- Netcat is a networking utiltiy for reading and writing directly to TCP/UDP ports. Also known as the Swiss Army Knife for hackers, it can be used both on Windows and Linux systems. Netcat can be run either as a client (reading from a port) or as a server (writing to a port), which converts it into a powerful and versatile tool that allows hackers and ethical penetration testers to perform several tasks.
- There are two versions of Netcat:
nc: described above.
ncat: improved version of nc that adds two features of security: encryption and authentication. In this way the penetration tester can avoid being detected by IDS (Intrusion Detection System) and also exposition to undesired possible observers.
- Along this section we will see how to use Netcat by performing different exercises:
1 - Chat between two hosts
2 - Reverse shell
3 - Bind shell
4 - Connection to a TCP/UDP port and analysis with Wireshark
5 - Transfer of files
6 - Ncat: encryption and authentication
- Regarding Linux, Netcat is usually preinstalled and configure by default, for instance at Kali Linux distro. For installing Netcat in Windows systems, any user can find several webs along the Internet where free downloads are available.
- Help and available options for both versions of Netcat in a Windows system:
- Help and available options for both versions of Netcat in a Linux system:
- Layout topology used for these exercises: