ncat(nc)
ncat(nc)
description
nc是主要是一个网络安全工具,功能很多,下面列举两个
- server、client之间传输文件(相应端口要在防火墙上放通)
- 网络安全领域拿shell(正向shell,反向shell)
options
| 参数 | 参数说明 |
|---|---|
| -l | listen,监听端口 |
| -k | --keep-open,保持端口打开,当客户端从服务端断开连接后,过一段时间服务端也会停止监听。 但通过选项 -k 我们可以强制服务器保持连接并继续监听端口。 |
| -u | 使用udp,默认是tcp |
| -e | --exec |
| -p | 指定源端口 |
| --lua-exec | 执行Lua脚本 |
| -v | --verbose,输入详细信息 |
examples
ncat -l 9000&
后台监听某个接口
[root@rhel tmp]# nc -l 9000&
[1] 16134
[root@rhel tmp]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1140/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1136/cupsd
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 13650/sshd: root@pt
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 16134/nc //nc PID
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::22 :::* LISTEN 1140/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1136/cupsd
tcp6 0 0 ::1:6011 :::* LISTEN 13650/sshd: root@pt
tcp6 0 0 :::9000 :::* LISTEN 16134/nc
ncat -v -l 8080
实时详细监听某个端口
[root@localhost ~]# ncat -v -l 8080
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Listening on :::8080
Ncat: Listening on 0.0.0.0:8080
使用nc实现聊天
-----------------------------
client:
[root@rhel tmp]# nc -v 192.168.3.145 8080
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.3.145:8080.
client: Hello
server: Hi
server
[root@localhost ~]# ncat -v -k -l 8080
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Listening on :::8080
Ncat: Listening on 0.0.0.0:8080
Ncat: Connection from 192.168.3.143.
Ncat: Connection from 192.168.3.143:39406.
client: Hello
server: Hi
Server:ncat -v -k -l 8080 < secret | Client:nc -v 192.168.3.145 8080 > secret
服务器端有一个secret,client要获取到这个文件
server:
[root@localhost ~]# ll
total 10M
-rw-r--r--. 1 root root 10485760 Mar 7 21:18 secret
[root@localhost ~]# ncat -v -k -l 8080 < secret
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Listening on :::8080
Ncat: Listening on 0.0.0.0:8080
Ncat: Connection from 192.168.3.143.
Ncat: Connection from 192.168.3.143:39408.
^C
[root@localhost ~]#
client:
[root@rhel 2]# ll
total 0
[root@rhel 2]# nc -v 192.168.3.145 8080 > secret
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.3.145:8080.
^C
[root@rhel 2]# ll -h
total 10M
-rw-r--r--. 1 root root 10M Mar 7 21:20 secret
Server:ncat -v -k -l 8080 -e /bin/bash | Client:nc -v 192.168.3.145 8080
正向shell
server:
[root@localhost ~]# ncat -v -k -l 8080 -e /bin/bash
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Listening on :::8080
Ncat: Listening on 0.0.0.0:8080
Ncat: Connection from 192.168.3.143.
Ncat: Connection from 192.168.3.143:39410.
client:
[root@rhel 2]# nc -v 192.168.3.145 8080
Ncat: Version 7.70 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.3.145:8080.
ls -lh
total 11M
-rw-------. 1 root root 1.2K May 28 2022 anaconda-ks.cfg
drwxr-xr-x. 2 root root 6 May 27 2022 Desktop
drwxr-xr-x. 2 root root 6 May 27 2022 Documents
drwxr-xr-x. 2 root root 6 May 27 2022 Downloads
-rw-r--r--. 1 root root 1.3K May 27 2022 initial-setup-ks.cfg
drwxr-xr-x. 2 root root 6 May 27 2022 Music
drwxr-xr-x. 2 root root 6 May 27 2022 Pictures
drwxr-xr-x. 2 root root 6 May 27 2022 Public
-rw-r--r--. 1 root root 10M Mar 7 21:18 secret
drwxr-xr-x. 2 root root 6 May 27 2022 Templates
drwxr-xr-x. 2 root root 6 May 27 2022 Videos
whoami
root
pwd
/root
ncat -U ~/unixsock
ncat -l -U ~/unixsock
ncat -l 8080
ncat --sh-exec "ncat example.org 80" -l 8080 --keep-open
ncat --exec "/bin/bash" -l 8081 --keep-open
ncat --exec "/bin/bash" --max-conns 3 --allow 192.168.0.0/24 -l 8081 --keep-open
ncat --proxy socks4host --proxy-type socks4 --proxy-auth joe smtphost 25
ncat --proxy socks5host --proxy-type socks5 --proxy-auth joe:secret smtphost 25
ncat -l --proxy-type http localhost 8888
ncat -l 9899 > outputfile
ncat -l 9899 < inputfile
man ncat
https://www.linuxtechi.com/nc-ncat-command-examples-linux-systems/
浙公网安备 33010602011771号