Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a back-end tool that can be used directly or easily driven by other programs and scripts. At the same time, it is packed with other features such as port scanning or copying files over the network without having a FTP or HTTP server. Netcat is often used by hackers to achieve a shell on a victim’s computer. If a hacker was able to breach a website, they could upload a shell script to the site. The script would be modified to connect to the attackers IP, on a given port, say 9999. Once the shell is uploaded, the attacker would setup a netcat listener on their machine with the commands:
nc –nvlp 9999
This essentially tells netcat (nc) not resolve names (-n), to be verbose printing out when a connection occurs (-v), to listen (-l) on a given local port (-p)
Once the listener is set, the attacker would navigate to the page were they uploaded the shell script, and it would execute and then there would be a shell prompt in the terminal where the netcat listener was set.
Questions for the class:
What else can netcat be used for?
Leave a Reply
You must be logged in to post a comment.