05. Netcat & Some Example Usage - tandihansvin/EthicalHacking GitHub Wiki

What is Netcat ?

Netcat is sometimes abbreviated as "nc" and also as known as "swiss army knife" for hacking. Netcat is a networking utility for writing and reading through TCP and UDP connection. The original netcat was a Unix program which was issued in 1996. Usually, netcat is used as both a standalone program (for networking debugging or investigation tool) and a dependable back-end since it can be used directly driven by other programs and scripts.

Command Line Cheat Sheet

usage: nc [ option ] [ host ] [ port ]

General Option:

  • Use IPv4 addressing: nc -4 [ option ] [ host ] [ port ]
  • Use IPv6 addressing: nc -6 [ option ] [ host ] [ port ]
  • UDP connection: nc -u [ option ] [ host ] [ port ]
  • Listen for an incoming connection: nc -l [ option ] [ host ] [ port ]
  • No DNS lookup: nc -n [ option ] [ host ] [ port ]
  • Use specific source port: nc -p [ source port ] [ option ] [ host ] [ port ]
  • Use source IP: nc -s [ source IP ] [ option ] [ host ] [ port ]
  • Set timeout: nc -w [ timeout ] [ option ] [ host ] [ port ]
  • Show verbose output: nc -v [ option ] [ host ] [ port ]

Exploring some usages

1. Port Scanner

Netcat can be used as a port scanner. Netcat can work almost the same as Nmap but has fewer features. Port Scanner can be done simply by running the following command:
nc -v -w 1 [ IP/DNS ] -z [port range]

2. Telnet

Telnet is a protocol used on localhost or internet that provided interactive bidirectional text-based communication (usually used to remote another computer) over TCP/IP network. Telnet can be divided into 2 types consists of telnet server and telnet client. Using telnet client, we can make a connection to telnet server. Once the connection is established, the client computer becomes virtual terminal. Afterward, we can perform communication to remote computer from our computer:
nc -v [IP/DNS] [port]

3. File Transfer

Let say that we want to transfer a file from Computer A to Computer B. Either both or one of them has no FTP installed, or the file is too big so cannot transfered through email or other restriction. So netcat is one of the solution to swift the file:

  • On Computer A: netcat -vlp [unused port] < [file name]
  • On Computer B: netcat [ X ] [ Y ] > [file name]
    where X is IP of computer A, and Y is port that is used by computer A to transfer the file.

4. Crafting an Email

Is it possible to send email even though your computer does not have any email client installed? Of course yes, as long as there is netcat on your computer. In order to do this, netcat is used to stream a message to port 25 of a mail server. Here's some steps that we should process:

Step 1: Established a connection to a mail server

establised a connection

Step 2: Identify yourself

identify yourself

Step 3: Specify the sender address

Specify the sender address

Step 4: Specify the receiver address

specify the receiver address

Step 5: Input the Message Data

Message Data
At the end of the message, there should be a fullstop.

Step 6: Terminate the connection

quit
Now, the email will show up on the receiver email box :)

⚠️ **GitHub.com Fallback** ⚠️