A Swiss army knife in a network tool that can read and write data through TCP and UDP on the network. By combining and redirecting with other tools, you can use it in a variety of ways in your script.
It's amazing what you can do with the Netcat command. What Netcat do is create a link between the two computers and return two data streams, and what you can do after that is your imagination. You can create a server, transfer files, chat with friends, stream streaming media, or use it as a standalone client for other protocols. It's called netcat, because it's cat on the network, imagine the cat function, read out the contents of a file, and then output it to the screen (the default stdout is the screen, and of course it can be redirected elsewhere). Netcat, too, reads the input from one end and then transmits it to the other end of the network. But don't underestimate it, netcat can accomplish many tasks, especially when combined with other programs.
Parameters:
-e Prog program redirection, once connected, execute [dangerous]
-G Gateway source-routing Hop Point[s], up to 8
-G num source-routing pointer:4, 8, 12, ...
-H Help Information
-I secs delay interval
-L listening mode for inbound connections
-n Specifies the IP address of the number and cannot be used hostname
-O file record 16-binary transfer
-P port Local port number
-R arbitrarily specify local and remote ports
-S addr Local Source Address
-U UDP mode
-v Verbose output-with two-V for more detailed content
-W secs timeout time
-Z turns the input and output off-when used for scanning
1) Simple Server
NC-L-P 1234 [assuming this host IP is 192.168.0.1]
Then client input: NC 192.168.0.1 1234
The data you enter from either end is displayed at the other end. In fact, the NETCAT server and client difference is not big, the difference is just who executed the-L to listen to the port, once the connection is established, there is no difference. From here we can also understand how netcat works, read and write data through a network link.
2) Telnet Server (open a shell)
The NC has an-e option to specify which programs to execute after the connection. On the Windows platform, you can specify-e cmd.exe (specify Command.exe, Linux, or-e bash if you are 98), or any shell you like, or a program you write yourself, The effect of specifying-e is that the program you specify replaces the NC itself to accept input from the other end and displays the results of the input (command) feedback to the other end.
Server:nc-l-P 1234-E Bash
CLIENT:NC 192.168.0.1 1234
You can log on to the server remotely.
You do not have to specify-E on the server side, or you can specify on the client side:
Server:nc-l-P 1234
CLIENT:NC-E 192.168.0.1 1234
This is equivalent to remotely logging on to the client on the server. There is no point in distinguishing between client and server. Who did the standard for Telnet server only one, who executed the-e [Shell].
If Netcat does not support the-e parameter, the remote shell can still be created
Server
$mkfifo/tmp/tmp_fifo
$cat/tmp/tmp_fifo | /bin/sh-i 2>&1 | Nc-l 1567 >/tmp/tmp_fifo
A FIFO file is created and the FIFO file content is directed to the shell 2>&1 using the pipe command. is used to redirect standard error output and standard output, and then pipe to Netcat to run on port 1567. At this point, we have redirected the output of Netcat to the FIFO file.
Client
$NC-N 172.31.100.7 1567
Will get a shell prompt on the client
3) port scan
Port scans are often used by system administrators and hackers to find open ports on some machines to help them identify vulnerabilities in the system.
Nc-z-v-n 172.31.100.7 21-25
Print 21 to 25 of all open ports. Banner is a text that banner is a text message sent to you by a service that you connect to. Banner information is useful when you are trying to identify a vulnerability or the type and version of a service. However, not all services will send banner. Once you find the open ports, you can easily use the Netcat connection service to crawl their banner:
Nc-v 172.31.100.7 21
The Netcat command connects to open port 21 and prints the banner information that is running on this port.
4) Chat Server
If you want to talk to your friends, there are a lot of software and information services available for you to use. However, if you do not have such extravagant configuration, such as you in the computer lab, all the external connection is limited, how do you and all the friends sitting in the next room all day to communicate that? Don't be depressed, Netcat provides a way for you to create a chat server, a pre-determined port, so that he can reach you.
Server
$NC-L 1567
The Netcat command initiates a TCP server on port 1567, and all standard outputs and inputs are output to that port. Both the output and the input are shown in this shell.
Client
$NC 172.31.100.7 1567
Whatever you type on machine B will appear on machine A.
