massdns takes forever to finish

[theadventuresofhacker]

massdns module takes forever to finish. This is what I see as an output repeatedly in a loop:

[INFO] workspace_name Modules running (incoming:processing:outgoing) massdns(0:1:0) [INFO] workspace_name: Events produced so far: DNS_NAME: 751, IP_ADDRESS: 627, DNS_NAME_UNRESOLVED: 26, EMAIL_ADDRESS: 25, ASN: 13, AZURE_TENANT: 1 [INFO] workspace_name: No events in queue

Is this possible to exclude/disable massdns module?

[TheTechromancer]

Yes you can disable the module with -em massdns. However keep in mind that this will largely disable BBOT's ability to find unique subdomains.

Are you willing to share logs and/or the target domain? That would help us track down the issue if it's due to a bug.

[theadventuresofhacker]

Thank you so much for your help. "-em massdns" worked well. Unfortunately I can't share my targets domain information. From what I can tell slowness/loop starts right when massdns module kicks in. Last time it took ~17 hours to finish passive subdomain discovery (bbot -t domains.txt -f subdomain-enum -rf passive -em massdns -o .) for 75 domains (in domains.txt) which I'm not sure if it's normal. Running it again now to see how long it takes by excluding massdns module. I will keep you posted. Thanks again!

UPDATE The subdomain discovery scan finished within few minutes for the same 75 domains and the number of discovered subdomains is identical to the scan I ran including massdns module. So massdns module did not really help in my case.

Best

[TheTechromancer]

Okay, yes that definitely is not normal. Typically massdns will find 20% more subdomains on top of what is found by the other modules, because of its special mutations.

Can you share your OS and how you installed BBOT? E.g. pipx, docker, etc.?

[theadventuresofhacker]

Thanks for your reply. Here it the way I installed bbot on my Kali Linux 2023.3 Release:

1. ran pipx install bbot However, it did not recognize "bbot" command after installation

2. ran pipx ensurepath Still no bbot command

3. ran sudo pipx install bbot Still no bbot command. So I did some search and found out you can install it using pip instead of pipx

4. ran pip install bbot And bbot command is recognized now and worked.

I'm not using docker.

Please let me know if there was a step I may have missed.

Thanks

[TheTechromancer]

The reason your pipx install wasn't detected was because after pipx ensurepath, you need to restart your OS or source your bashrc:

source ~/.bashrc

As for massdns, I'm afraid there's not much more I can do without access to logs. So for now the cause of the slowness is a mystery.

[theadventuresofhacker]

I can do a clean install and use source ~/.bashrc this time. If massdns issue still persists, I will try to export a log and remove sensitive information from it to be able to share.

Thanks again!

[TheTechromancer]

@theadventuresofhacker are you still planning to post that log?

[TheTechromancer]

Closing due to inactivity. Feel free to reopen.