Netcat is a featured networking utility which reads and writes data across network connections, using the TCP\/IP protocol.\u00a0 It is designed to be a back-end tool that can be used directly or easily driven by other programs and scripts. \u00a0At the same time, it is packed with other features such as port scanning or copying files over the network without having a FTP or HTTP server.\u00a0 Netcat is often used by hackers to achieve a shell on a victim\u2019s computer.\u00a0 If a hacker was able to breach a website, they could upload a shell script to the site.\u00a0 The script would be modified to connect to the attackers IP, on a given port, say 9999.\u00a0 Once the shell is uploaded, the attacker would setup a netcat listener on their machine with the commands:<\/p>\n
nc \u2013nvlp 9999<\/p>\n
This essentially tells netcat (nc) not resolve names (-n), to be verbose printing out when a connection occurs (-v), to listen (-l) on a given local port (-p)<\/p>\n
Once the listener is set, the attacker would navigate to the page were they uploaded the shell script, and it would execute and then there would be a shell prompt in the terminal where the netcat listener was set.<\/p>\n
Questions for the class:<\/p>\n
What else can netcat be used for?<\/p>\n","protected":false},"excerpt":{"rendered":"
Netcat is a featured networking utility which reads and writes data across network connections, using the TCP\/IP protocol.\u00a0 It is designed to be a back-end tool that can be used directly or easily driven by other programs and scripts. \u00a0At the same time, it is packed with other features such as port scanning or copying […]<\/p>\n","protected":false},"author":25060,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[799101],"tags":[],"class_list":{"0":"post-6727","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-05-system-and-user-enumeration","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/posts\/6727","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/users\/25060"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/comments?post=6727"}],"version-history":[{"count":2,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/posts\/6727\/revisions"}],"predecessor-version":[{"id":6729,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/posts\/6727\/revisions\/6729"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/media?parent=6727"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/categories?post=6727"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/mis5211sec702fall2020\/wp-json\/wp\/v2\/tags?post=6727"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}