When we performed only the default nmap port scan, we did not include all possible ports. Because we have now gained initial access to the system, we enter netstat -antp, and we notice other ports that nmap did not scan for when performing the attack. (Remember that in a penetration test we can’t always rely on the defaults to be successful.)

Our scan finds that port 3632 is open and associated with DistCC. An online search tells us that DistCC is a program that distributes builds of C/C++ code to several machines across a network, and it is vulnerable to an attack. (When performing penetration tests, you will often encounter unfamiliar applications and products, and you will need to research the application before you ...