Many hacker and information security experts are using netcat. Netcat is a old but powerful information security tool is used to read and write from one computer to another computer through the network connection using TCP or UDP protocol.
I have been working in cyber security field more than 7 years, and found netcat working very well still. due to the use and multiple functionalities, got name swiss army knife for ethical hacking. Most big certification course like CEH (Certified Ethical Hacker) and Penetration Testing with Kali Linux are teaching about netcat.
By default netcat is available in Kali Linux but if you want to use netcat in windows, download netcat windows. netcat download
Here are most common uses of netcat:
- Port scanning.
- Banner Grabbing
- Transferring Files.
Port Scanning by Netcat Linux
Port scanning is a methodology to find out open ports on target machine. Nmap is most known and powerful tool used for port scanning but necat also can be used to scan target machine to check open port.
Here is an example of port scanning. syntax:
#nc -v [Target Machine IP address] [Port Number]
#nc -v 192.168.0.1 80
The -v switch is used to get verbose output. 192.168.0.1 is the IP address of Target Machine and port number is 80.
Result: port is open.
If you want to scan port within range, provide range instead of single port. For the example if you want to scan port range 10 to 100 then you will use following syntax:
#nc -v 192.168.0.1 10-100
Banner Grabbing by Netcat
Banner grabbing is a fingerprinting technique, used to extract useful information from the target machine like what service running on open port.
When we send banner grabbing request through the netcat, we will send some output, after analyzing same find out helpful information like Operating system detail, service detail on particular port etc.One important thing is established connection is required by netcat to the victim machine before start banner grabbing.
Here is an example of banner grabbing, victim is google.com server and Syntax:
#nc [domain name / IP Address] [Port Number]
#nc www.google.com 80
Transferring Files by using Netcat
Most common method for transferring files over network is using FTP, netcat is another tool is used to transfer files over networking using TCP or UDP protocol.
Two modes are required, one is listen mode on sending end another is receiver’s end. you must establish connection between target and attacker with specific IP address, then execute file transfer command.
On Target Computer (Victim / Reciver Computer):
nc -v -w 30 31337 -l
nc -v -w 30 31337 -l file.txt
-v verbose mode; gives feedback on the screen during an operation
-w 30 tells Netcat to wait for 30 seconds before terminating the file transfer process
31337 the port number
-l the computer is the listener
<text.txt —taking the file and sending it
On Attacker Machine:
#nc -v -w 3 [victime IP Address] [port number] > [File name]
#nc -v -w 3 192.168.0.1 4444 > file.txt
-w 3 —wait two seconds before canceling the transfer, in case of loss of connection
192.168.0.1 —IP address of the Victim machine
4444 —listening port of the Victim machine
>text.txt —receiving the output of the Windows machine and putting it in a new text file
If you have any question related this post please comment below.