What is Netcat? All NetCat Commands
Now on your PC Download my Netcat PS4 Starter Pack and unzip somewhere, for example C:PS4 You should see the nc.exe and fulldebug.bin files Now open a Command Prompt and type cd c:ps4 if you unzipped the nc.exe and fulldebug.bin files to a ps4 folder on the root of your C: drive Type in the Command Prompt window.
By Chandan Singh
Netcat utility is often called “Swiss Army Knife”, in the good sense of the word. The
How to install NetCat?
If you have Debian or a system based on Debian, such as Ubuntu, do the following:
If you have Fedora or a Fedora based system such as CentOS, do:
If you have Slackware, FreeBSD, NetBSD, Solaris, or Mac, download the nc sources and do:
Another way to do this on a Mac is if you have MacPorts:
On Slackware, you can install it as a package from the package directory:
If you have Windows, download from here.
How to use NetCat?
Let’s start with a few simple examples and then we will use them as basic ones.
If you remember, I said that netcat is a Swiss army knife. What would this knife be if it could not be used as an ordinary knife? This is why netcat can be used instead of the usual telnet:
In fact, it is more convenient than regular telnet, because you can terminate the connection at any time by pressing Ctrl + C and it processes binary data as normal (no escape sequences, nothing).
You can add the “-v” parameter to display the action results in more detail, and the (-vv) parameter to get statistics on how many bytes were transferred during the current connection session.
Netcat can be used as a server. If you run it as shown below, it will listen on port 12345 (on all interfaces):
Now if you connect to port 12345 of this host, everything you dial will be transferred to the remote side, which tells us that netcat can be used as a chat server. Run on one of the computers:
And connect to it from another:
Now both sides can talk!
This way of talking, when both parties can talk to each other makes it possible to use nc for I / O operations over the network! For example, you can send a whole directory from one computer to another by arranging the tar pipeline through nc on the first computer, and redirecting the output to another tar process on the second.
Suppose you want to send files from the directory / data of computer A with IP 192.168.1.10 to computer B (with any IP). It’s simple:
Do not forget to combine the pipeline with the Pipe Viewer , which was described in the previous article, to see the statistics of how fast the transfer takes place!
A single file can be sent easier:
You can even copy and restore the whole disk using nc:
Note: The “-l” option cannot be used with “-p” on Mac computers! The solution is simply to replace “-l -p 6666? on “-l 6666 ?. Like here:
Exceptional use of netcat – port scan. Netcat is not the best tool for such work, but it copes with it (the best, of course, nmap):
The “-n” option prevents DNS lookups, “-z” does not wait for a server response, and “-w 1? sets the timeout for the connection to 1 second.
Another non-trivial use of netcat as a proxy. Both port and host can be redirected. Take a look at this example:
This command starts nc on port 1234 and redirects all connections to google.com:80. If you now connect to this computer on port 12345 and make a request, you will find that you do not receive any data in response. This is correct because we have not established a bidirectional channel. If you add a second channel, you will receive your data on another port:
After sending a request to port 12345, receive your response data on port 12346.
Probably the most powerful feature of netcat is to run any process as a server:
The “-e” option affects the execution of input and output redirected through a network socket. Now, if you connect to a host on port 12345, you can use bash:
The implications are that NetCat is a popular hacker tool and it can be used to make a backdoor very easily. On a Linux server, you can run /
Netcat is a great network utility for reading and writing to network connections using the TCP and UPD protocol. Netcat is often referred to as the Swiss army knife in networking tools and we will be using it a lot throughout the different tutorials on Hacking Tutorials. Most common use for Netcat when it comes to hacking is setting up reverse and bind shells, piping and redirecting network traffic, port listening, debugging programs and scripts and banner grabbing. In this tutorial we will be learning how to use the basic features from Netcat such as:
- Banner grabbing
- Raw connections
- Webserver interaction
- File transfers
We will demonstrate these techniques using a couple virtual machines running Linux and through some visualization. The hacking with Netcat tutorials will be divided in the following 3 parts:
Let’s start with the very basics and have a look at how we can make raw data connections to grab service banners.
Banner Grabbing, raw connections and webserver interaction
Service banners are often used by system administrators for inventory taking of systems and services on the network. The service banners identify the running service and often the version number too. Banner grabbing is a technique to retrieve this information about a particular service on an open port and can be used during a penetration test for performing a vulnerability assessment. When using Netcat for banner grabbing you actually make a raw connection to the specified host on the specified port. When a banner is available, it is printed to the console. Let’s see how this works in practice.
Netcat banner grabbing
The following command is used the grab a service banner (make a raw connection to a service):
nc [ip address][port]
Let’s try this on the FTP service on Metasploitable 2 which is running on port 21:
Download Netcat Linux
nc 192.168.100.100 21
nc [ip][port]is used to make a raw connection to the port which will return a service banner when it’s available.
As we can see there is a vsFTPD service running on port 21. Have a look at the service enumeration tutorial if you want to learn more about this subject.Netcat raw connection
To demonstrate how a raw connection works we will issue some FTP commands after we’re connected to the target host on the FTP service. Let’s see if anonymous access is allowed on this FTP server by issuing the USER and PASS command followed by anonymous.
Interaction with the FTP service over a raw connection.
This example demonstrates how to grab a banner and how to setup and use a raw data connection. In this example we’ve used an FTP service but this also works on other services such as SMTP and HTTP services.
Web server interaction
Netcat Gui Download
Netcat can also be used to interact with webservers by issuing HTTP requests. With the following command we can grab the banner of the web service running on Metasploitable 2:
nc 192.168.100.108 80
And then run this HTTP request:
HEAD / HTTP/1.0
The webserver responds with the server banner: Apache/2.2.8 (Ubuntu) DAV/2 and the PHP version.
Netcat Download Free
To retrieve the top level page on the webserver we can issue the following command:
nc 192.168.100.108 80
And then run this HTTP request:
GET / HTTP/1.0
Webserver page.
File transfers with Netcat
In this example we will be using a Netcat connection to transfer a text file. Let’s assume we have remote command execution on the target host and we want to transfer a file from the attack box to the host. First we would need to set up a listener on the target host and connect to it from the attack box. We will be using port 8080 for this purpose and we safe the file to the desktop:
nc -lvp 8080 > /root/Desktop/transfer.txt
On the attack box we connect to port 8080 and send a file name transfer.txt:
nc 192.168.100.107 8080 < /root/Desktop/transfer.txt
Than we hit control + c and cat the contents of the file on both the attack box and target host.
File was transferred from the host to the target.
As we can see here the contents of the files are equal which means it has been transferred from the attack box to the target host.
Lessons learned
Netcat Gui Ps4
In the first part of the Hacking with Netcat tutorials we have learned how to work with several basic features like raw connections, banner grabbing and file transfers. We have learned how to grab service banners which contain information about the service running on the specific port. We have also learned how to interact with services by using raw connections and Netcat. In the tutorial we have gained anonymous access to a FTP server using a raw data connection and issued some FTP commands. We have also learned how to use Netcat for interaction with a webserver. We are able to retrieve webpages and send HTTP requests. Last but not least, we have learned how to transfer files from one box to another with Netcat.
Netcat Download File
In the following Hacking with Netcat tutorial part 2 and Hacking with Netcat part 3: Advanced Techniques we will be learning about how to use reverse shells and bind shells.