This article shows you some useful usage examples for netcat. Netcat is known as the TCP/IP swiss army knife. From the netcat man page: netcat is a simple unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable back-end tool that can be used directly or easily driven by other programs and scripts.
At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, what’s more, it has several interesting built-in capabilities.
I’m using two systems for testing purpose in this article, they are:
* server-A.example.com: IP address 192.168.1.10
* server-B.example.com: IP address 192.168.1.11
netcat should already be installed on both of these systems – you can check with this command: which nc
To learn more about netcat, just take a look at its man page by the command: man nc
Example 1 – Copying A File From One System To The Other
Let’s say we want to copy the file ISPConfig-126.96.36.199.tar.gz from server-A to server-B. To do this, run on server-B:
nc -lp 1234 > ISPConfig-188.8.131.52.tar.gz
on server-B (1234 is some unused port – you can replace it with another value if you like). server-B will then wait for the file ISPConfig-184.108.40.206.tar.gz on port 1234.
On server-A, run: nc -w 1 server-B.example.com 1234 < ISPConfig-220.127.116.11.tar.gz
to start the file transfer.
Example 2 – Cloning hard drives and partitions
You can even use netcat to clone hard drives (and partitions) over network. For this example, I want to clone /dev/sda from server-A to server-B. Of course, the to-be-cloned partitions must be unmounted on the target system, so if you want to clone the system partition, you must boot the target system (server-B) from a rescue system or LiveCD such as Knoppix. Please keep a note that the target system’s IP address might need a change.
On server-B, run: nc -l -p 1234 | dd of=/dev/sda
Afterwards, on server-A, run: dd if=/dev/sda | nc 192.168.1.11 1234
to start the cloning process. This can take some time, depending on the size of the hard drive or partitions.
Example 3 – Port Scanning
On server-A, you can scan for open ports on server-B as follows: nc -v -w 1 server-B.example.com -z 1-1000
(1-1000 means: scan ports from port number 1 to port number 1000.)
You can also scan ports on the local system: nc -v -w 1 localhost -z 1-1000
Example 4 – Spoofing HTTP Headers
You can use netcat to request web pages:
nc ispconfig.org 80
You can then type in headers as follows:
GET / HTTP/1.1
As you see, this allows you to make up your own referrers and browser (User-Agent). After you’ve typed in your headers, press ENTER twice, and the requested page will appear (including the headers sent back by the remote server):
server-B:~# nc exampple.com 80
GET / HTTP/1.1
HTTP/1.1 200 OK
Date: Fri, 28 Nov 2008 14:11:49 GMT
Server: Apache/2.2.3 (Debian) mod_ssl/2.2.3 OpenSSL/0.9.8c
Last-Modified: Wed, 26 Nov 2008 19:34:17 GMT
Example 5 – Chatting
You can even use netcat to chat from one system to the other on the command line.
Type on server-B: nc -lp 1234
server-B will then wait until server-A connects on port 1234.
On server-A, run this command: nc server-B.example.com 1234
Now you can type in messages on either system and press ENTER, and they will appear on the other system. To close the chat, press CTRL+C on either system.
Example 6 – Serving Web Pages
You can even use netcat to act as a web server: while true; do nc -l -p 80 -q 1 < webpage.html; done
would serve the page webpage.html until you close the terminal window.
netcat project home page: http://netcat.sourceforge.net/