View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007761 | Kali Linux | [All Projects] Kali Package Bug | public | 2022-06-17 11:00 | 2022-06-17 11:23 |
Reporter | h49nakxs | Assigned To | |||
Priority | low | Severity | minor | Reproducibility | always |
Status | confirmed | Resolution | open | ||
Product Version | 2022.2 | ||||
Target Version | Fixed in Version | ||||
Summary | 0007761: dnsrecon -D (dictionary) cannot be used with relative path | ||||
Description | If we try to bruteforce subdomains with dnsrecon using a dictionary file we can only use an absolute path. This is because the command "dnsrecon" is pointing to a shell script in /usr/bin/dnsrecon that contains : #!/bin/sh cd /usr/share/dnsrecon/ && ./dnsrecon.py "$@" Thus, If we use a relative path, it fails with the error : [-] No valid dictionary files have been specified or found withing the tool I don't know however if it has to be considered a bug or if this is an intended behavior to be able to use the dictionary files already present in /usr/share/dnsrecon. dnsrecon -V : DNSRecon version 1.1.0 uname -a : Linux host 5.17.0-kali3-amd64 0000001 SMP PREEMPT Debian 5.17.11-1kali1 (2022-05-30) x86_64 GNU/Linux | ||||
Steps To Reproduce | cp /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt . dnsrecon -D ./subdomains-top1million-20000.txt -d test.local -n 127.0.0.1 -t brt | ||||
|
I can confirm this issue. The package comes directly from Debian though, so the bug needs to be filled to their package. I've tested replacing the helper script with a symlink to /usr/share/dnsrecon/dnsrecon.py (sudo ln -sf /usr/share/dnsrecon/dnsrecon.py /usr/bin/dnsrecon, to avoid the `cd`) and seems that's enough and doesn't break dnsrecon |