness of hostname suffix comparison (case sensitivity, trailing dots).
  • That GetHostname() is exported safely and returns expected configured value in all client states (nil/default).
  • Ensure early return does not skip needed CNAME handling for non-Interactsh domains.

Poem

🐰 I hop and fetch the hostname bright,

I show the host so tests see light.
When callbacks wear an Interact hat,
I skip the DNS — no false‑positive chat.
🥕

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding a mechanism to skip DNS lookups when dealing with Interactsh domains.
Linked Issues check	✅ Passed	The PR addresses issue #6613 by adding GetHostname() to expose the Interactsh server domain and modifying addCNameIfAvailable to skip DNS lookups for Interactsh domains, directly preventing false positive external-service-interaction detections.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing the Interactsh false positive issue: GetHostname() accessor method and DNS lookup short-circuit logic are both necessary for the stated objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dwisiswant0/fix/interactsh/skip-DNS-lookups-on-interactsh-domains

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 009850b and db2e77e.

📒 Files selected for processing (1)

• pkg/protocols/http/request.go (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/protocols/http/request.go

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 141f34a and 009850b.

📒 Files selected for processing (2)

• pkg/protocols/common/interactsh/interactsh.go (1 hunks)
• pkg/protocols/http/request.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Lint

🔇 Additional comments (1)

pkg/protocols/common/interactsh/interactsh.go (1)

458-462: LGTM! Clean accessor method.

The new GetHostname() method properly exposes the interactsh server hostname via the existing thread-safe getHostname() method. This enables external components (like the HTTP request handler) to check whether a hostname is an interactsh domain.