Distcc - Port 3632
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic info
Distcc (Distributed Compiler) is a tool designed to speed up code compilation by distributing the workload to multiple machines over a network.
If a system is running the distccd daemon and is misconfigured (especially without authentication), it may allow an attacker to execute arbitrary commands remotely β a vulnerability famously tracked as CVE-2004-2687.
Key Details
Default Port:
3632/tcpService Name:
distccdPurpose: Distribute compilation tasks across multiple computers.
Risk: Remote Code Execution (RCE) if misconfigured.
Enumeration
1. Port Discovery
First, check if the service is open:
2. Service Fingerprinting
Confirm itβs actually Distcc:
3. Nmap CVE Check
Nmap has a script for CVE-2004-2687:
If the host is vulnerable, you should see the output of the id command in the scan results.
Exploitation
1. Metasploit
Metasploit provides a dedicated module:
You can replace id with any command to execute remotely.
2. Manual Exploitation (Without Metasploit)
Distcc can execute shell commands by sending specially crafted requests. A quick PoC can be found here: π DarkCoderSc Gist
Example: Reverse Shell Payload
On your attacking machine:
Learn & practice For the Bug Bounty
Last updated
Was this helpful?