Friday, July 19, 2013

Netcat

Netcat is a versatile tool that is able to read and write data across TCP and UDP network.It's often used for testing and debugging network connections. In its most basic usage, netcat allows you to feed a stream of data to a specific port on a specific host

What exactly netcat does is it opens the connection between two machines and give back two streams. More advanced used of this command is that You can build a server, transfer files, chat with friends, stream media or use it as a stand alone client for some other protocols.

A Few Basic examples would be

Find Out the Open Ports On A Remote Machine

(root)-(jobs:0)-(~) -> /usr/bin/nc -z -v -n xxx.xxx.xxx.xx 10000-10020
nc: connect to xxx.xxx.xxx.xx port 10000 (tcp) failed: Connection refused
Connection to xxx.xxx.xxx.xx 10001 port [tcp/*] succeeded!
Connection to xxx.xxx.xxx.xx 10002 port [tcp/*] succeeded!
nc: connect to xxx.xxx.xxx.xx port 10003 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10004 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10005 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10006 (tcp) failed: Connection refused
Connection to xxx.xxx.xxx.xx 10007 port [tcp/*] succeeded!
nc: connect to xxx.xxx.xxx.xx port 10008 (tcp) failed: Connection refused
Connection to xxx.xxx.xxx.xx 10009 port [tcp/*] succeeded!
nc: connect to xxx.xxx.xxx.xx port 10010 (tcp) failed: Connection refused
Connection to xxx.xxx.xxx.xx 10011 port [tcp/*] succeeded!
Connection to xxx.xxx.xxx.xx 10012 port [tcp/*] succeeded!
nc: connect to xxx.xxx.xxx.xx port 10013 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10014 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10015 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10016 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10017 (tcp) failed: Connection refused
nc: connect to xxx.xxx.xxx.xx port 10018 (tcp) failed: Connection refused
Connection to xxx.xxx.xxx.xx 10019 port [tcp/*] succeeded!
nc: connect to xxx.xxx.xxx.xx port 10020 (tcp) failed: Connection refused

z option tell netcat to use zero IO .i.e the connection is closed as soon as it opens and no actual data exchange take place.
v option is used for verbose option.
n option tell netcat not to use the DNS lookup for the address.

This command will print all the open ports between 10000 to 10020.

Find Whether a Port is Open are Not
(root)-(jobs:0)-(~)-> nc -v xxx.xxx.xxx.xx 10001
Connection to xxx.xxx.xxx.xx 10001 port [tcp/scp-config] succeeded!

A Basic Chat Example

A chat can be turned to make two processes talk to each other, thus making netcat do I/O over network. Here is how we do that

Dev:vx1000:root-~ $ nc -l 1567 ( On machine A)
this is jagadish
smooth is good

Dev:vx1001:root-~ $ nc xxx.xxx.xxx.xx 1567 (On Machine B , you were connecting to the Machine A on the Same IP address , Machine A IP adress that we started)
this is jagadish
smooth is good

You can see the Chat sort of application in here

The connectivity between the server and client can be tested to see if a rule in iptables is blocking the connection to a socket, or whether there's any other network problems. All things will be written on the Client Side will be mirrored to the server in plain text making it insecure.

Sending Files
Similarly netcat command can also be used to send files over the wire like,

nc -l 1567 < cleaner-logs.log ( On machine A)

And on machine B we can connect the Machine A ( A Ip Address )on Same port like

nc xxx.xxx.xxx.xx 1567 > jas-clean-logs.log

Suppose if we want to perform the reverse like
B as server

$nc -l 1567 > file.txt ( On Machine A)

$nc xxx.xx.xx.xx 1567 < file.txt ( On Machine B)

We can Also Transfer Directories like

$tar -cvf – dir_name | nc -l 1567 ( On Machine A)

$nc -n xxx.xx.xx.xx 1567 | tar -xvf - ( On Machine B)

Here at server A we are creating the tar archive and redirecting its outout at the console through -. Then we are piping it to netcat which is used to send it over network.

At Client we are just downloading the archive file from the server using the netcat and piping its output tar tool to extract the files.

Specify Source Address

Suppose you have more than one addresses for your machine and you want to explicitly tell which address to use for outgoing data. Then we can specify the ip address with -s option in netcat
Server

$nc -u -l 1567 < file.txt
Client
$nc -u 172.31.100.7 1567 -s 172.31.100.5 > file.txt

Telnet-like Usage
Netcat can be used in order to talk to servers like telnet does.

(! 1023)-> nc dict.org 2628
220 pan.alephnull.com dictd 1.12.0/rf on Linux 3.0.0-14-server <auth.mime> <19096070.16921.1373876364@pan.alephnull.com>
DEFINE wn server
150 1 definitions retrieved
151 "server" wn "WordNet (r) 3.0 (2006)"
server
n 1: a person whose occupation is to serve at table (as in a
restaurant) [syn: {waiter}, {server}]
2: (court games) the player who serves to start a point
3: (computer science) a computer that provides client stations
with access to files and printers as shared resources to a
computer network [syn: {server}, {host}]
4: utensil used in serving food or drink
.
250 ok [d/m/c = 1/0/17; 0.000r 0.000u 0.000s]

Nectat can also be used to set up a telnet server in a matter of seconds. You can specify the shell (or for that matter any executable) you want netcat to run at a successful connection with the -e parameter:

nc -lp 1337 -e /bin/bash