Installing netcat in Linux
To begin, on Debian-based Linux distributions, run the command below to install Netcat.
On Red Hat-based Linux distributions, you can install Netcat by running the command below.
Scanning a port using nc
Netcat or nc can be used to scan ports. The syntax to scan a single port is the following.
nc -zvn <TargetIP> <TargetPort>
As you can see, the syntax calls Netcat with the chosen options (explained below) followed by the target IP address and the target port, as shown in the following practical example.
nc -zvn 22.214.171.124 80
- -z: This option is used to scan without establishing a connection.
- -v: The verbosity option prints the scan result.
- -n: This option is used to skip the DNS lookup and warnings.
Scanning multiple ports with nc
You also can use Netcat/nc to scan multiple ports. The syntax is the same as shown previously; just add a space and the ports you want to scan, as shown in the example below in which ports 80, 22, and 53 are scanned.
nc -zvn 126.96.36.199 80 22 53
Scanning port ranges with Netcat
You can scan port ranges by implementing a hyphen, as shown in the following example in which all ports from 80 to 89 (included) are scanned.
nc -zvn 188.8.131.52 80-89
Banner grabbing with Netcat
Banner grabbing is a technique used to learn the software version running on a target. System administrators use it to keep an inventory of on-device software. Hackers also use it as part of the footprinting process.
Banner grabbing analyzes the network responses to try to guess or learn the software behind our target. The following example shows how using nc or netcat without options (or using the -v option) leads to information on the target FTP server version.
As you can see, Netcat detected Pure-FTPd on the target. The output also lets us know anonymous login is forbidden, and the server supports IPv6.
Transferring files using nc (Current directory)
Netcat (nc) is also useful to transfer files between devices. In the following example, a file named linuxhint.txt will be transferred from a device to another.
The device the file will be sent to on the receiving device, run the command below, where the -l option tells Netcat to stay in listening mode waiting for inbound connections. The -p option defines the port number, and > [FileName] specifies the file to be received. Run the command below on the receiving device, replacing linuxhint.txt with the name of the file you want to transfer.
nc -l -p 9899 > linuxhint.txt
The computer from which the file is being sent on the sending device, run the command below where the -w option specifies the timeout (2 seconds in this case). On the sending device, the port doesn’t require the -p option. The < [FileName] specifies the file to be sent.
nc -w 2 192.168.1.102 9899 < linuxhint.txt
As you can see on the destination device, the file was transferred correctly.
Sending files stored in a different directory using nc
The previous example shows how to send a file that is stored in the current directory. If the sender wants to send a file that isn’t stored in the current directory, he can specify a path to send.
On the receiving device, run the same command of the previous example without changes, as shown below.
nc -l 9899 > linuxhint.txt
The only change we will apply on the sending device is the inclusion of the directory where the file is stored. For this example, I moved the linuxhint.txt to the linuxhintdir directory. As you can see, the whole path to the file is specified as < linuxhintdir/linuxhint.txt, where linuxhintdir is a subdirectory of the current directory.
nc -w 2 192.168.1.102 9899 < linuxhintdir/linuxhint.txt
The file you want to send is inside your home directory, and your current directory is different; the command executed on the sender device would be the following.
nc -w 2 192.168.1.102 9899 < /home/linuxhint/linuxhint2.txt
Receiving files and storing them in a different directory using nc
Contrary to the previous scenario, the receiver may not want to store the transferred file in the current directory. When enabling the listening mode for inbound connections on the receiving computer, you can define the directory to store files. The syntax is the same as when sending files from a subdirectory; just specify the subdirectory and file name as shown below.
nc -l -p 8999 > subdirectory/linuxhint.txt
On the second computer, use the same commands explained previously; in this example, the file to send is stored in the home, not in the current directory.
nc -w 2 192.168.1.102 9899 < /home/linuxhint/linuxhint2.txt
And as you can see, the file is stored in the defined directory. Also, the file name changed from linuxhint2.txt to linuxhint.txt as defined in the receiving computer command.
Showing file transfer progress when using nc
The pv command implementation displays the transference progress through the pipe. With this command, we can add progress information when using Netcat.
To install pv in Debian-based Linux distributions, run the command below.
Add a pipe after the port on the receiving device, followed by the pv command, the path and file name you want to save, as shown in the example below.
netcat -l 9899 | pv > linuxhint2.txt
Send the file from the sender device:
You’ll see the progress in the receiving device where you added the pv command.
Compressing and transferring files on the fly with nc
You also can compress files when sending through Netcat with a single execution using pipe. The following example shows how to compress the linuxhint2 directory and send it through netcat.
Leave nc listening for inbound connections; you can implement the pv command to see progress.
nc -l -p 9899 | pv > linuxhint2
On the sender, compress the directory or file using the tar command with the proper options and shown below. Then add pipe and send as normal without specifying the file, already specified when compressing.
tar cfvz – linuxhint2 | nc -w 2 192.168.1.102 9899
As you can see, the file was transferred and extracted properly.
Transferring a whole disk or partition using nc
This tutorial’s last example shows how to transfer a whole partition or disk using Netcat.
On the receiving device, run the command below.
nc -p 9899 -l | bzip2 -d | dd of=/dev/sda1
On the sender, type the following command, replace /dev/sda1 for the disk or partition you want to transfer.
bzip2 -c /dev/sda1 | nc 192.168.1.102 9899
Netcat is a very basic tool any Linux user or user dealing with networking must know. Using it is pretty simple, as shown in this tutorial. Netcat is designed to be used by other programs or scripts; it is a good aid for developers.
I hope this Netcat tutorial explaining 10 different usages was useful to you. Keep following Linux Hint for more Linux tips and tutorials.