Gice

Technology and General Blog

The nc or netcat command is a network tool that allows users to transfer files between devices, scan ports and diagnose problems. This tutorial explains 10 nc usages to scan ports, transfer files, and banner grabbing.

Installing netcat in Linux

 To begin, on Debian-based Linux distributions, run the command below to install Netcat.

On Red Hat-based Linux distributions, you can install Netcat by running the command below.

Scanning a port using nc

Netcat or nc can be used to scan ports. The syntax to scan a single port is the following.

nc -zvn <TargetIP> <TargetPort>

As you can see, the syntax calls Netcat with the chosen options (explained below) followed by the target IP address and the target port, as shown in the following practical example.

nc -zvn 172.67.209.252 80

Where:

  • -z: This option is used to scan without establishing a connection.
  • -v: The verbosity option prints the scan result.
  • -n: This option is used to skip the DNS lookup and warnings.

Scanning multiple ports with nc

 You also can use Netcat/nc to scan multiple ports. The syntax is the same as shown previously; just add a space and the ports you want to scan, as shown in the example below in which ports 80, 22, and 53 are scanned.

nc -zvn 172.67.209.252 80 22 53

Scanning port ranges with Netcat

 You can scan port ranges by implementing a hyphen, as shown in the following example in which all ports from 80 to 89 (included) are scanned.

nc -zvn 172.67.209.252 80-89

Banner grabbing with Netcat

 Banner grabbing is a technique used to learn the software version running on a target. System administrators use it to keep an inventory of on-device software. Hackers also use it as part of the footprinting process.

Banner grabbing analyzes the network responses to try to guess or learn the software behind our target. The following example shows how using nc or netcat without options (or using the -v option) leads to information on the target FTP server version.

As you can see, Netcat detected Pure-FTPd on the target. The output also lets us know anonymous login is forbidden, and the server supports IPv6.

Transferring files using nc (Current directory)

 Netcat (nc) is also useful to transfer files between devices. In the following example, a file named linuxhint.txt will be transferred from a device to another.

The device the file will be sent to on the receiving device, run the command below, where the -l option tells Netcat to stay in listening mode waiting for inbound connections. The -p option defines the port number, and > [FileName] specifies the file to be received. Run the command below on the receiving device, replacing linuxhint.txt with the name of the file you want to transfer.

nc -l -p 9899 > linuxhint.txt

The computer from which the file is being sent on the sending device, run the command below where the -w option specifies the timeout (2 seconds in this case). On the sending device, the port doesn’t require the -p option. The < [FileName] specifies the file to be sent.

nc -w 2 192.168.1.102 9899 < linuxhint.txt

As you can see on the destination device, the file was transferred correctly.

Sending files stored in a different directory using nc

 The previous example shows how to send a file that is stored in the current directory. If the sender wants to send a file that isn’t stored in the current directory, he can specify a path to send.

On the receiving device, run the same command of the previous example without changes, as shown below.

nc -l 9899 > linuxhint.txt

The only change we will apply on the sending device is the inclusion of the directory where the file is stored. For this example, I moved the linuxhint.txt to the linuxhintdir directory. As you can see, the whole path to the file is specified as < linuxhintdir/linuxhint.txt, where linuxhintdir is a subdirectory of the current directory.

nc -w 2 192.168.1.102 9899 < linuxhintdir/linuxhint.txt

The file you want to send is inside your home directory, and your current directory is different; the command executed on the sender device would be the following.

nc -w 2 192.168.1.102 9899 < /home/linuxhint/linuxhint2.txt

Receiving files and storing them in a different directory using nc

 Contrary to the previous scenario, the receiver may not want to store the transferred file in the current directory. When enabling the listening mode for inbound connections on the receiving computer, you can define the directory to store files. The syntax is the same as when sending files from a subdirectory; just specify the subdirectory and file name as shown below.

nc -l -p 8999 > subdirectory/linuxhint.txt

On the second computer, use the same commands explained previously; in this example, the file to send is stored in the home, not in the current directory.

nc -w 2 192.168.1.102 9899 < /home/linuxhint/linuxhint2.txt

And as you can see, the file is stored in the defined directory. Also, the file name changed from linuxhint2.txt to linuxhint.txt as defined in the receiving computer command.

Showing file transfer progress when using nc

The pv command implementation displays the transference progress through the pipe. With this command, we can add progress information when using Netcat.

To install pv in Debian-based Linux distributions, run the command below.

Add a pipe after the port on the receiving device, followed by the pv command, the path and file name you want to save, as shown in the example below.

netcat -l 9899 | pv > linuxhint2.txt

Send the file from the sender device:

You’ll see the progress in the receiving device where you added the pv command.

Compressing and transferring files on the fly with nc

 You also can compress files when sending through Netcat with a single execution using pipe. The following example shows how to compress the linuxhint2 directory and send it through netcat.

Leave nc listening for inbound connections; you can implement the pv command to see progress.

nc -l -p 9899 | pv > linuxhint2

On the sender, compress the directory or file using the tar command with the proper options and shown below. Then add pipe and send as normal without specifying the file, already specified when compressing.

tar cfvz – linuxhint2 | nc -w 2 192.168.1.102 9899

As you can see, the file was transferred and extracted properly.

Transferring a whole disk or partition using nc

 This tutorial’s last example shows how to transfer a whole partition or disk using Netcat.

On the receiving device, run the command below.

nc -p 9899 -l | bzip2 -d | dd of=/dev/sda1

On the sender, type the following command, replace /dev/sda1 for the disk or partition you want to transfer.

bzip2 -c /dev/sda1 | nc 192.168.1.102 9899

Conclusion

Netcat is a very basic tool any Linux user or user dealing with networking must know. Using it is pretty simple, as shown in this tutorial. Netcat is designed to be used by other programs or scripts; it is a good aid for developers.

I hope this Netcat tutorial explaining 10 different usages was useful to you. Keep following Linux Hint for more Linux tips and tutorials.

Leave a Reply

Your email address will not be published. Required fields are marked *