0007761: dnsrecon -D (dictionary) cannot be used with relative path

ID	Project	Category	View Status	Date Submitted	Last Update

0007761	Kali Linux	[All Projects] Kali Package Bug	public	2022-06-17 11:00	2022-06-17 11:23

Reporter	h49nakxs	Assigned To
Priority	low	Severity	minor	Reproducibility	always
Status	confirmed	Resolution	open
Product Version	2022.2
Target Version		Fixed in Version

Summary	0007761: dnsrecon -D (dictionary) cannot be used with relative path
Description	If we try to bruteforce subdomains with dnsrecon using a dictionary file we can only use an absolute path. This is because the command "dnsrecon" is pointing to a shell script in /usr/bin/dnsrecon that contains : #!/bin/sh cd /usr/share/dnsrecon/ && ./dnsrecon.py "$@" Thus, If we use a relative path, it fails with the error : [-] No valid dictionary files have been specified or found withing the tool I don't know however if it has to be considered a bug or if this is an intended behavior to be able to use the dictionary files already present in /usr/share/dnsrecon. dnsrecon -V : DNSRecon version 1.1.0 uname -a : Linux host 5.17.0-kali3-amd64 0000001 SMP PREEMPT Debian 5.17.11-1kali1 (2022-05-30) x86_64 GNU/Linux
Steps To Reproduce	cp /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt . dnsrecon -D ./subdomains-top1million-20000.txt -d test.local -n 127.0.0.1 -t brt

daniruiz 2022-06-17 11:23 manager ~0016303	I can confirm this issue. The package comes directly from Debian though, so the bug needs to be filled to their package. I've tested replacing the helper script with a symlink to /usr/share/dnsrecon/dnsrecon.py (sudo ln -sf /usr/share/dnsrecon/dnsrecon.py /usr/bin/dnsrecon, to avoid the `cd`) and seems that's enough and doesn't break dnsrecon image.png (105,925 bytes) image.png (105,925 bytes)

Date Modified	Username	Field	Change
2022-06-17 11:00	h49nakxs	New Issue
2022-06-17 11:05	daniruiz	Status	new => confirmed
2022-06-17 11:23	daniruiz	File Added: image.png
2022-06-17 11:23	daniruiz	Note Added: 0016303