netcat is the TCP/IP Swiss Army Knife
DESCRIPTION
The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP. It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6. Unlike telnet(1), nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet(1) does with some.
Common uses include:
- simple TCP proxies
- shell-script based HTTP clients and servers
- network daemon testing
- a SOCKS or HTTP ProxyCommand for ssh(1)
- and much, much more
Use cases
Transfer files over network
On destination host, listening on specified port, waiting to receive stream
Example: waiting to receive a tar file and then extract it to the destination folder:
nc -l port | tar zxvfp -C /mnt/backup
Example: listen on port, save the received file to terry.tar.gz
nc -l port > terry.tar.gz
Send the file (terry.tar.gz)
cat terry.tar.gz | nc -q 0 hostname port
Or
nc -q 0 hostname port < terry.tar.gz
Option -q: after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever.
NOTE: For security reasons, scp or rsync over SSH are recommended.
Use netcat as chat service
server
nc -l port
client
nc hostname port
netcat as a port scanner
nc -vz hostname 20-1204
Port Scan a range of hosts (IPs) using netcat
Example, discover VNC on port 5900 (:0)
for i in {1..253}; do nc -vz -n -w 1 10.187.46.$i 5900; done for i in {1..253}; do nc -vz -n -w 1 10.187.39.$i 10000; done
nmap (recommended)
# discover port 10000 (webmin) nmap -T4 -p10000 10.187.46.100-199 # quick scan with OS detection nmap -sT -O IP_RANGE
NOTE: use range in form of 192.168.0-255.1-127
Other useful tools
- socat
- corkscrew
- connect-proxy