5) File Transfer
Most of the time, we are trying to transfer files over a network or other tool. There are many ways, like FTP,SCP and so on, but when you just need to transfer files temporarily or once, it's really worth wasting time installing and configuring a software on your machine. Suppose you want to pass a file file.txt from a to B. A or B can be a server or a client, the following let a as a server, B is the client.
Server
$NC-L 1567 < file.txt
Client
$NC-n 172.31.100.7 1567 > file.txt
Here we create a server on a and redirect the input of netcat to file file.txt, then when any successful connection is made to that port, Netcat will send file contents. At the client we redirect the output to File.txt, when B connects to A,a to send the file contents, B saves the file contents to file.txt. There is no need to create a file source as a server, and we can use it in the opposite way. Like the following we send files from B to a, but the server is created on a, this time we only need to redirect the output of the netcat and redirect the input file of B.
B As server:
Server
$NC-L 1567 > file.txt
Client
NC 172.31.100.23 1567 < file.txt
If you want to send multiple files, or the entire directory, just as simple, only need to use the compression tool tar, compressed after sending the compressed package.
Server
$tar-cvf–dir_name | Nc-l 1567
Client
$NC-N 172.31.100.7 1567 | TAR-XVF-
Here on a server, we create a tar archive package and pass it-redirect it in the console, then use the pipeline, redirecting it to Netcat,netcat to send it over the network. At the client we download the package through the Netcat pipeline and then open the file.
If you want to save bandwidth transfer compression packets, we can use bzip2 or other tools to compress.
Server Compressed by bzip2
$tar-cvf–dir_name| Bzip2-z | Nc-l 1567
Client uses bzip2 decompression
$NC-N 172.31.100.7 1567 | Bzip2-d |TAR-XVF-
6) Streaming video
While not the best way to generate streaming video, if there are no specific tools on the server, using Netcat, we still have the hope of doing it.
Service side
$cat Video.avi | Nc-l 1567
Here we just read from a video file and redirect the output to the Netcat client
Client
$NC 172.31.100.7 1567 | MPLAYER-VO X11-cache 3000-
Here we read the data from the socket and redirect it to MPlayer.
7) Cloning a device
If you have installed a Linux machine and need to repeat the same operation to other machines, and you do not want to repeat the configuration again. Do not need to re-configure the installation process, just start another machine with some boot can drive the disk and clone your machine. Cloning a Linux PC is simple, assuming your system is on disk/DEV/SDA
Server
$DD IF=/DEV/SDA | Nc-l 1567
Client
$NC-N 172.31.100.7 1567 | DD OF=/DEV/SDA
The NETCAT server redirects its output to another machine and writes it to disk, which copies all the information along with the partitioned table. However, if we have already partitioned and only need to clone the root partition, we can change SDA to sda1,sda2 and so on according to the location of our system root partition.
8) Specify the source port
Suppose your firewall filters all the ports except the 25 port, you need to specify the source port using the-P option.
Server-side
$NC-L 1567
Client
$NC 172.31.100.7 1567-p 25
Using a port within 1024 requires root access. This command will open port 25 for communication on the client, otherwise the random port will be used.
9) Specify the source address
Suppose your machine has multiple addresses, and you want to explicitly specify which address to use for external data traffic. We can use the-s option in Netcat to specify the IP address.
Server-side
$NC-U-L 1567 < file.txt
Client
$NC-u 172.31.100.7 1567-s 172.31.100.5 > File.txt
The command binds the address 172.31.100.5.
HTTP Client for downloading files
This is the simplest way to use, NC NC http://www.apache.org/80
get/http/1.1
http/1.1 Bad Request
Date:mon, DEC 2003 06:23:31 GMT
Server:apache/2.0.48-dev (Unix)
content-length:310
Connection:close
content-type:text/html; Charset=iso-8859-1
<! DOCTYPE HTML PUBLIC "-//ietf//dtd HTML 2.0//en" >
<title>400 Bad request</title>
<p>your Browser sent a request that this server could not understand.<br/>
</p>
<address>apache/2.0.48-dev (Unix) Server at Http://www.apache.org/Port 80</address>
</body>
11) Other uses
A. Impersonate the Telnet client with the-t option
b, connect to the mail server, use the SMTP protocol to check messages,
C. Use FFmpeg to intercept the screen and share it via streaming, etc. Other more uses.
As long as you understand the protocol, you can use Netcat as a network communication medium to implement various clients.
Network Monitoring Tools-Netcat