How to use the command 'nc' (with examples)

How to use the command 'nc' (with examples)

The ’nc’ command, also known as netcat, is a versatile utility for redirecting IO into a network stream. It allows users to establish connections using TCP or UDP, send and receive data, and act as a network proxy. It is commonly used for troubleshooting network issues, testing network services, and performing network-related tasks.

Use case 1: Start a listener on the specified TCP port and send a file into it

Code:

nc -l -p port < filename

Motivation: This use case is useful when you want to transfer a file to another machine over a network. By starting a listener on the specified TCP port, you create a listening server that waits for incoming connections. The file specified by “filename” is then redirected into the network stream.

Explanation:

  • nc: The command itself.
  • -l: Instructs nc to listen for incoming connections.
  • -p port: Specifies the port number to listen on.
  • < filename: Redirects the contents of “filename” into the network stream.

Example output: The file “filename” will be sent to the listening server and will be available on the specified port.

Use case 2: Connect to a target listener on the specified port and receive a file from it

Code:

nc host port > received_filename

Motivation: This use case is helpful when you want to receive a file from a remote machine. By connecting to the target listener on the specified port, you establish a connection to the remote machine. Any data received from the remote machine will be redirected into the file specified by “received_filename.”

Explanation:

  • nc: The command itself.
  • host: The IP address or hostname of the target listener.
  • port: The port number to connect to.
  • received_filename: Redirects the received data into the file “received_filename.”

Example output: The file will be received from the remote machine and stored in “received_filename.”

Use case 3: Scan the open TCP ports of a specified host

Code:

nc -v -z -w timeout_in_seconds host start_port-end_port

Motivation: This use case is useful for identifying open ports on a particular host. By scanning the specified host, you can gather information about the available services running on that machine.

Explanation:

  • nc: The command itself.
  • -v: Enables verbose output, displaying detailed information about the scan process.
  • -z: Specifies that nc should not send any data after successfully connecting.
  • -w timeout_in_seconds: Sets the timeout period for each connection attempt.
  • host: The IP address or hostname of the target host.
  • start_port-end_port: Specifies the range of ports to scan.

Example output: The output will display the open ports on the specified host within the given range.

Use case 4: Start a listener on the specified TCP port and provide your local shell access to the connected party (this is dangerous and can be abused)

Code:

nc -l -p port -e shell_executable

Motivation: This use case should be used with caution as it provides remote parties with shell access to your local machine. It can be useful when you need to provide someone with access to your system for troubleshooting or administration purposes.

Explanation:

  • nc: The command itself.
  • -l: Instructs nc to listen for incoming connections.
  • -p port: Specifies the port number to listen on.
  • -e shell_executable: Executes the specified shell_executable when a connection is established.

Example output: Once a connection is established, the remote party will have shell access to your local machine.

Use case 5: Connect to a target listener and provide your local shell access to the remote party (this is dangerous and can be abused)

Code:

nc host port -e shell_executable

Motivation: This use case allows you to provide your local shell access to a remote party. It can be useful for remote administration tasks or remote troubleshooting.

Explanation:

  • nc: The command itself.
  • host: The IP address or hostname of the target listener.
  • port: The port number to connect to.
  • -e shell_executable: Executes the specified shell_executable when the connection is established.

Example output: Once the connection is established, you will have shell access to the remote machine.

Use case 6: Act as a proxy and forward data from a local TCP port to the given remote host

Code:

nc -l -p local_port | nc host remote_port

Motivation: This use case allows you to act as a proxy and forward data between a local TCP port and a remote host. It can be useful for establishing communication between two machines that are unable to directly connect to each other.

Explanation:

  • nc: The command itself.
  • -l: Instructs nc to listen for incoming connections.
  • -p local_port: Specifies the local port to listen on.
  • |: Pipes the output of the first nc command to the next nc command.
  • nc host remote_port: Connects to the remote host and remote_port to forward data to.

Example output: Data received on the local_port will be forwarded to the specified remote host and remote_port.

Use case 7: Send an HTTP GET request

Code:

echo -e "GET / HTTP/1.1\nHost: host\n\n" | nc host 80

Motivation: This use case allows you to manually send an HTTP GET request to a remote host. It can be useful for testing web servers and analyzing the HTTP response.

Explanation:

  • echo -e “GET / HTTP/1.1\nHost: host\n\n”: Sends an HTTP GET request.
  • |: Pipes the output of the echo command to nc.
  • nc host 80: Connects to the remote host on port 80, the default port for HTTP.

Example output: The HTTP response received from the remote host will be displayed on the terminal.

Related Posts

How to use the command `pacman --sync` (with examples)

How to use the command `pacman --sync` (with examples)

pacman --sync is a command used in Arch Linux to manage packages.

Read More
How to use the command 'gem' (with examples)

How to use the command 'gem' (with examples)

Gem is a package manager for the Ruby programming language. It allows users to search for, install, update, list, and uninstall gems.

Read More
How to use the command `zlib-flate` (with examples)

How to use the command `zlib-flate` (with examples)

zlib-flate is a raw zlib compression and decompression program that is part of the qpdf package.

Read More