February 23rd, 2005, 12:28 AM
**Disclaimer: Only Use Netcat on a secure LAN
Use this tutorial and Netcat at your own risk.
This is my first tutorial, so please feel free to critique how it goes.
From it's readme:" Netcat is a simple Unix utility which reads and writes data
across network connections, using TCP or UDP protocol.
* Outbound or inbound connections, TCP or UDP, to or from any ports
* Full DNS forward/reverse checking, with appropriate warnings
* Ability to use any local source port
* Ability to use any locally-configured network source address
* Built-in port-scanning capabilities, with randomizer
* Can read command line arguments from standard input
* Slow-send mode, one line every N seconds
* Hex dump of transmitted and received data
* Ability to let another program service established
* Telnet-options responder "
Netcat was developed by Hobbit of the L0pht(now @stake research ). It was
originally developed for Unix, but the version I'm using for the tutorial is the
Windows NT port of it. Netcat is a very versitile tools. There are many things
you can do with it, bolth good and bad. For example, the command:
nc -L -d -p 6789 -t -e cmd.exe
would allow you to telnet to port 6789 of the computer running this command and
bring up a command prompt.
How does it work? Here:
nc - ran netcat
-L - tells netcat to stay open and listen (set up a backdoor)
-d - tells netcat to detach (don't open up a window on the computer when
-p 6789 - tells netcat when listening to listen to port 6789 (you could change
6789 to whatever other port you choose)
-t - tells netcat to accept telnet connections
-e cmd.exe - tells netcat to open up cmd.exe (the MS-DOS shell) when connected
Netcat also supports file transfers. You can use it to transfer a file between
two computers running netcat.
On the recieving computer:
nc -L -vv -p 36969 -t > C:\\recieved.txt
and on the sending:
nc 127.0.0.1 36969 -vv -w 3 < C:\\sent.txt (replace 127.0.0.1 with the recieving
computer's IP address.)
This would send "sent.txt" and put it's contents into "recieved.txt" on another
Another thing Netcat can do is function as a simple port scanner:
nc -vv -w 3 -z 127.0.0.1 1-65536
Where 127.0.0.1 is the target IP address and 1-65536 is the range of ports to scan.
However, Netcat doesn't support encryption, so it's not adivsed to actually
use it for these purposes besides in a secure LAN. Netcat is mainly used as a replacement for telnet.
This is just an introduction to Netcat, as it's uses are almost infinite.
It is better to die on your feet than to live on your knees.