document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-26 21:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6579 from lujun9972/translate-MjAxNzEyMDYgMTAgdXNlZnVsIG5jYXQgKG5jKSBDb21tYW5kIEV4YW1wbGVzIGZvciBMaW51eCBTeXN0ZW1zLm1kCg==

Browse Source 
翻译完毕
This commit is contained in:
Xingyu.Wang 2017-12-12 14:34:03 +08:00 committed by GitHub
commit 3389119836
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 199 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
sources/tech/20171206 10 useful ncat (nc) Command Examples for Linux Systems.md
View File

@ -1,200 +0,0 @@
translating by lujun9972
10 useful ncat (nc) Command Examples for Linux Systems
======
[![nc-ncat-command-examples-Linux-Systems](https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg)][1]
ncat or nc is networking utility with functionality similar to cat command but for network. It is a general purpose CLI tool for reading, writing, redirecting data across a network. It is designed to be a reliable back-end tool that can be used with scripts or other programs. Its also a great tool for network debugging, as it can create any kind of connect one can need.
ncat/nc can be a port scanning tool, or a security tool, or monitoring tool and is also a simple TCP proxy. Since it has so many features, it is known as a network swiss army knife. Its one of those tools that every System Admin should know & master.
In most of Debian distributions nc is available and its package is automatically installed during installation. But in minimal CentOS 7 / RHEL 7 installation you will not find nc as a default package. You need to install using the following command.
```
[root@linuxtechi ~]# yum install nmap-ncat -y
```
System admins can use it audit their system security, they can use it find the ports that are opened & than secure them. Admins can also use it as a client for auditing web servers, telnet servers, mail servers etc, with nc we can control every character sent & can also view the responses to sent queries.
We can also cause it to capture data being sent by client to understand what they are upto.
In this tutorial, we are going to learn about how to use nc command with 10 examples,
#### Example: 1) Listen to inbound connections
Ncat can work in listen mode & we can listen for inbound connections on port number with option l. Complete command is,
$ ncat -l port_number
For example,
```
$ ncat -l 8080
```
Server will now start listening to port 8080 for inbound connections.
#### Example: 2) Connect to a remote system
To connect to a remote system with nc, we can use the following command,
$ ncat IP_address port_number
Lets take an example,
```
$ ncat 192.168.1.100 80
```
Now a connection to server with IP address 192.168.1.100 will be made at port 80 & we can now send instructions to server. Like we can get the complete page content with
GET / HTTP/1.1
or get the page name,
GET / HTTP/1.1
or we can get banner for OS fingerprinting with the following,
HEAD / HTTP/1.1
This will tell what software is being used to run the web Server.
#### Example: 3) Connecting to UDP ports
By default , the nc utility makes connections only to TCP ports. But we can also make connections to UDP ports, for that we can use option u,
```
$ ncat -l -u 1234
```
Now our system will start listening a udp port 1234, we can verify this using below netstat command,
```
$ netstat -tunlp | grep 1234
udp 0 0 0.0.0.0:1234 0.0.0.0:* 17341/nc
udp6 0 0 :::1234 :::* 17341/nc
```
Lets assume we want to send or test UDP port connectivity to a specific remote host, then use the following command,
$ ncat -v -u {host-ip} {udp-port}
example:
```
[root@localhost ~]# ncat -v -u 192.168.105.150 53
Ncat: Version 6.40 ( http://nmap.org/ncat )
Ncat: Connected to 192.168.105.150:53.
```
#### Example: 4) NC as chat tool
NC can also be used as chat tool, we can configure server to listen to a port & than can make connection to server from a remote machine on same port & start sending message. On server side, run
```
$ ncat -l 8080
```
On remote client machine, run
```
$ ncat 192.168.1.100 8080
```
Than start sending messages & they will be displayed on server terminal.
#### Example: 5) NC as a proxy
NC can also be used as a proxy with a simple command. Lets take an example,
```
$ ncat -l 8080 | ncat 192.168.1.200 80
```
Now all the connections coming to our server on port 8080 will be automatically redirected to 192.168.1.200 server on port 80\. But since we are using a pipe, data can only be transferred & to be able to receive the data back, we need to create a two way pipe. Use the following commands to do so,
```
$ mkfifo 2way
$ ncat -l 8080 0<2way | ncat 192.168.1.200 80 1>2way
```
Now you will be able to send & receive data over nc proxy.
#### Example: 6) Copying Files using nc/ncat
NC can also be used to copy the files from one system to another, though it is not recommended & mostly all systems have ssh/scp installed by default. But none the less if you have come across a system with no ssh/scp, you can also use nc as last ditch effort.
