{"id":25276,"date":"2020-01-22T18:29:53","date_gmt":"2020-01-22T12:59:53","guid":{"rendered":"https:\/\/www.armourinfosec.com\/?p=25276"},"modified":"2020-01-23T14:07:15","modified_gmt":"2020-01-23T08:37:15","slug":"hacking-with-netcat-a-comprehensive-guide","status":"publish","type":"post","link":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/","title":{"rendered":"Hacking with Netcat : A Comprehensive Guide"},"content":{"rendered":"

Netcat<\/strong> is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol.
\nIt is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. It’s so simple, powerful, and useful that many people within the IT community refer to it as the “Swiss Army Knife of Hackers<\/strong>“.<\/p>\n

Features :<\/strong><\/h5>\n
    \n
  • Outbound and Inbound connections, TCP or UDP, to or from any ports.<\/li>\n
  • Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port\/interface, listening port\/interface, and the remote host allowed to connect to the tunnel).<\/li>\n
  • Built-in port-scanning capabilities, with randomization<\/li>\n
  • Advanced usage options, such as buffered send-mode (one line every N seconds), and hex dump (to stderr or to a specified file) of transmitted and received data.<\/li>\n
  • Can read command line arguments from standard input<\/li>\n
  • Optional ability to let another program service establish connections<\/li>\n
  • To read a banner from the port<\/li>\n
  • Encrypted file transfer<\/li>\n
  • Command Line Chat Server<\/li>\n<\/ul>\n
    General Syntax :<\/strong><\/h5>\n
    nc [options] host port\r\n<\/pre>\n
    Getting start with Netcat :
    \n<\/strong><\/h5>\n
    Netcat can be used from any directory. Let’s start with the basic option which will show us the help page by the following command.<\/p>\n
    nc -h\r\n<\/pre>\n
    \"\"<\/p>\n
    Port Scanning :<\/strong><\/h5>\n
    One of the most common uses for netcat is as a Port Scanner. It can be used to know which ports are open and running services on a target machine. It can scan a single or multiple or a range of open ports.
    \nWe will use -z<\/strong> option to perform only scan and -v<\/strong> option enables verbose mode options for a port scan like below.<\/p>\n
    nc -v -z 192.168.1.200 80<\/pre>\n
    \"\"<\/p>\n
    nc -v -z 192.168.1.200 21-25<\/pre>\n
    \"\"<\/p>\n
    Banner Grabbing :<\/strong><\/h5>\n
    Netcat can be also used for grabbing service banner viz. Service Version, Status etc. To grab the target port banner from netcat, use the following command :<\/p>\n
    nc -v 192.168.1.200 22<\/pre>\n
    \"\"<\/p>\n
    Connecting to a Server :<\/strong><\/h5>\n
    Here, we will connect a FTP Server with the IP Address 192.168.1.200. To connect to the server at a specific port where a particular service running. In our case, the port is 21 i.e. FTP.<\/p>\n
    nc 192.168.1.200 21<\/pre>\n
    \"\"<\/p>\n
    Command Line Chat Server :
    \n<\/strong><\/h5>\n
    Netcat can also be used to communication between two users. We need to establish a connection before chatting. For this we will need need two devices. One will play the role of initiator and other will be a listener to start the conversation. Once the connection is established, communication can be done from both ends.<\/p>\n
    User 1<\/strong>
    \nOS<\/strong>: Kali Linux
    \nIP Address<\/strong>: 192.168.1.100
    \nRole<\/strong>: Listener<\/p>\n
    User 2<\/strong>
    \nOS<\/strong>: CentOS
    \nIP Address<\/strong>: 192.168.1.200
    \nRole<\/strong>: Initiator<\/p>\n
    On User<\/strong> 1, we will start a listener on port 4455<\/strong> using options -l<\/strong> for listen, -v<\/strong> verbose mode, -p<\/strong> for port<\/p>\n
    nc -lvp 4455<\/pre>\n
    \"\"<\/p>\n
    On User 2<\/strong>, we will create an initiator by providing IP address of listener followed by the listener port.<\/p>\n
    nc -v 192.168.1.100 4455<\/pre>\n
    \"\"<\/p>\n
    Transferring Files with Netcat :<\/strong><\/h5>\n
    Netcat can also be used to transfer files, both text and binary, from one computer to
    \nanother. Here we will create a scenario where we will transfer a file from a Kali system to Windows system.<\/p>\n
    On the Windows system<\/strong>, we will set up a netcat listener on port 4455<\/strong> and redirect any
    \nincoming input into a file called output.txt<\/strong>.<\/p>\n
    nc.exe -nlvp 4455 > output.txt<\/pre>\n
    \"\"<\/p>\n
    On the Linux system<\/strong>, we will push the file to the Windows system through port 4455<\/strong>:<\/p>\n
    nc -v 192.168.1.200 4455\u00a0 < demo.txt<\/pre>\n
    \"\"<\/p>\n
    The connection which will be received by netcat on the Windows system<\/strong> as shown below:<\/p>\n
    \"\"<\/p>\n
    Randomize Port :<\/strong><\/h5>\n
    If we can\u2019t decide our very own port to establish a Netcat connection. Then we can use a special -r<\/strong> parameter which gives us randomize local port.<\/p>\n
    nc -lv -r<\/pre>\n
    \"\"<\/p>\n
    Simple Web Server with Netcat :<\/strong><\/h5>\n
    Netcat can be used as a simple web server. Actually, web servers are very simple if there are no special configuration requirements. Web servers only send HTML pages over HTTP protocol.<\/p>\n
    while : ; do ( echo -ne \"HTTP\/1.1 200 OK\\r\\n\" ; cat index.html; ) | nc -l -p 8080 ; done<\/pre>\n
    \"\"<\/p>\n
    Remote Administration with Netcat :<\/strong><\/h5>\n
    One of the most useful features of netcat is its ability to do command redirection. Netcat can take an executable file and redirect the input, output, and error messages to a TCP\/UDP port rather than the default console.
