Wednesday, August 29, 2018

Netcat and Ncat


Everyone in NetSec knows of, or has at least heard of netcat, the brainchild of Hobbit, written in 1995 and ported to Windows by Weld Pond in 1998. It's called the "TCP/IP Swiss Army Knife of Networking" for good reason. You can create just about any type of network connection you need, and it's flexibility is amazing.
That said, the original version is no longer maintained and has become outdated. The feature set in it hasn't changed in over 20 years. So a couple of different projects set out to update this ubiquitous little tool and keep adding to it's arsenal.

One of the ports is from the GNU Project, who released GNU Netcat for portability to other platforms and adherence to the original netcat. That project's last release was in 2013, version 0.7.1. This more compliant version is still in use, with over 2,000 downloads at the time of this writing.

Another more ambitious port of netcat is from Fyodor, called Ncat. Ncat is included with the Nmap port scanner, and is a fantastic tool for pen testers. It has support for a wide variety connections, including:


  • IPv6 support
  • Shell execution after connecting
  • Shell command execution after connecting
  • Lua support
  • Loose source routing support
  • Client and server modes (naturally)
  • Specifying source port, source address (spoofing), UDP or SCTP instead of TCP, receive data only, SSL ciphers to use, ssl certs to use and more.
  • Accept multiple connections
  • Telnet mode
  • No DNS resolution (Shhhhh....)
  • Idle time out and more
All of these are straight from the help output of ncat. There are lots of articles about using Ncat and netcat for advanced options. If you can think of a connection you need to make (and it's physically possible), you can probably set it up in Ncat. The Nmap project page about Ncat can be found here.

No comments:

Blog Archive