Start with machine on which data is to be received & start nc is listener mode,
```
$ ncat -l 8080 > file.txt
```
Now on the machine from where data is to be copied, run the following command,
```
$ ncat 192.168.1.100 8080 --send-only < data.txt
```
Here, data.txt is the file that has to be sent. send-only option will close the connection once the file has been copied. If not using this option, than we will have press ctrl+c to close the connection manually.
We can also copy entire disk partitions using this method, but it should be done with caution.
#### Example: 7) Create a backdoor via nc/nact
NC command can also be used to create backdoor to your systems & this technique is actually used by hackers a lot. We should know how it works in order to secure our system. To create a backdoor, the command is,
```
$ ncat -l 10000 -e /bin/bash
```
e flag attaches a bash to port 10000\. Now a client can connect to port 10000 on server & will have complete access to our system via bash,
```
$ ncat 192.168.1.100 1000
```
#### Example: 8) Port forwarding via nc/ncat
We can also use NC for port forwarding with the help of option c , syntax for accomplishing port forwarding is,
```
$ ncat -u -l 80 -c 'ncat -u -l 8080'
```
Now all the connections for port 80 will be forwarded to port 8080.
#### Example: 9) Set Connection timeouts
Listener mode in ncat will continue to run & would have to be terminated manually. But we can configure timeouts with option w,
```
$ ncat -w 10 192.168.1.100 8080
```
This will cause connection to be terminated in 10 seconds, but it can only be used on client side & not on server side.
#### Example: 10) Force server to stay up using -k option in ncat
When client disconnects from server, after sometime server also stops listening. But we can force server to stay connected & continuing port listening with option k. Run the following command,
```
$ ncat -l -k 8080
```
Now server will stay up, even if a connection from client is broken.
With this we end our tutorial, please feel free to ask any question regarding this article using the comment box below.
--------------------------------------------------------------------------------
via: https://www.linuxtechi.com/nc-ncat-command-examples-linux-systems/
作者:[Pradeep Kumar][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linuxtechi.com/author/pradeep/
[1]:https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg

199
translated/tech/20171206 10 useful ncat (nc) Command Examples for Linux Systems.md Normal file
View File

@ -0,0 +1,199 @@
10 个例子教你学会 ncat (nc) 命令
======
[![nc-ncat-command-examples-Linux-Systems](https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg)][1]
ncat 或者说 nc 是一款功能类似 cat 的网络工具。它是一款拥有多种功能的 CLI 工具,可以用来在网络上读,写以及重定向数据。 它被设计成可以被脚本或其他程序调用的可靠后端工具。 同时由于它能创建任意所需的连接,因此也是一个很好的网络调试工具。
ncat/nc 既是一个端口扫描工具,也是一款安全工具, 还能是一款检测工具,甚至可以做一个简单的 TCP 代理。 由于有这么多的功能,它被誉为是网络界的瑞士军刀。 这是每个系统管理员都应该知道并且掌握它。
在大多数 Debian 发行版中,`nc` 是默认可用的,它会在安装系统的过程中自动被安装。 但是在 CentOS 7 / RHEL 7 的最小化安装中,`nc` 并不会默认被安装。 你需要用下列命令手工安装。
```
