Netcat or nc (the command) is a networking utility for debugging and investigating a network, typically by creating and utilizing raw TCP/IP connections. Â Known as “The Swiss Army Knife for TCP/IP”, nc is used to read or write to network connections using TCP or UDP.
It’s raw features include:
- Outbound or inbound connections, TCP or UDP, to or from any ports
- Full DNS forward/reverse checking, with appropriate warnings
- Ability to use any local source port
- Ability to use any locally-configured network source address
- Built-in port-scanning capabilities, with randomization
- Built-in loose source-routing capability
- Can read command line arguments from standard input
- Slow-send mode, one line every N seconds
- Hex dump of transmitted and received data
- Optional ability to let another program service established connections
- Optional telnet-options responder
- Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel.)
Here are some useful Netcat constructs:
1. Netcat in a Server-Client Architecture
The netcat utility can be run in server mode on a specified port to listen for incoming connections. Â For instance, to listen on port 2389:
$ nc -l 2389
Also, it can be used in client mode to connect to a client on a specific port (2389)
$ nc localhost 2389
You can then send raw data (text in this example) to the server through Netcat
$ nc localhost 2389 I AM SENDING THIS TEXT THRU NC TO PORT 2389 ON LOCALHOST
On the terminal where server is running, you would see the text appear:
$ nc -l 2389 I AM SENDING THIS TEXT THRU NC TO PORT 2389 ON LOCALHOST
2. Use Netcat to Transfer Files
The netcat utility can also be used to transfer files. On the client side, suppose we have a file named ‘testfile’ containing :
$ cat testfile hello test
and at the server side we have an empty file ‘test’
Now, we activate listener on port 2389 and redirect communication received through the listener to the file named test :
$ nc -l 2389 > test
On the client side, cat the testfile to the nc listener on the server:
cat testfile | nc localhost 2389
Now, we cat the file to see if the text came through nc ok:
$ cat test hello test
The file data was transferred from client to server using nc.
3. Netcat Supports Timeouts
There are cases when we do not want a connection to remain open forever. In that case, through the nc ‘-w’ switch we can specify the timeout for the connection. After X seconds (specified with -w flag), the connection between the client and server will be terminated.
Server :
nc -l 2389
Client :
$ nc -w 10 localhost 2389
The connection above would be terminated after 10 seconds.
NOTE : Do not use the -w flag with -l flag at the server side as in that case -w flag causes no effect and hence the connection remains open forever.
4. Netcat Supports IPV6 Connectivity
The flag -4 or -6 specifies that netcat utility should use which type of addresses. -4 forces nc to use IPV4 address while -6 forces nc to use IPV6 address.
Server :
$ nc -4 -l 2389
Client :
$ nc -4 localhost 2389
Now, if we run the netstat command, we see :
$ netstat | grep 2389 tcp 0 0 localhost:2389 localhost:50851 ESTABLISHED tcp 0 0 localhost:50851 localhost:2389 ESTABLISHED
The first field in the above output would contain a postfix ’6′ in case the IPV6 addresses are being used. Since in this case it is not, so a connection between server and client is established using IPV4 addresses.
Now, If we force nc to use IPV6 addresses
Server :
$ nc -6 -l 2389
Client :
$ nc -6 localhost 2389
Now, if we run the netstat command, we see :
$ netstat | grep 2389 tcp6 0 0 localhost:2389 localhost:33234 ESTABLISHED tcp6 0 0 localhost:33234 localhost:2389 ESTABLISHED
So now a postfix ’6′ with ‘tcp’ shows that nc is now using IPV6 addresses.
5. Disable Reading from STDIN in Netcat
This functionality can be achieved by using the flag -d. In the following example, we used this flag at the client side.
Server :
$ nc -l 2389
Client :
$ nc -d localhost 2389 Hi
The text ‘Hi’ will not be sent to the server end as using -d option the read from stdin has been disabled.
6. Force Netcat Server to Stay Up
If the netcat client is connected to the server and then after sometime the client is disconnected then normally netcat server would also terminate. Â For example
Server :
$ nc -l 2389
Client :
$ nc localhost 2389 ^C
Server :
$ nc -l 2389 $
In the above example we see that as soon as the client got disconnected the server was also terminated.
This behavior can be changed by using the -k flag at the server side to force the server to stay up even after the client has disconnected.
Server :
$ nc -k -l 2389
Client :
$ nc localhost 2389 ^C
Server :
$ nc -k -l 2389
So we see that by using the -k option the server remains up even if the client got disconnected.
7. Configure Netcat Client to Stay Up after EOF
Netcat client can be configured to stay up after EOF is received. In a normal scenario, if the nc client receives an EOF character then it terminates immediately but this behavior can also be controlled if the -q flag is used. This flag expects a number which depicts number of seconds to wait before client terminates (after receiving EOF)
Client should be started like :
nc -q 5 localhost 2389
Now if the client ever receives an EOF then it will wait for 5 seconds before terminating.
8. Use Netcat with UDP Protocol
By default all the sockets that nc utility creates are TCP protocols but this utility also works with UDP protocol. To enable UDP protocol the -u flag is used.
Server :
$ nc -4 -u -l 2389
Client :
$ nc -4 -u localhost 2389
Now, both the server and client are configured to use UDP protocol. This can be confirmed by the following netstat command. So we see that this connection is now using the UDP protocol.
$ netstat | grep 2389 udp 0 0 localhost:42634 localhost:2389 ESTABLISHED