Labels

Netcat

                                  Netcat, Computers, Web, HD wallpaper 

 

Introduction to Netcat. 

Netcat, first released in 1995(!) by *Hobbit* is one of the “original” network penetration testing
tools and is so versatile that it lives up to the author’s designation as a hacker’s “Swiss army knife”.
The clearest definition of Netcat is from *Hobbit* himself: a simple “utility which reads and writes
data across network connections, using TCP or UDP protocols.”


Connecting to a TCP/UDP Port

As suggested by the description, Netcat can run in either client or server mode. To begin, let’s look
at the client mode.


We can use client mode to connect to any TCP/UDP port, allowing us to:
• Check if a port is open or closed.
• Read a banner from the service listening on a port.
• Connect to a network service manually.


Let’s begin by using Netcat (nc) to check if TCP port 110 (the POP3 mail service) is open on one of
the lab machines. We will supply several arguments: the -n option to skip DNS name resolution; -
v to add some verbosity; the destination IP address; and the destination port number:



 

 Listing tells us several things. First, the TCP connection to 10.11.0.22 on port 110
(10.11.0.22:110 in standard nomenclature) succeeded, so Netcat reports the remote port as open.

 Next, the server responded to our connection by “talking back to us”, printed out the server welcome
message, and prompted us to log in, which is standard behavior for POP3 services.
Let’s try to interact with the server:

 

 We have successfully managed to converse with the POP3 service using Netcat (even though our
login attempt failed).

Netcat command flags

  • -l: Listen mode (default is client mode).
  • -L: Listen harder, supported only on the Windows version of Netcat. This option makes Netcat a persistent listener that starts listening again after a client disconnects.
  • -u: UDP mode (default is TCP).
  • -p: Local port (in listen mode, this is the port that is listened on).
  • -e: Program to execute after a connection has been established.
  • -n: Don't perform a DNS lookup (name resolution) on the names of the machines on the other side.
  • -z: Zero I/O mode.
  • -w(N): Timeout for connections. A Netcat client or listener with this option will wait for N seconds to make a connection. For example, w1 or w2.
  • -v: Be verbose.
  • -vv: Be very verbose.

 

Labels:

Comments

Post a Comment