[root@linuxtechi ~]# yum install nmap-ncat -y
```
系统管理员可以用它来审计系统安全,用它来找出开放的端口然后保护这些端口。 管理员还能用它作为客户端来审计 Web 服务器, 远程登陆服务器, 邮件服务器等, 通过 `nc` 我们可以控制发送的每个字符,也可以查看对方的回应。
我们还可以 o 用它捕获客户端发送的数据一次来了解这些客户端是做什么的。
在本文中,我们会通过 10 个例子来学习如何使用 `nc` 命令。
### 例子: 1) 监听入站连接
通过 `l` 选项ncat 可以进入监听模式,使我们可以在指定端口监听入站连接。 完整的命令是这样的
$ ncat -l port_number
比如,
```
$ ncat -l 8080
```
服务器就会开始在 8080 端口监听入站连接。
### 例子: 2) 连接远程系统
使用下面命令可以用 nc 来连接远程系统,
$ ncat IP_address port_number
让我们来看个例子,
```
$ ncat 192。168。1。100 80
```
这会创建一个连接,连接到 IP 为 192。168。1。100 的服务器上的 80 端口,然后我们就可以向服务器发送指令了。 比如我们可以输入下面内容来获取完整的网页内容
GET / HTTP/1.1
或者获取页面名称,
GET / HTTP/1.1
或者我们可以通过以下方式获得操作系统指纹标识,
HEAD / HTTP/1.1
这会告诉我们使用的是什么软件来运行这个 web 服务器的。
### 例子: 3) 连接 UDP 端口
默认情况下nc 创建连接时只会连接 TCP 端口。 不过我们可以使用 `u` 选项来连接到 UDP 端口,
```
$ ncat -l -u 1234
```
现在我们的系统会开始监听 udp 的'1234'端口,我们可以使用下面的 netstat 命令来验证这一点,
```
$ netstat -tunlp | grep 1234
udp 0 0 0。0。0。0:1234 0。0。0。0:* 17341/nc
udp6 0 0 :::1234 :::* 17341/nc
```
假设我们想发送或者说测试某个远程主机 UDP 端口的连通性,我们可以使用下面命令,
$ ncat -v -u {host-ip} {udp-port}
比如:
```
[root@localhost ~]# ncat -v -u 192。168。105。150 53
Ncat: Version 6。40 ( http://nmap.org/ncat )
Ncat: Connected to 192。168。105。150:53。
```
#### 例子: 4) 将 NC 作为聊天工具
NC 也可以作为聊天工具来用,我们可以配置服务器监听某个端口,然后从远程主机上连接到服务器的这个端口,就可以开始发送消息了。 在服务器这端运行:
```
$ ncat -l 8080
```
在远程客户端主机上运行:
```
$ ncat 192。168。1。100 8080
```
之后开始发送消息,这些消息会在服务器终端上显示出来。
#### 例子: 5) 将 NC 作为代理
NC 也可以用来做代理。比如下面这个例子,
```
$ ncat -l 8080 | ncat 192。168。1。200 80
```
所有发往我们服务器 8080 端口的连接都会自动转发到 192。168。1。200 上的 80 端口。 不过由于我们使用了管道,数据只能被单向传输。 要同时能够接受返回的数据,我们需要创建一个双向管道。 使用下面命令可以做到这点:
```
$ mkfifo 2way
$ ncat -l 8080 0<2way | ncat 1921681200 80 1>2way
```
现在你可以通过 nc 代理来收发数据了。
#### 例子: 6) 使用 nc/ncat 拷贝文件
NC 还能用来在系统间拷贝文件,虽然这么做并不推荐,因为绝大多数系统默认都安装了 ssh/scp。 不过如果你恰好遇见个没有 ssh/scp 的系统的话, 你可以用 nc 来作最后的努力。
在要接受数据的机器上启动 nc 并让它进入监听模式:
```
$ ncat -l 8080 > file.txt
```
现在去要被拷贝数据的机器上运行下面命令:
```
$ ncat 192。168。1。100 8080 --send-only < data.txt
```
这里data.txt 是要发送的文件。 send-only 选项会在文件拷贝完后立即关闭连接。 如果不加该选项, 我们需要手工按下 ctrl+c to 来关闭连接。
我们也可以用这种方法拷贝整个磁盘分区,不过请一定要小心。
#### 例子: 7) 通过 nc/ncat 创建后门
NC 命令还可以用来在系统中创建后门,并且这种技术也确实被黑客大量使用。 为了保护我们的系统,我们需要知道它是怎么做的。 创建后门的命令为:
```
$ ncat -l 10000 -e /bin/bash
```
e 标志将一个 bash 与端口 10000 相连。现在客户端只要连接到服务器上的 10000 端口就能通过 bash 获取我们系统的完整访问权限:
```
$ ncat 192。168。1。100 10000
```
#### 例子: 8) 通过 nc/ncat 进行端口转发
我们通过选项 `c` 来用 NC 进行端口转发,实现端口转发的语法为:
```
$ ncat -u -l 80 -c 'ncat -u -l 8080'
```
这样,所有连接到 80 端口的连接都会转发到 8080 端口。
#### 例子: 9) 设置连接超时
ncat 的监听模式会一直运行,直到手工终止。 不过我们可以通过选项 `w` 设置超时时间:
```
$ ncat -w 10 192。168。1。100 8080
```
这回导致连接 10 秒后终止,不过这个选项只能用于客户端而不是服务端。
#### 例子: 10) 使用 -k 选项强制 ncat 待命
当客户端从服务端断开连接后,过一段时间服务端也会停止监听。 但通过选项 `k` 我们可以强制服务器保持连接并继续监听端口。 命令如下:
```
$ ncat -l -k 8080
```
现在即使来自客户端的连接断了也依然会处于待命状态。
自此我们的教程就完了,如有疑问,请在下方留言。
--------------------------------------------------------------------------------
via: https://www.linuxtechi.com/nc-ncat-command-examples-linux-systems/
作者:[Pradeep Kumar][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linuxtechi.com/author/pradeep/
[1]:https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg