Comprehensive Guide on Netcat

This article will provide you with the basic guide of Netcat and how to get a session from it using different methods.

Introduction to Netcat

Netcat or nc is a utility tool that uses TCP and UDP connections to read and write in a network. It can be used for both attacking and security. In the case of attacking, it can be driven by scripts which makes it quite dependable back-end. and if we talk about security, it helps us to debug the network along with investing it.

Features

  • Act as a simple TCP/UDP/SCTP/SSL client for interacting with web servers, telnet servers, mail servers, and other TCP/IP network services. Often the best way to understand a service (for fixing problems, finding security flaws, or testing custom commands) is to interact with it using Netcat. This lets you control every character sent and view the raw, unfiltered responses.
  • Redirect or proxy TCP/UDP/SCTP traffic to other ports or hosts. This can be done using simple redirection (everything sent to a port is automatically relayed somewhere else you specify in advance) or by acting as a SOCKS or HTTP proxy so clients specify their own destinations. In client mode, Netcat can connect to destinations through a chain of anonymous or authenticated proxies.
  • Run on all major operating systems. We distribute Linux, Windows, and Mac OS X binaries, and Netcat compiles on most other systems. A trusted tool must be available whenever you need it, no matter what computer you’re using.
  • Encrypt communication with SSL, and transport it over IPv4 or IPv6.
  • Act as a network gateway for execution of system commands, with I/O redirected to the network. It was designed to work like the Unix utility cat, but for the network.
  • Act as a connection broker, allowing two (or far more) clients to connect to each other through a third (brokering) server. This enables multiple machines hidden behind NAT gateways to communicate with each other, and also enables the simple Netcat chat mode.

Before we start discussion,

Please avail 90% OFF by using coupon "NINETYOFF" on below OSCP Prep course "Practical Hands On Offensive Penetration Testing"

Click me to avail 90% Discount

Getting start with NC

To start NC, the most basic option we can use the help command. This will show us all the options that we can use with Netcat. The help command is the following one :


Chatting

Netcat can also be used to chat between two users. We need to establish a connection before chatting. To do this we are going to need two devices. One will play the role of initiator and one will be a listener to start the conversation and so once the connection is established, communication can be done from both ends. Here we are going to create a scenario of chatting between two users with the different operating system.

User 1

OS: Windows 10

IP Address: 192.168.191.162

Role: Listener

User 2

OS: Kali Linux

IP Address: 192.168.56.107

Role: Initiator

Now in each and every scenario, regarding netcat. This step is prominent. First, we will have to create a listener. We will use the following command to create a listener:

nc -nlvvp 4444

where,

[-n]: IP

[-l]: Listen Mode

[vv]: Verbose Mode {It can be used once, but we use twice to be more verbose}

[p]: Local Port

Now, it’s time to create an initiator, for this we will just provide the IP Address of the System where we started the Listener followed by the port number.

NOTE: Use the same port to create an initiator which was used in creating listener

Now,we have got Kali console in out windows system.


Now I am initiating a chat from Windows machine.

Now,We can see this chat in our Kali Machine

File Transfer

Netcat can be used to transfer the file across devices. Here we will create a scenario where we will transfer a file from a windows system to Kali Linux system. To send the file from the Windows, we will use the following command.

To receive the file ,we will type below command from Kali machine


We can do ls & read the file using "cat" command.

There are many more thins which we can do like creating backdoor,Port Scanning,Reverse TCP Shell Exploitation & Banner Grabbing which we will discuss in next section.