search
Netcat command in LinuxOct 15, 2017 am 10:36 AM
linuxOrder

[Introduction] Netcat is the Swiss Army Knife of network tools. It can read and write data in the network through TCP and UDP. You can use it in a variety of ways within your scripts by combining it with other tools and redirecting it. It's amazing what you can accomplish with the Netcat command. What Netcat does is to establish a connection between two computers. You can use it in a variety of ways within your scripts by combining it with other tools and redirecting it. It's amazing what you can accomplish with the Netcat command.

All Netcat does is establish a link between two computers and return two data streams. What you can do after that depends on your imagination. You can set up a server, transfer files, chat with friends, stream media or use it as a standalone client for other protocols.

The following are some examples of using Netcat.

[A(172.31.100.7) B(172.31.100.23)]

Linux Netcat command example:

1. Port scanning

Port scanning is often used by system administrators and hackers to find open ports on some machines and help them identify vulnerabilities in the system.

$nc -z -v -n 172.31.100.7 21-25

Can run in TCP or UDP mode, the default is TCP, the -u parameter is adjusted to udp.

z parameter tells Netcat to use 0 IO, which means that once The connection is closed and no data is exchanged. : That is, detailed output)

  • n parameter tells Netcat not to use DNS to reverse query the domain name of the IP address

  • This command will print 21 to 25 All open ports. Banner is a text. Banner is a text message sent to you by a service you are connected to. Banner information is very useful when you are trying to identify a vulnerability or the type and version of a service. However, not all services send banners.

  • Once you find open ports, you can easily use the Netcat connection service to grab their banners.
  • $ nc -v 172.31.100.7 21

    The Netcat command will connect to open port 21 and print the banner information of the service running on this port.

  • Chat Server

If you want to chat with your friends, there are many software and information services available for you to use. However, if you don't have such a luxurious configuration, for example, if you are in a computer lab and all external connections are restricted, how do you communicate with your friends who sit in the next room all day? Don't be depressed, Netcat provides such a method, you only need to create a Chat server, a predetermined port, so that he can contact you.

Server

$nc -l 1567

The Netcat command starts a tcp server on port 1567, and all standard output and input will be output to this port. Both output and input are displayed in this shell.

Client

$nc 172.31.100.7 1567

Whatever you type on machine B will appear on machine A.

3. File transfer

Most of the time, we are trying to transfer files through the network or other tools. There are many methods, such as FTP, SCP, SMB, etc., but when you only need to transfer files temporarily or once, it is really worth wasting time to install and configure a software on your machine. Suppose, you want to transfer a file file.txt from A to B. Either A or B can serve as the server or client. Below, let A serve as the server and B as the client.

Server

$nc -l 1567 <p>Client</p><pre class="brush:php;toolbar:false">$nc -n 172.31.100.7 1567 > file.txt

Here we create a server on A and redirect Netcat's input to the file file.txt, then when any successful connection to the Port, Netcat will send the file contents of file.

On the client side we redirect the output to file.txt. When B connects to A, A sends the file content and B saves the file content to file.txt.

There is no need to create a file source as Server, we can also use it in the opposite way. Like below we are sending files from B to A, but the server is created on A. This time we only need to redirect the output of Netcat and redirect the input files of B.

BAs Server

Server

$nc -l 1567 > file.txt

Client

nc 172.31.100.23 1567 <p>4. Directory transfer</p><p>Sending a file is very simple, but if we If you want to send multiple files or an entire directory, it is very simple. You only need to use the compression tool tar to compress and send the compressed package. </p><p>If you want to transfer a directory from A to B over the network. </p><p>Server</p><pre class="brush:php;toolbar:false">$tar -cvf – dir_name | nc -l 1567

Client

$nc -n 172.31.100.7 1567 | tar -xvf -

Here on server A, we create a tar archive and redirect it via - in the console, then use pipe, redirect to Netcat, and Netcat can send it over the network.

On the client, we download the compressed package through the Netcat pipe and then open the file.

If we want to save bandwidth and transmit compressed packages, we can use bzip2 or other tools for compression.

Server

$tar -cvf – dir_name| bzip2 -z | nc -l 1567

Compression via bzip2

Client

$nc -n 172.31.100.7 1567 | bzip2 -d |tar -xvf -

Decompression using bzip2

5. Encrypt the data you send over the network

If you are worried about the security of the data you send over the network, you can encrypt it with a tool such as mcrypt before sending your data.

Server

$nc localhost 1567 | mcrypt –flush –bare -F -q -d -m ecb > file.txt

Use the mcrypt tool to encrypt data.

Client

$mcrypt –flush –bare -F -q -m ecb <p>Use the mcrypt tool to decrypt the data. </p><p>以上两个命令会提示需要密码,确保两端使用相同的密码。</p><p>这里我们是使用mcrypt用来加密,使用其它任意加密工具都可以。</p><p>6. 流视频</p><p>虽然不是生成流视频的最好方法,但如果服务器上没有特定的工具,使用Netcat,我们仍然有希望做成这件事。</p><p>服务端</p><pre class="brush:php;toolbar:false">$cat video.avi | nc -l 1567

这里我们只是从一个视频文件中读入并重定向输出到Netcat客户端

$nc 172.31.100.7 1567 | mplayer -vo x11 -cache 3000 -

这里我们从socket中读入数据并重定向到mplayer。

7、克隆一个设备

如果你已经安装配置一台Linux机器并且需要重复同样的操作对其他的机器,而你不想在重复配置一遍。不在需要重复配置安装的过程,只启动另一台机器的一些引导可以随身碟和克隆你的机器。

克隆Linux PC很简单,假如你的系统在磁盘/dev/sda上

Server

$dd if=/dev/sda | nc -l 1567

Client

$nc -n 172.31.100.7 1567 | dd of=/dev/sda

dd是一个从磁盘读取原始数据的工具,我通过Netcat服务器重定向它的输出流到其他机器并且写入到磁盘中,它会随着分区表拷贝所有的信息。但是如果我们已经做过分区并且只需要克隆root分区,我们可以根据我们系统root分区的位置,更改sda 为sda1,sda2.等等。

8、打开一个shell

我们已经用过远程shell-使用telnet和ssh,但是如果这两个命令没有安装并且我们没有权限安装他们,我们也可以使用Netcat创建远程shell。

假设你的Netcat支持 -c -e 参数(默认 Netcat)

Server

$nc -l 1567 -e /bin/bash -i

Client

$nc 172.31.100.7 1567

这里我们已经创建了一个Netcat服务器并且表示当它连接成功时执行/bin/bash

假如Netcat 不支持-c 或者 -e 参数(openbsd Netcat),我们仍然能够创建远程shell

Server

$mkfifo /tmp/tmp_fifo$cat /tmp/tmp_fifo | /bin/sh -i 2>&1 | nc -l 1567 > /tmp/tmp_fifo

这里我们创建了一个fifo文件,然后使用管道命令把这个fifo文件内容定向到shell 2>&1中。是用来重定向标准错误输出和标准输出,然后管道到Netcat 运行的端口1567上。至此,我们已经把Netcat的输出重定向到fifo文件中。

说明:从网络收到的输入写到fifo文件中

  • cat 命令读取fifo文件并且其内容发送给sh命令

  • sh命令进程受到输入并把它写回到Netcat。

  • Netcat 通过网络发送输出到client

至于为什么会成功是因为管道使命令平行执行,fifo文件用来替代正常文件,因为fifo使读取等待而如果是一个普通文件,cat命令会尽快结束并开始读取空文件。

9、在客户端仅仅简单连接到服务器

Client

$nc -n 172.31.100.7 1567

你会得到一个shell提示符在客户端

反向shell

反向shell是人曾经在客户端打开的shell。反向shell这样命名是因为不同于其他配置,这里服务器使用的是由客户提供的服务。

服务端

$nc -l 1567

在客户端,简单地告诉Netcat在连接完成后,执行shell。

客户端

$nc 172.31.100.7 1567 -e /bin/bash

现在,什么是反向shell的特别之处呢

反向shell经常被用来绕过防火墙的限制,如阻止入站连接。例如,我有一个专用IP地址为172.31.100.7,我使用代理服务器连接到外部网络。如果我想从网络外部访问 这台机器如1.2.3.4的shell,那么我会用反向外壳用于这一目的。

