Netcat (nc) Command Tutorial With Examples – POFTUT

Netcat (nc) Command Tutorial With Examples

Netcat is a simple but useful tool used for TCP, UDP, Unix-domain sockets. Netcat can listen or connect specified sockets easily. Netcat is a platform independent command supported by Linux, Unix, Windows, BSD, MacOS, etc. Common use cases for netcat are;

  • Simple TCP proxy
  • Shell script based HTTP clients and Servers
  • Network daemon testing
  • A SOCKS or HTTP ProxyCommand for ssh

Syntax

We will use the following syntax for nc command.

  • OPTIONS used to set some special behavior like timeout, help, jumbo frame, etc.
  • DESTINATION is used to specify remote system IP or Hostname
  • PORT is the remote system port number

If we will use netcat as server the following syntax is valid.

  • OPTIONS used to set some special behavior like timeout, help, jumbo
  • PORT is the port number the server will listen

Help

Help information about netcat can get with -h option like below.

Help

Help

We can see that netcat command provides a lot or different options.

Port Scan

Penetration testers generally use port scan techniques for information gathering. Nmap is one of the most popular tools to find open ports.

Netcat can provide port scan functionality. The advantage of netcat is simplicity and no library dependency. Single netcat binary is enough for port scan and can be used for all operating systems like Windows, Linux, Unix, MacOS, BSD.

We will use -z options for a port scan like below. In this example, we will scan IP address 192.168.122.1 which can be also a domain name like poftut.com . The port range is specified as 1-30 .

LEARN MORE  What is CCNA or Cisco Certified Network Associate?

Port Scan

Port Scan

The screenshot shows detailed output only port 22 is open as we can see. Make the IP scan faster with the -n option. This will disable the DNS resolutions about the target IP address.

Verbose Scan

In the previous example, we have scanned our host in a silent mode. Silent mode is the default mode which means only open ports will be printed to the console. There is option -v which will produce more detailed information. The verbose mode can be also used for banner grabbing purposes.

$ nc -z -v -n 192.168.122.1

TCP Server

Another useful feature of netcat is acting as a TCP server. Netcat can listen for the specified TCP port. But as a security measure in Linux systems only privileged users can listen to ports between 1-1024 . In this example, we will listen to TCP ports 30. To give required privileges we use sudo command.

TCP Server

TCP Server

In the example screenshot, we see that a client is connected to our server and provided text like ls and test . This client tool can be telnet or netcat too.

TCP Client

In the previous example, we have examined the TCP server. Netcat also provides client capabilities. To use netcat as a client we should provide hostname or IP address and the port information. There is no special option for this. Use the following syntax.

TCP Client

TCP Client

In this example, we have connected to the localhost ssh port number 22. Ssh server sends us some text about it and waiting for the response.

LEARN MORE  UEFI or Unified Extensible Firmware Interface

Send Files Trough Netcat

Another useful feature of the netcat is file transfer. As we see previous examples netcat can transfer text easily with server-client architecture. There is no limit on transfer data. This data can be a normal program or a movie. But keep in mind the transfer time will change according to data size. In order to transfer we need to set up a server which is the destination. And in the server configuration, we will redirect the incoming data into a file name myfile.txt

Now we can send the file from the client. We will read file thefile.txt in the client side by redirecting to the netcat file like below.

After the transfer is completed both server and client side netcat instances will be closed.

Simple Web Server With Netcat

Netcat has another interesting feature for simple usage. Netcat can be used as a simple web server. Actually, web servers are very simple if there are no special configuration requirements. Web servers only send HTML pages over HTTP protocol. Netcat can also send HTML code with redirection.

Simple Web Server With Netcat

Simple Web Server With Netcat

In the client side, we will use Google Chrome to navigate IP address 192.168.122.239 with port number 4444 

Simple Web Server With Netcat

Simple Web Server With Netcat

Prevent DNS Lookup

While using DNS lookup can be disabled with the option -n this will make operations faster.

LEARN MORE  Linux fuser Command Tutorial With Examples

Prevent DNS Lookup

Prevent DNS Lookup

Continue Listening After Client Has Disconnected

By default, netcat will stop listening on the specified port and IP address after a client has ended its connection. This means netcat works as one shot listener. We can provide the -k option which will continue listening given port and IP address even the remote client ends its connection.

Specify Timeout

After establishing a connection to the remote netcat server we transfer some data. If there is no transfer for during the specified time which is called timeout we can drop or close the connection. We will use -w option with the timeout value we want to set. In this example, we will set a timeout value as120.

Use IPv4 Only

netcat is a tool which supports both IPv4 and IPv6 and in some cases we may want to only enable the IPv4 protocol. This is especially useful for listening to a specific port. We will use -4 as an option to enable only IPv4.

Use IPv6 Only

On the other side, we can also enable only IPv6 .This is a very rare case but may be useful in some rare situations. We can enable only IPv6 with the -6 option like below.

8 Responses

  1. cj says:

    root@blackbox:/# netcat -n google.com 80
    Can’t parse google.com as an IP address
    root@blackbox:/#

  2. Tu Nguyen says:

    Hello!
    I created simple Web Server With Netcat. How to get http parameter request?
    Example:
    http://localhost/?cat=1 => Return index_1.html
    http://localhost/?cat=2 => Return index_2.html

  3. kalyan says:

    hello.i created simple web server using netcat. But i am unable to access the webpage while accessing the webpage using cellular data. But it is working fine if my phone and laptop are connected with wifi. please help.

    • Hi Kalyan,
      netcat web server feature is an experimental feature. So I suggest you to use a real web server which will need fewer resources like Lighttpd.
      Have a nice day.

  4. Thanks for your suggestion

  1. 14/07/2018

    […] directories via netcat: tar | nc. Renders speed  ~251 Mb/s ( = ~1 […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Enjoy this blog? Please spread the word :)