Docu review done: Thu 29 Jun 2023 12:36:18 CEST

Table of Content

Commands

CommandDescription
`nc -vnz -w1 [ip] [portportrange]`
`nc -vvv -w1 servername/domain [portportrange]`
`nc -vlp [portportrange]`
nc -vq0 [dest] [port] < [file]transfers a file to the destination, -q 0 implies that connection is closed emedialty after EOF was sent

Sample for portrange

This will scann from port 20 till 80 and return you the results for each port

$ nc -vnzw1 8.8.8.8 20-80

Network seepd test

On destination

$ nc -vvlnp <DESTPORT>

On source

$ dd if=/dev/zero bs=1M count=1K | nc -vvn <DESTIP> <DESTPORT>

Output will look like this:

$ Connection to <DESTIP> <DESTPORT> port [tcp/*] succeeded!
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 9.11995 s, 118 MB/s

Send a file over TCP port 9899 from host2 (client) to host1 (server)

$ user@HOST1$ ncat -l 9899 > outputfile

$ user@HOST2$ ncat HOST1 9899 < inputfile

Transfer in the other direction, turning Ncat into a “one file” server

$ user@HOST1$ ncat -l 9899 < inputfile

$ user@HOST2$ ncat HOST1 9899 > outputfile

Open socket and react to what was sent

#!/bin/bash
port=$1
[[ $port -le 65535 ]] || exit 1

function do_stuff() {
    #note down connection to know if it is still alive when replying
    connection="$(ss -tulapen | grep ${port} | grep ESTAB | grep nc.openbsd | awk '{print $6}' | cut -d ":" -f2)"
    #do stuff here
    #only reply if the connection tracked at the beginning is still alive
    if ss -tulapen | grep 9004 | grep ESTAB | grep -q ${connection}; then
        echo "reply"
    fi
}

while true; do
    #use openbsd nc because gnu nc in debian -k is not working
    coproc nc.openbsd -k -l localhost -p ${port}

    while read -r request; do
        do_stuff $request;
    done <&"${COPROC[0]}" >&"${COPROC[1]}"

    kill "$COPROC_PID"
done

URLs

https://www.redpill-linpro.com/sysadvent/2016/12/10/ncat.html