    \nTo further explain this, consider the cmd.exe executable. By redirecting the stdin, stdout, and stderr to the network, we can bind cmd.exe to a local port. Anyone connecting to this port will be presented with a command prompt belonging to this
    \ncomputer. To further drive this home, consider the following scenario, involving Windwos<\/strong> and Kali<\/strong>.<\/p>\n
    First, we will start a listener on Windows system<\/strong> for remote connection which will take place from Kali<\/strong>.<\/p>\n
    nc.exe -nlvp 4455 -e cmd.exe<\/pre>\n
    \"\"<\/p>\n
    On Kali<\/strong> when we will hit the listener port of Windows<\/strong>, we will get its Command Shell.<\/p>\n
    nc -v 192.168.1.200 4455<\/pre>\n
    \"\"<\/p>\n","protected":false},"excerpt":{"rendered":"
    Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. It…<\/p>\n","protected":false},"author":1,"featured_media":25343,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[92,90],"tags":[],"yoast_head":"\nHacking with Netcat : A Comprehensive Guide - Armour Infosec<\/title>\n<meta name=\"description\" content=\"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hacking with Netcat : A Comprehensive Guide - Armour Infosec\" \/>\n<meta property=\"og:description\" content=\"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/\" \/>\n<meta property=\"og:site_name\" content=\"Armour Infosec\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ArmourInfosec\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-22T12:59:53+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-23T08:37:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.armourinfosec.com\/wp-content\/uploads\/2020\/01\/images.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"628\" \/>\n\t<meta property=\"og:image:height\" content=\"297\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Armour Infosec\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ArmourInfosec\" \/>\n<meta name=\"twitter:site\" content=\"@ArmourInfosec\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Armour Infosec\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/\",\"url\":\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/\",\"name\":\"Hacking with Netcat : A Comprehensive Guide - Armour Infosec\",\"isPartOf\":{\"@id\":\"https:\/\/www.armourinfosec.com\/#website\"},\"datePublished\":\"2020-01-22T12:59:53+00:00\",\"dateModified\":\"2020-01-23T08:37:15+00:00\",\"author\":{\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308\"},\"description\":\"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat\",\"breadcrumb\":{\"@id\":\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.armourinfosec.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hacking with Netcat : A Comprehensive Guide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.armourinfosec.com\/#website\",\"url\":\"https:\/\/www.armourinfosec.com\/\",\"name\":\"Armour Infosec\",\"description\":\"Do Your Part - Be Security Smart\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.armourinfosec.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308\",\"name\":\"Armour Infosec\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.armourinfosec.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g\",\"caption\":\"Armour Infosec\"},\"sameAs\":[\"https:\/\/www.armourinfosec.com\/\"],\"url\":\"https:\/\/www.armourinfosec.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hacking with Netcat : A Comprehensive Guide - Armour Infosec","description":"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/","og_locale":"en_US","og_type":"article","og_title":"Hacking with Netcat : A Comprehensive Guide - Armour Infosec","og_description":"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat","og_url":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/","og_site_name":"Armour Infosec","article_publisher":"https:\/\/www.facebook.com\/ArmourInfosec","article_published_time":"2020-01-22T12:59:53+00:00","article_modified_time":"2020-01-23T08:37:15+00:00","og_image":[{"width":628,"height":297,"url":"https:\/\/www.armourinfosec.com\/wp-content\/uploads\/2020\/01\/images.jpeg","type":"image\/jpeg"}],"author":"Armour Infosec","twitter_card":"summary_large_image","twitter_creator":"@ArmourInfosec","twitter_site":"@ArmourInfosec","twitter_misc":{"Written by":"Armour Infosec","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/","url":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/","name":"Hacking with Netcat : A Comprehensive Guide - Armour Infosec","isPartOf":{"@id":"https:\/\/www.armourinfosec.com\/#website"},"datePublished":"2020-01-22T12:59:53+00:00","dateModified":"2020-01-23T08:37:15+00:00","author":{"@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308"},"description":"Netcat is a featured networking utility tool which reads and writes data across network connections, using the TCP\/IP protocol. Hacking with Netcat","breadcrumb":{"@id":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.armourinfosec.com\/hacking-with-netcat-a-comprehensive-guide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.armourinfosec.com\/"},{"@type":"ListItem","position":2,"name":"Hacking with Netcat : A Comprehensive Guide"}]},{"@type":"WebSite","@id":"https:\/\/www.armourinfosec.com\/#website","url":"https:\/\/www.armourinfosec.com\/","name":"Armour Infosec","description":"Do Your Part - Be Security Smart","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.armourinfosec.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/1d8ec30560e735c34fa5d464a1357308","name":"Armour Infosec","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.armourinfosec.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/17f812901d8294702576e81ddce5aa92?s=96&d=mm&r=g","caption":"Armour Infosec"},"sameAs":["https:\/\/www.armourinfosec.com\/"],"url":"https:\/\/www.armourinfosec.com\/author\/admin\/"}]}},"menu_order":0,"_links":{"self":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts\/25276"}],"collection":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/comments?post=25276"}],"version-history":[{"count":0,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/posts\/25276\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/media\/25343"}],"wp:attachment":[{"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/media?parent=25276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/categories?post=25276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.armourinfosec.com\/wp-json\/wp\/v2\/tags?post=25276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}