Advanced Netcat Commands

Update to post “Netcat Commands –

File transfer between client/server
#cat file.pdf | nc -l -p 1234

#nc localhost 1234 > file.pdf

Web server
#(echo -e “HTTP/1.0 200 Ok”; echo “My HTTP server”;) | nc -q 1 -l -p 8080
Browse to the location – http://localhost:8080

Execute program
#nc -l -p 123 -e /bin/bash

#nc <server_ip> 123

Netcat Commands

connect to somewhere: nc [-options] hostname port[s] [ports] …
listen for inbound: nc -l -p port [-options] [hostname] [port]

-c shell commands – as `-e’; use /bin/sh to exec [dangerous!!]
-e filename – program to exec after connect [dangerous!!]
-b – allow broadcasts
-g gateway -source-routing hop point[s], up to 8
-G num – source-routing pointer: 4, 8, 12, …
-h – this cruft
-i secs – delay interval for lines sent, ports scanned
-k – set keepalive option on socket
-l – listen mode, for inbound connects
-n – numeric-only IP addresses, no DNS
-o file – hex dump of traffic
-p port – local port number
-r – randomize local and remote ports
-q secs – quit after EOF on stdin and delay of secs
-s addr – local source address
-T tos – set Type Of Service
-t – answer TELNET negotiation
-u – UDP mode
-v – verbose [use twice to be more verbose]
-w secs – timeout for connects and final net reads
-C – Send CRLF as line-ending
-z – zero-I/O mode [used for scanning]

Port numbers can be individual or ranges: lo-hi [inclusive]

Hyphens in port names must be backslash escaped (e.g. ‘ftp\-data’)

Note that Netcat sends/receives data in cleartext. For encrypted data, replace command “nc” with cryptcat”.