Netcat – Basic Usage and Overview
- Connect to a port of a target host.
- Listen to a certain port for any inbound connections.
- Send data across client and server once the connection is established.
- Transfer files across the network once the connection is established.
- Can execute programs and scripts of the client on the server and vice versa.
- Can Provide remote shell access of server to a client where shell commands can be executed.
A simple client-server connection:
Type this command on the server machine.
nc -l -p 1234
Here, nc stands for Netcat, that we are calling the Netcat program.
-l option tells the program to listen on a port specified by -p option. In this case, it is 1234. So the command can also be written as,
Now type the following on the client machine or on the other terminal:-
nc 127.0.0.1 1234
This will create a TCP connection with the IP address(that is, 127.0.0.1) on the specified port(that is, 1234).
Some important options that can be used with Netcat:
1. Verbose, prints additional information about the connection.
#command for terminal 1 nc -vlp 1234 #command for terminal 2 nc -v 127.0.0.1 1234
The above command on the client is showing it has successfully connected to the server. This command can also be used to scan a port of the server if it is open or not.
2. After data transfer wait w seconds before terminating the connection.
#command for terminal 1 nc -w 20 -lp 1234 #command for terminal 2 nc -w 2 127.0.0.1 1234
3. To perform simple chat and data transfer
#command for terminal 1 nc -lp 1234 #command for terminal 2 nc 127.0.0.1 1234
Use the above sequence of command to send the messages or data from one terminal and one ip to the other
4. To perform file transfer
#command for terminal 1 nc -v -w 30 -l -p 1234 >manav.txt #command for terminal 2 nc -v -w 2 127.0.0.1 1234<manav.txt
In this example, the server will terminate the connection 30 seconds after receiving the file. If the file is not in the current directory, then specify the entire path.
5. To execute shell command after successful establishment of connection
#command for terminal 1 nc -lp 1234 -c /bin/sh #command for terminal 2 nc 127.0.0.1 1234
/bin/sh is a Unix command which provides a shell to execute shell commands. This will provide a remote shell to the client, from where the client can execute shell command on the server.
Some important points on Netcat
- By default, Netcat uses TCP connection. To establish a UDP connection -u option is used.
- Without the -w option the connection doesn’t terminate until quitting the Netcat program.
- -n option specifies a numerical IP address, not a domain name. That is, -n option allows only an IP address with which to connect but cannot resolve a domain name to IP address.
- -k option is used in listen mode to accept multiple connections.