Play with Netcat in Ubuntu

Now that you know what netcat is , it is time for some basic operations and real life tasks with the TCP/IP swiss army knife. Linux distributions come with Netcat already compiled and installed but I will cover how to install and use Netcat in ubuntu.

You can choose to install Netcat with the ‘apt-get install’ command or compile and install it from the source. The second method is not as easy as the first one and requires some basic knowledge about the Linux command line, commands such as tar, make, and install. The first method is very easy to use and friendly for beginners. Open a new terminal window and type ‘sudo apt-get install netcat’ as shown in Figure 1.

Figure 1- Installing netcat

Enter your password and press enter.

Figure 2

After the installation is done type ‘nc -h’ like shown in Figure3.

Sometimes is hard to recall all the netcat’s command options, and even harder when you are a newbie and have no previous experience with the tool so netcat offers you help through the -h option.

Figure 3

What are some of Netcat uses?

Depending on the situation you are you can use Netcat for a lot of things like file transferring, port scanning, port redirection, hard drive cloning, http headers spoofing, chatting with your friend in the computer lab, and more. The sky is the limit! You don’t need many command options of this tool to use Netcat in different ways and for different purposes, if you know how to operate as a server and as a client and have imagination you can do things that nobody thought or did before. Netcat operates in two modes, as a client or as a  server so you can use Netcat to connect to somewhere or listen for an inbound connection.

The -l option, is the option that makes the difference, if it is used with nc then netcat will operate in listening mode. The -p option allows the user to specify the port on which the server should listen.

Chatting With Netcat

We use Facebook, email and other social networks to communicate with each other. How do you chat with your buddy in the school’s computer lab without an internet connection? Netcat does the magic for you. Since Netcat creates almost any kind of connection and is designed to read and write data across both TCP and UDP why not try to set up a simple chat? We need a server and client to connect to our server. One of you guys should be the server and he should learn about the -l option which put Netcat in server mode. Figure 4, shows how to set up the server using Netcat in listening mode. We will use port 12345 and will specify the port number with the -p option.

Figure 4 – Creating the Server with Netcat

The client needs the server ip to connect to it. My server and my client are on the same machine so I use localhost for the hostname. The command ‘nc hostname port’ puts Netcat in client mode and connects to the specified hostname on the specified port. Open a new terminal window and type ‘nc localhost 12345’ as shown in Figure 5.

Figure 5 Now that we are connected to the server we can start chatting like shown in Figure 6.

Figure 6

The text you enter on the client side is sent to the server when you hit enter and conversely. Now that you learned to chat, how about some port scanning? Like a door is for the home the place where people go in and out of a port is a place where information goes into and out of a computer. Is the port open or is it closed? Port Scanning helps us to identify the state of the ports and if they reopen it tells us the services that are running on the specific port. Port Scanning is legal and if you want to protect yourself from it you should learn how to install and use firewalls. There are a number of programs to perform port scan but we will use Netcat to do it. Use Netcat as a client to perform port scanning. The command is ‘nc -v hostname port’, the -v option stands for verbose and is necessary so netcat can send you output like shown in Figure 7.

Figure 7- Port Scanning with netcat

Netcat is a flexible tool and  you can use it  to perform banner grabbing. What is  banner grabbing ? Banner grabbing is the process of identifying  software name and version of the service running on specific ports.  Use netcat in client mode to perform http banner grabbing like shown in Figure 8. We use the GET / HTTP/1.1 command to get information and the output shows us the server name and version of the server. Since this is http banner grabbing  we will connect to port 80.

HTTP banner grabbing

Figure 8

The information about server is under  Server : GFE/2.0. These are some common basic operations you can perform with netcat. This is a good article for beginners and a good start with the netcat’s command line options.