Today, we will see how to use the Netcat utility. Netcat is a versatile tool that is known as the Hackers' Swiss Army knife. It exists as both Unix and Windows binaries. Netcat is a tool that can read and write to TCP and UDP ports. It can run in two modes: client and server.
We will be exploring Netcat on a Mac machine which ships the BSD variant of the software. If you are on Linux or Windows, the command line options could slightly differ.
Consequently, let's see Netcat’s various options: open the terminal, I suggest iTerm if you are on Mac, and type
Please take time to inspect Netcat’s command line options: The syntax is very easy:
nc [options] host port
Now let’s have Netcat connect to a port to check if that port is listening for connections. We use the -v option to ask Netcat to give more verbose information.
nc -v host port
Two things to keep in mind. First, Netcat doesn't do https.
Secondly, Netcat will try to initiate by default a TCP connection, if you want to send a UDP packet, you can use the -u option.
nc -u host port
Netcat, the portscanner
Netcat can be a basic but effective portscanner. You can specify a range of ports by placing a dash between the first and last port:
nc host firstPort-lastPort
If we want to get much more verbose and useful information, we just need to add some options.
nc -z -v example.com 1-80
If you want to use the IP address:
nc -z -n -v 192.168.1.100 1-80
Keep in mind that netcat is only a basic portscanner. Nmap is much much better. But this starts to show why Netcat is seen as the Hackers' Swiss Army Knife.
Netcat, the chat server
Netcat can work as a chat server: you can listen on a port for an incoming connection as shown next.
nc -l 4444
Now, open a new Terminal tab, connect to localhost to chat.
nc localhost 4444
Now type some text and press enter, switch to the other Terminal tab and you will see the text appear. Netcat works perfectly as a basic chat server.
Netcat, the file transfer utility
Netcat can also transfer file. Well, it can do millions of things as you can see.
Open a new Terminal tab and type
nc -l 3000 > FileToReceive
In this case, instead of outputting what comes into your listener to the screen, we use the '>' symbol in order to output it to a file.
Open again a new Terminal tab and type
echo "Hello, this is hacklabo" > FileToSend
Now Press enter. We have just created a file which contains the "Hello, this is hacklabo" string. Now type
nc localhost 3000 < FileToSend
And press enter. We are simply sending the content of FileToSend to the Netcat listener on port 3000. The Netcat listener will then output the result into FileToReceive.
Netcat is an amazing tool not only for penetration testers but also for sysadmins. We have only slightly touched what Netcat can do, but we will dive into more complex use of this amazing tool in the next articles. The best is still to come.
Stay awesome and keep hacking,