Netcat

The original program was written in 1996 by an unknown person with the pseudonym Hobbit for the Unix platform and has since been ported to practically all platforms .

application

Netcat is a typical Unix program that implements the basic Unix philosophy . In particular, Netcat works with the universal interface of data streams without having to further classify their content. Since Netcat can work in a very abstract way with all data streams, any complex workflows can be implemented with Netcat, from simple copying of files and streaming of databases to complex proxy or gateway services across network boundaries.

syntax

Netcat can help any application to achieve “network capability”

There are different implementations of netcat, which differ among other things in the syntax. The following describes the original variant of Hobbit .

Basically, Netcat distinguishes between two different modes:

server

netcat -l lokalport( localport is a local port )

After the call, Netcat waits ("listens": -l) on the port specified with -p for an unlimited time for an incoming connection. After a connection has been established and closed again, Netcat closes itself.

Client

netcat zielserver zielport

Here target server is the host name or the IP address of a host with which Netcat is to connect, and target port a port number, for example 80 for HTTP server. If the -u flag is specified, Netcat uses connectionless UDP instead of TCP. In this client mode, a server application has to wait on the target computer and port , otherwise Netcat will exit with an error.

In both cases, Netcat outputs incoming data via the network to the standard output , while data read in via standard input is sent to the communication partner via the network. If these inputs and outputs are not redirected, the user can enter and read them, i. H. here the two Netcat calls function as a simple chat program. By redirecting or using pipes or FIFOs , Netcat can in many cases enable network communication capabilities where they are not implemented, for example in shells . The illustration shown above on the right is generally valid, since stdin and stdout can be adjusted as required.

Application examples

Easy file copying

The file with the name of originalthe computer start is to be stored under the name kopieon a computer target , with the transfer being handled via TCP port 2000. For this purpose, Netcat is started in server mode on a shell at the target computer . The standard output is redirected to the file using the redirection kopieoperator:

$ netcat -l 2000 > kopie

$ netcat ziel 2000 < original

If there are no errors, neither the Netcat instance on computer start nor on computer target generates any output on the shell. They terminate after the transfer is complete (because the shell automatically sends an EOF character due to the '<' operator ). The instance waits for further incoming data on the target computer if it is started with the -k parameter . In this case, it has to be ended, for example, using the Strg+ key combination C.

Copy multiple files

Most of the file transfer scenarios that Netcat uses follow the same pattern. A more common modification of this scenario is the additional use of the packer program tar , with which complete directory structures can be copied over the network. Typically, in these scenarios there are regular cascades of programs that are connected to one another by pipes, for example a command on the client computer based on the above example:

$ tar vc * | gzip | netcat ziel 2000

as well as an associated analogue command on the target computer:

$ netcat -l 2000 | gunzip | tar vx

In this example, all files in the current working directory of are tarpacked into a stream, which is output via the standard output, is compressed by the compression program gzip and then sent via Netcat to a Netcat server instance on the target computer, is decompressed again by gzip and by tar is extracted again to a directory structure.

One-time web server for file transfer

Instead of a Netcat-to-Netcat transfer, Netcat can also speak the language of higher protocols, such as HTTP . The following command starts a web server on the local computer , which presents the hello.txt file to the first web browser .

$ ( echo "HTTP/1.0 200 Ok"; echo; cat hallo.txt; ) | netcat -l 8090

The URL is http://localhost:8090/ entered in the web browser for retrieval . This then displays a save dialog or the file directly.

Complex firewall circumvention

Netcat can be used just as easily to redirect ports and thus, for example, to bypass inadequate firewalls . Such application scenarios can quickly get into a legal gray area, see abuse by Netcat .

The above graphic illustrates the use of Netcat as an open proxy server, in combination with inetd . For example, if the host labeled Client can not establish a direct connection to a special TCP port of the host labeled Server , it can use the above structure by establishing a connection to a special TCP port instead of the direct connection to the server. The port of the host labeled Proxy is set up on which inetd is listening. This then calls a Netcat client instance, which in turn (preset) establishes a connection to the TCP port of the actual server. Now all outputs of the actual server are passed on unchanged to the client via Netcat and Inetd and vice versa. In this way, the client can communicate completely transparently with the actual server, as if the proxy were not there.

safety

Netcat is often associated with security-related issues. Two essential questions usually arise here.

Encryption

abuse

Due to its universality, Netcat can also be used to set up backdoors on a system , for example . Various antivirus programs, including McAfee VirusScan , Ikarus , Avira AntiVir , AVG Antivirus , Norton AntiVirus , Kaspersky Anti-Virus , Sophos AntiVirus and G Data Antivirus , classify the program nc.exeas a security check tool or as a potentially unwanted program and prevent its execution.

Ports and advancements

Chris Wysopal has ported Netcat to Windows . GNU Netcat is a complete reimplementation and fully POSIX compatible and is maintained by Giovanni Giacobbi. OpenBSD Netcat is another reimplementation, but it is not completely compatible with the original netcat, as the syntax has been adapted to OpenBSD standards. Andreas Bischoff has ported the Windows version to Windows CE ( Pocket PC and Handheld PC ) .

Cryptcat is a further development of Netcat that implements encryption. Socat is a reimplementation and, in addition to TCP and UDP, can also use SCTP , work via proxy servers and also supports encryption. Another not fully compatible variant is Netcat6, which also supports IPv6 and contains various performance optimizations, including the Nagle algorithm .

The port scanner Nmap also provides a Netcat reimplementation called Ncat with many features. This can also communicate via IPv6, SCTP and Unix Domain Sockets and use HTTP and SOCKS proxies (the former also on the server side). In terms of security features, Ncat supports SSL for encryption and authentication as well as access restrictions on a host name basis. Furthermore, a connection brokering mode , which is used to exchange data between several clients, and a simple chat server based on it are included.

Web links

• nc(1): arbitrary TCP and UDP connections and lists -  OpenBSD General Commands Manual
• nc(1): TCP / IP swiss army knife -  Debian GNU / Linux Executable programs or shell commands man page
• Johannes Franken: Netcat: application examples. August 12, 2006, accessed March 3, 2009 (talk). 

Individual evidence

1. ↑ It should be noted that the use of inetd would not be necessary in the example, a (second) Netcat server instance could take on the same task.
2. ↑ Signature of Netcat Symantec
3. ↑ GNU Netcat
4. ↑ OpenBSD netcat
5. ↑ Netcat 4 wince
6. ↑ Cryptcat
7. ↑ Socat
8. ↑ Netcat6
9. ↑ Ncat