Netcat is a very useful and powerful LINUX command used by network administrators and security experts for various purposes such as read and write data on a remote computer by using TCP and UDP packets, create raw connections with other computers in a network, banner grabbing etc.
It’s a “power version” of the traditional telnet program. Apart from basic telnet function as it can do various other things like creating socket servers to listen for incoming connections on ports, transfer files from the terminal etc.
So it is a small tool that is packed with lots of features. Netcat is designed to be a dependable “back-end” device that can be used directly or easily driven by other programs and scripts.
So basically netcat is a tool to do some bidirectional network communication over the TCP/UDP protocols. More technically speaking, netcat can act as a socket server or client and interact with other programs at the same time sending and receiving data through the network.
- Act as a simple TCP/UDP/SCTP/SSL client for interacting with web servers, telnet servers, mail servers, and other TCP/IP network services. Often the best way to understand a service (for fixing problems, finding security flaws, or testing custom commands) is to interact with it using Netcat. This lets you control every character sent and view the raw, unfiltered responses.
- Redirect or proxy TCP/UDP/SCTP traffic to other ports or hosts. This can be done using simple redirection (everything sent to a port is automatically relayed somewhere else you specify in advance) or by acting as a SOCKS or HTTP proxy so clients specify their own destinations. In client mode, Netcat can connect to destinations through a chain of anonymous or authenticated proxies.
- Run on all major operating systems. We distribute Linux, Windows, and Mac OS X binaries, and Netcat compiles on most other systems. A trusted tool must be available whenever you need it, no matter what computer you’re using.
- Encrypt communication with SSL, and transport it over IPv4 or IPv6.
- Act as a network gateway for execution of system commands, with I/O redirected to the network. It was designed to work like the Unix utility cat, but for the network.
- Act as a connection broker, allowing two (or far more) clients to connect to each other through a third (brokering) server. This enables multiple machines hidden behind NAT gateways to communicate with each other, and also enables the simple Netcat chat mode.
Also Read – Learn TCP/IP
Download and Install Netcat
$sudo apt-get install netcat
After installation we can see the usage of netcat by using below command
Connecting to a Server
$nc [Target IP Address] [Target Port]
Eg $nc 172.16.44.148 21
Type USER [username]
then PASS [password]
After that type HELP
As we can see in the given image, we have vsFTPd installed on the server, and after giving the Login credentials we have successfully logged in the FTP Server.
Fetching HTTP header
We can use netcat to fetch information about any webserver. Let’s get back to the server we connected to earlier. It also has HTTP service running on port 80.
$nc 172.16.44.148 80
then type HEAD/HTTP/1.0
As we can see in the given image that the header and source code is displayed through the netcat connection.
Netcat can be used as a port scanner , to work as a port scanner, we use the [-z] parameter. It tells netcat to scan listing daemon without sending any data. This makes it possible for netcat to understand the type of service that is running on that specific port. Netcat can perform TCP and UDP scan.
$nc -v -n -z -w 2 172.16.44.148 1-1100
- [-v]: indicates Verbose mode
- [-n]: indicates numeric-only IP addresses
- [-z]: indicates zero -I/O mode [used for scanning]
- [-w]: indicates timeout for connects and final net reads
From the given image we can see that the target machine has lots of ports open with various services running on them.
There are many ways through which we can use netcat tool throughly as a very helpful tool. This tool helps us to debug the network along with investing it.