DistCC 1.0.0 Remote Code Execution (CVE-2004-2687) with Manual and Metasploit Examples

preview_player
Показать описание
Distcc v1 RCE vulnerability exploitation. This video shows you how to recreate this exploit both manually and by using Metasploit.

"distcc is a program to distribute builds of C, C++, Objective C or Objective C++ code across several machines on a network. distcc should always generate the same results as a local build, is simple to install and use, and is usually much faster than a local compile."

More on distcc:

link to GitHub for the script used in the video:

Link for Metasploitable VM:

Link for Kali Linux:

*DISCLAIMER*

All material provided on this video and this channel is intended for informational/educational purposes only and should not be performed
unless you have permission to do so. These videos are to be performed
within a virtual lab for ethical hacking education only. I am not responsible for any misuse, damages, and or loss of data due to misuse of this information.
  1. Jake Wyatt
  2. distcc
  3. distcc exploit
  4. oscp
  5. kali linux
  6. kali
Рекомендации по теме
DistCC 1.0.0 Remote 0:11:12

DistCC 1.0.0 Remote Code Execution (CVE-2004-2687) with Manual and Metasploit Examples

CVE-2004-2687 : DistCC 0:01:05

CVE-2004-2687 : DistCC Daemon Command Execution

DistCC Daemon Command 0:01:43

DistCC Daemon Command Execution

Exploit distccd service 0:13:32

Exploit distccd service on metasploit2 using kali linux

Exploitdb - PAN-OS 0:04:36

Exploitdb - PAN-OS 10.0 - Remote Code Execution

Metasploitable Guide - 0:04:37

Metasploitable Guide - Episode 1 - Distccd + Privilege Escalation

Apache APISIX Remote 0:04:11

Apache APISIX Remote Code Execution | CVE 2022 24112 | POC

metasploiter distcc with 0:02:24

metasploiter distcc with text

Distcc Exploit and 0:13:13

Distcc Exploit and Remediation (Kali/Metasploit)

Distcc exploit (EHIP 0:02:06

Distcc exploit (EHIP 2018)

Metasploitable Exploits tomcat/distcc/unreallrcd/apache 0:08:12

Metasploitable Exploits tomcat/distcc/unreallrcd/apache

Master in Hacking 0:01:51

Master in Hacking with Metasploit #22 distcc exec Unintentional Backdoors Metasploit

Lucee Unauthenticated Remote 0:02:36

Lucee Unauthenticated Remote Code Execution (RCE) Vulnerability | CVE 2021 21307

How To - 0:23:04

How To - Metasploitable 2 - DISTCC + Privilege Escalation

Exploit the Distcc 0:01:08

Exploit the Distcc daemon

How to exploit 0:03:26

How to exploit samba 3.0.20 RCE

Distcc test setup. 0:03:19

Distcc test setup.

Quick and dirty 0:20:10

Quick and dirty Distcc setup tutorial: Part 1

Hacking Metasploitabel CVE 0:05:09

Hacking Metasploitabel CVE 2004 2687

Compiling Minetest with 0:03:34

Compiling Minetest with distcc [2:20]

Backdoor - distccd_udevd 0:02:09

Backdoor - distccd_udevd

Buffer Overflow 101: 0:04:04

Buffer Overflow 101: Ep 8 - Arbitrary Code Execution

distcc exploit metasploitable 0:01:31

distcc exploit metasploitable

Force most compilation 0:01:24

Force most compilation to a remote host with distcc

Комментарии
Автор

very useful!! I'm doing my lab and I was stuck with some stderr. wasn't sure what to do next, I've tried set manual payload, but with no luck, and thanks to your advice to try other payloads it actually worked. so, you've made my day. thanks very much!!!

KrzysztofMakowski-kk
Автор

thank you so much for this!!! It seems entering a payload wasn`t always required for this module and has really confused why the exploit didn't run like the guides from earlier years showed

levnikitin
Автор

Very good video. Anyway I would thank you really much if you can explain the Python script part by part because I want to understand how exactly this RCE is made of, didn’t found in the internet a full explanation of the vulnerability

sagisar
Автор

Nice video. It would have been more useful if you could show how to escalate daemon's privileges to become root.

bird
Автор

Is it possible to use Ubuntu 20 instead of Metasploitable2?

kamillorek
welcome to shbcf.ru