Skip to content

Netcat/Cryptcat

What is Netcat?

Released in 1995, Netcat, at its most basic interpretation, establishes a connection between two computers and allows data to be written across the TCP and UDP transport layer protocols and the network layer protocol IP.

Netcat operates in one of two modes. As a client, it initiates a connection to another computer. Conversely, the same Netcat binary operates in a server or listener mode when specific parameters get passed to the utility.

Connect to a host: nc 192.168.92.5 443 [-options] hostname/IP port[s] [ports]    

Listen for inbound: nc -l -p 443 [options] [hostname/ip] [port]

catonnet    

Netcat Capabilities

Port Scanning: Netcat can be utilized for port scanning to determine which ports are open or closed on a particular host. This functionality is valuable for security auditing and network surveillance.

  • Basic port scanning against a target: nc –v –w 1 192.168.0.10 –z 1-1000

  • Randomized port scanning against a target: nc –v –r –w 1 192.168.0.10 –z 1-1000

  • More verbose scanning against a target: nc –vv –r –w 1 192.168.0.10 –z 20-30

  • Scanning a range of devices with a script: for i in {10..12}; do nc –vv –n –w 1 192.168.0.$i 21-25 –z; done

File Transfer: Netcat can facilitate file transfers between systems over a network. It can send or receive files, making it a lightweight alternative for transferring data between machines.

Remote Administration: Netcat can be a simple tool for remote administration tasks. It allows users to execute commands on remote systems and receive the output locally, providing a basic form of remote shell functionality.

Banner Grabbing: Netcat can retrieve banner information from network services running on remote hosts. Netcat can help identify the type and version of services running on specific ports, aiding in vulnerability assessment and penetration testing.

Proxying: Netcat can act as a simple proxy server or client, forwarding network traffic between hosts or networks. Netcat can be useful for bypassing network restrictions or anonymizing network connections.

Listener Netcat can be used as a listener by instructing it to listen for incoming connections on a specified port: nc -l -p 12345

What is Cryptcat?

Cryptcat = Netcat + Encryption

Cryptcat is the standard Netcat enhanced with Twofish encryption by farm9. The l0pht (hobbit and weld pond) wrote the original code for Netcat.

Setting Up a Basic Encrypted Channel:

Machine A: cryptcat -l -p 1234 < testfile

Machine B: cryptcat <machine A IP> 1234

Cryptcat is identical to the regular netcat options for doing the same thing. However, in this case, the data transferred is encrypted.

🏋️‍♂️ Practical Exercise!

Using Netcat, send a message to your Battle Buddy saying "I'm a hacker now!"

encrpytacat