10. 指定源端口

假设你的防火墙过滤除25端口外其它所有端口,你需要使用-p选项指定源端口。

服务器端

$nc -l 1567

客户端

$nc 172.31.100.7 1567 -p 25

使用1024以内的端口需要root权限。

该命令将在客户端开启25端口用于通讯,否则将使用随机端口。

11、指定源地址

假设你的机器有多个地址,希望明确指定使用哪个地址用于外部数据通讯。我们可以在Netcat中使用-s选项指定ip地址。

服务器端

$nc -u -l 1567 <p>客户端</p><pre class="brush:php;toolbar:false">$nc -u 172.31.100.7 1567 -s 172.31.100.5 > file.txt

该命令将绑定地址172.31.100.5。

这仅仅是使用Netcat的一些示例。

其它用途有:

  • 使用-t选项模拟Telnet客户端,

  • HTTP客户端用于下载文件,

  • 连接到邮件服务器,使用SMTP协议检查邮件,

  • 使用ffmpeg截取屏幕并通过流式传输分享,等等。其它更多用途。

简单来说,只要你了解协议就可以使用Netcat作为网络通讯媒介,实现各种客户端。

Netcat command in Linux

The above is the detailed content of Netcat command in Linux. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
什么是linux设备节点什么是linux设备节点Apr 18, 2022 pm 08:10 PM

linux设备节点是应用程序和设备驱动程序沟通的一个桥梁;设备节点被创建在“/dev”,是连接内核与用户层的枢纽,相当于硬盘的inode一样的东西,记录了硬件设备的位置和信息。设备节点使用户可以与内核进行硬件的沟通,读写设备以及其他的操作。

Linux中open和fopen的区别有哪些Linux中open和fopen的区别有哪些Apr 29, 2022 pm 06:57 PM

区别:1、open是UNIX系统调用函数,而fopen是ANSIC标准中的C语言库函数;2、open的移植性没fopen好;3、fopen只能操纵普通正规文件,而open可以操作普通文件、网络套接字等;4、open无缓冲,fopen有缓冲。

linux中什么叫端口映射linux中什么叫端口映射May 09, 2022 pm 01:49 PM

端口映射又称端口转发,是指将外部主机的IP地址的端口映射到Intranet中的一台计算机,当用户访问外网IP的这个端口时,服务器自动将请求映射到对应局域网内部的机器上;可以通过使用动态或固定的公共网络IP路由ADSL宽带路由器来实现。

linux中eof是什么linux中eof是什么May 07, 2022 pm 04:26 PM

在linux中,eof是自定义终止符,是“END Of File”的缩写;因为是自定义的终止符,所以eof就不是固定的,可以随意的设置别名,linux中按“ctrl+d”就代表eof,eof一般会配合cat命令用于多行文本输出,指文件末尾。

linux怎么判断pcre是否安装linux怎么判断pcre是否安装May 09, 2022 pm 04:14 PM

在linux中,可以利用“rpm -qa pcre”命令判断pcre是否安装;rpm命令专门用于管理各项套件,使用该命令后,若结果中出现pcre的版本信息,则表示pcre已经安装,若没有出现版本信息,则表示没有安装pcre。

linux怎么查询mac地址linux怎么查询mac地址Apr 24, 2022 pm 08:01 PM

linux查询mac地址的方法:1、打开系统,在桌面中点击鼠标右键,选择“打开终端”;2、在终端中,执行“ifconfig”命令,查看输出结果,在输出信息第四行中紧跟“ether”单词后的字符串就是mac地址。

linux中rpc是什么意思linux中rpc是什么意思May 07, 2022 pm 04:48 PM

在linux中,rpc是远程过程调用的意思,是Reomote Procedure Call的缩写,特指一种隐藏了过程调用时实际通信细节的IPC方法;linux中通过RPC可以充分利用非共享内存的多处理器环境,提高系统资源的利用率。

手机远程linux工具有哪些手机远程linux工具有哪些Apr 29, 2022 pm 05:30 PM

手机远程linux工具有:1、JuiceSSH,是一款功能强大的安卓SSH客户端应用,可直接对linux服务进行管理;2、Termius,可以利用手机来连接Linux服务器;3、Termux,一个强大的远程终端工具;4、向日葵远程控制等等。

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

PhpStorm Mac version

PhpStorm Mac version

The latest (2018.2.1) professional PHP integrated development tool

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.

Safe Exam Browser

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.