In this article I wanted to explain some of the basics of a tool called 'netcat'. Similar to my article of nmap, we will start simple and add some details as we go.
What is Netcat?
From the netcat web site: Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.
It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.
Again from the web site: It provides access to the following main features:
- Outbound and inbound connections, TCP or UDP, to or from any ports.
- Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel.
- Built-in port-scanning capabilities, with randomizer.
- Advanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified file) of trasmitted and received data.
- Optional RFC854 telnet codes parser and responder.
In my words it is a security testing tool that can be used for good or for bad. We will stick to the good. Plus it is free!
Let's begin with where is netcat? Well it depends on your operating system:
- If you have Linux, it is probably already installed. You can test this by opening a terminal window and typing 'nc -h' to see if it is installed.
- If you have a MAC, it is installed. You can test it by opening a terminal window and typing 'nc -h' at the prompt.
- If you have Windows you will have to install the tool.
While I will not go into the step by step install process, just go to netcat.sourceforge.net and click on the downloads button. For Windows users, you will have to serach for a compiled version on Google and install it as a .exe file.
Let's have a little fun with netcat right away. For this first experiment, we will open two Terminal windows on one machine.
Begin by getting the IP address of your machine using the ifconfig command (ipconfig in Windows). You can see in mine it is 10.0.2.15:
In one terminal window type the following command:
nc -l -p 31337
When you do this, the cursor will be to the leftmost position and it will just sit there. What you just did was you told your system to execute netcat with the -l meaning go into "listen mode", and the -p 31337 means to listen on port 31337. We could have used any port here, but this should work. Assuming you did this in the same window that you typed the ifconfig command, it should look like this:
Note: MAC users, there appear to be two versions of netcat in OSX. If you try the above command, it will not work properly. Try this command instead: 'ncat -4 -l -p 31337'
OK, now in the other terminal window, type the following command - make sure you replace the IP addres 10.0.2.15 with whatever the IP address was on your machine, but keep the 31337 port number:
nc 10.0.2.15 31337
What you are doing here is starting another instance of netcat and asking it to connect to the instance that you told to "listen" for connections on port 31337. The result will be that the cursor will be sitting at the leftmost position:
OK - you now have a "chat session" between the two instances of netcat! Type "hello" in one and it appears in the other. Then type "hello back" and the message is sent back:
Pretty cool. Of course you can do this between different systems on your network as well.
To end the netcat session, simply het CTRL-C on both windows and you will be back at the prompt.
OK, we are off to a great start with netcat. I will add some more articles and experiments in the near future. Meanwhile have fun with netcat!