Massdns script issue

[z3roskills]

When running domained.py with the following parameters:

python domained.py -d example.com -b --bruteall

I get the following output:

Running massdns 

Running Command: python /opt/domained/bin/subbrute/subbrute.py -s /opt/domained/bin/sublst/all.txt goodhire.com | /opt/domained/bin/massdns/bin/massdns -r resolvers.txt -t A -a -o -w output/goodhire.com-massdns.txt -
Failed to open domain file "-a".
Traceback (most recent call last):
  File "/opt/domained/bin/subbrute/subbrute.py", line 834, in <module>
    print_target(target, record_type, options.subs, options.resolvers, options.process_count, options.print_data, output, json_output)
  File "/opt/domained/bin/subbrute/subbrute.py", line 528, in print_target
    sys.stdout.flush()
IOError: [Errno 32] Broken pipe

I was able to look into the previous resolved issue #8 and noticed from the MASSDNS documentation that the -a flag appears to no longer be an option. Also the -o flag will require S,F or B flag for its output.

Output flags:
  S - simple text output
  F - full text output
  B - binary output

Example of changes i made to the script locally.

def massdns():
    print("\n\n\033[1;31mRunning massdns \n\033[1;37m")
    word_file = os.path.join(script_path, 'bin/sublst/all.txt' if bruteall else 'bin/sublst/sl-domains.txt')
    massdnsCMD = 'python {} -s {} {} | {} -r resolvers.txt -t A -o S -w {}-massdns.txt -'.format(
        os.path.join(script_path, 'bin/subbrute/subbrute.py'), word_file, domain,
        os.path.join(script_path, 'bin/massdns/bin/massdns'), output_base)
    print("\n\033[1;31mRunning Command: \033[1;37m{}".format(massdnsCMD))
    os.system(massdnsCMD)
    print("\n\033[1;31mMasscan Complete\033[1;37m")
    time.sleep(1)

Once i get these things fixed up the script kicks off but never actually starts running just sits idle as can be seen here.

Processed queries: 0
Received packets: 0
Progress: 0.00% (00 h 00 min 00 sec / 00 h 00 min 00 sec)
Current incoming rate: 0 pps, average: 0 pps
Current success rate: 0 pps, average: 0 pps
Finished total: 0, success: 0 (0.00%)
Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
Failures: 0: 0.00%, 1: 0.00%, 2: 0.00%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%, 
Response: | Success:               | Total:
OK:       |            0 (  0.00%) |            0 (  0.00%)
NXDOMAIN: |            0 (  0.00%) |            0 (  0.00%)
SERVFAIL: |            0 (  0.00%) |            0 (  0.00%)
REFUSED:  |            0 (  0.00%) |            0 (  0.00%)
FORMERR:  |            0 (  0.00%) |            0 (  0.00%)

Ive tried this on 2 separate Kali instances with the same results.

Running the following command from within the massdns directory i start getting instant results.

./scripts/subbrute.py lists/names.txt example.com | ./bin/massdns -r lists/resolvers.txt -t A -o S -w results.txt

Processed queries: 13179
Received packets: 3938
Progress: 0.00% (00 h 00 min 11 sec / 00 h 00 min 11 sec)
Current incoming rate: 302 pps, average: 357 pps
Current success rate: 242 pps, average: 287 pps
Finished total: 3173, success: 3173 (100.00%)
Mismatched domains: 755 (19.17%), IDs: 10 (0.25%)
Failures: 0: 3.59%, 1: 9.83%, 2: 9.45%, 3: 11.44%, 4: 12.04%, 5: 2.84%, 6: 5.23%, 7: 19.82%, 8: 14.72%, 9: 3.66%, 10: 8.01%, 11: 7.12%, 12: 5.26%, 13: 19.26%, 14: 15.79%, 15: 3.56%, 16: 7.69%, 17: 10.84%, 18: 8.64%, 19: 11.28%, 20: 5.39%, 21: 219.89%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%, 
Response: | Success:               | Total:
OK:       |            2 (  0.06%) |            3 (  0.08%)
NXDOMAIN: |          161 (  5.07%) |          257 (  6.53%)
SERVFAIL: |         3010 ( 94.86%) |         3678 ( 93.40%)
REFUSED:  |            0 (  0.00%) |            0 (  0.00%)
FORMERR:  |            0 (  0.00%) |            0 (  0.00%

[z3roskills]

I have a feeling its because its pulling down the latest branch release of massdns 0.3

[ghost]

Thanks @z3roskills for reporting the issue! @jafoca issued a pull request (#10) that should fix the issue (after fresh install), can you please confirm?

[z3roskills]

I just checked on a Ubuntu fresh install and i am getting the following error

Running massdns 

Running Command: python /opt/domained/bin/subbrute/subbrute.py -s /opt/domained/bin/sublst/all.txt vine.com | /opt/domained/bin/massdns/bin/massdns -r resolvers.txt -t A -a -o -w output/vine.com-massdns.txt -
Failed to open output file: Permission denied
Traceback (most recent call last):
  File "/opt/domained/bin/subbrute/subbrute.py", line 834, in <module>
    print_target(target, record_type, options.subs, options.resolvers, options.process_count, options.print_data, output, json_output)
  File "/opt/domained/bin/subbrute/subbrute.py", line 528, in print_target
    sys.stdout.flush()
IOError: [Errno 32] Broken pipe

[ghost]

@z3roskills, sorry for the delay - are you still receiving the same error? Looks like you had a permission denied error and a python error as well. What version of python are you using?

[cak]

Thanks @z3roskills! Please let me know if there are any additional issues.

[oldesec]

Hello @cak The problem was not resolved.

must remove the "-a" option and add S option.

massdnsCMD = "python {} {} {} | {} -r resolvers.txt -t A  -o S -w {}-massdns.txt".format(

[cak]

Looking at the massdns documentation and I you are right! Reopening, thanks @oldesec.

[oldesec]

Hello. @cak

Good patch.

There is one more problem.

"massdns" is using an older version.

https://github.com/cak/domained/blob/4509a088a20368d3e79b4fe77339ac94603d816c/domained.py#L289

It is necessary to change to the latest version.

Ex)

git clone https://github.com/blechschmidt/massdns ./bin/massdns

[mzfr]

@oldesec Do you still have problem with this?

[ghost]

still massdns problem

root@kalitest:~/domained# python3 domained.py -d site.com -b --bruteall

     ___/ /__  __ _  ___ _(_)__  ___ ___/ /
    / _  / _ \/  ' \/ _ `/ / _ \/ -_) _  /
    \_,_/\___/_/_/_/\_,_/_/_//_/\__/\_,_/
            github.com/cakinney

Running massdns

Running Command: python /root/domained/bin/subbrute/subbrute.py /root/domained/bin/sublst/all.txt site.com | /root/domained/bin/massdns/bin/massdns -r resolvers.txt -t A -o S -w output/site.com-massdns.txt Failed to open domain file: No such file or directory ^CKilled

Masscan Complete

[mzfr]

Is your script upto date?

[ghost]

yeap, last release

[Exterminat0r]

I am experiencing the same issue

[adam-greer]

I think I found the issue. I'll test again in the next day or so.

[skullswalk]

Anyone actually successful in fixing this?