Difference between revisions of "Netcat"
m |
m |
||
| Line 26: | Line 26: | ||
* http://www.securityfocus.com/tools/1754 | * http://www.securityfocus.com/tools/1754 | ||
"Cryptcat is the standard netcat enhanced with twofish encryption." | "Cryptcat is the standard netcat enhanced with twofish encryption." | ||
| + | |||
| + | | ||
| + | |||
| + | === netcat windows usage === | ||
| + | |||
| + | * Unizip the netcat archive and extract nc.exe | ||
| + | * Copy nc.exe to C:\WINDOWS\System32 or C:\WINNT\System32 | ||
| + | |||
| + | netcat works a lot like telnet. at the command prompt type: | ||
| + | |||
| + | nc <ip-address> <port> | ||
| + | |||
| + | |||
| | ||
Revision as of 09:24, 10 August 2007
Netcat has been described as "a buffed up version of telnet that has many options that allow it to do many things" and "the TCP/IP swiss army knife." Some erroneously label it a hacker's tool, while many consider it a network engineer's right hand.
An article describing Netcat usage:
The original version of netcat was written for UNIX. Another version exists which is a rewrite, called GNU netcat.
- Original UNIX netcat
- GNU netcat
- Cryptcat
- Socat
note: Unless compiled with the "GAPING_SECURITY_HOLE" flag, netcat is harmless to have on your system (as this flag is what enables netcat to execute other programs).
The most likely feature of netcat to be used as a security exploit is the ability to run as both a server and a client. It is rather simple to include netcat into any application you write then execute:
nc -l -p #port-number
and you have a backdoor in the system.
Symantec detecting Netcat as a "hack tool"
12/15/05 - Symantec is now detecting Netcat as HackTool.NetCat. The default action of Norton AntiVirus is to delete the program so be careful that it doesn't get removed. Netcat is no more an attack tool than any file transfer or remote access program. It does not exploit any vulnerability, contain any malicious code, or attempt to hide its presence. It is ironic that Symantec lists netcat on their own security tools library where it is described as, "Windows NT/9x Netcat is the port of the simple Unix utility which reads and writes data across network connections, using TCP or UDP transport protocols."
To avoid detection (if you are testing it as a backdoor) use cryptcat.
"Cryptcat is the standard netcat enhanced with twofish encryption."
netcat windows usage
- Unizip the netcat archive and extract nc.exe
- Copy nc.exe to C:\WINDOWS\System32 or C:\WINNT\System32
netcat works a lot like telnet. at the command prompt type:
nc <ip-address> <port>
