This Python script is ported from a Metasploit module (/unix/misc/distcc_exec). It exploits a remote code execution vulnerability in the distcc, a distributed compiler.
I ported it mainly as a learning project. What I learned:
- Understanding remote exploits
- Practice Python scripting
- Using Wireshark to examine the packets sent by the exploit in order to debug my Python script
This script might be helpful for OSCP as Metasploit usage is restricted.
Usage
./distcc_exploit <ip> <port>
NOTE: Replace the payload in the script.
How to check for this vulnerability
Nmap:
nmap -p <port> <ip> --script distcc-cve2004-2687
https://nmap.org/nsedoc/scripts/distcc-cve2004-2687.html
Metasploit:
msf5 exploit(unix/misc/distcc_exec) > check