Terry : netcat

netcat is the TCP/IP Swiss Army Knife


The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP.  It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6.  Unlike telnet(1), nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet(1) does with some.

Common uses include:

  • simple TCP proxies
  • shell-script based HTTP clients and servers
  • network daemon testing
  • a SOCKS or HTTP ProxyCommand for ssh(1)
  • and much, much more

Use cases

Transfer files over network

On destination host, listening on specified port, waiting to receive stream

Example: waiting to receive a tar file and then extract it to the destination folder:

nc -l port | tar zxvfp -C /mnt/backup 

Example: listen on port, save the received file to terry.tar.gz

nc -l port > terry.tar.gz

Send the file (terry.tar.gz)

cat terry.tar.gz | nc -q 0 hostname port


nc -q 0 hostname port < terry.tar.gz

Option -q: after EOF on stdin, wait the specified number of seconds and then quit. If seconds is negative, wait forever.

NOTE: For security reasons, scp or rsync over SSH are recommended.

Use netcat as chat service


nc -l port


nc hostname port

netcat as a port scanner

nc -vz hostname 20-1204

Port Scan a range of hosts (IPs) using netcat

Example, discover VNC on port 5900 (:0)

for i in {1..253}; do nc -vz -n -w 1 10.187.46.$i 5900; done
for i in {1..253}; do nc -vz -n -w 1 10.187.39.$i 10000; done

nmap (recommended)

# discover port 10000 (webmin)
nmap -T4 -p10000

# quick scan with OS detection
nmap -sT -O IP_RANGE

NOTE: use range in form of 192.168.0-255.1-127

Other useful tools

  • socat
  • corkscrew
  • connect-proxy