Netcat is often known as the swiff army knife for TCP/IP. It’s features include but not limited to UDP/TCP port scanning, file transfers, tunneling of UDP over TCP, port forwarding and so on.
So how do you move files to and from hosts when a proper file transfer protocol such as FTP or SFTP is not available? Transfer files using netcat of course!
Netcat is able to run in two modes – server and client. We will use the two modes to transfer the /etc/hosts file from one workstation to another. Workstation ‘A’ will receive the file from workstation ‘B’.
On workstation ‘A’, we set up netcat to run in server mode on port 8000 and redirect the output to a temporary file.
|
1 |
root@wkstn-a:~# nc -l 8000 > /tmp/hostsfile |
On workstation ‘B’, we connect to workstation ‘A’ on port 8000 and push the file using netcat.
|
1 |
root@wkstn-b:~# netcat wkstn-a 8000 < /etc/hosts |
The netcat process running in workstation ‘A’ will terminate once it receives and ‘EOF’ from workstation ‘B’. To make sure that the transferred file is not corrupted, run the md5sum command on both the workstations and compare the hash output.
|
1 2 |
root@wkstn-b:~# md5sum /etc/hosts a7e53cc2948718551c5eff9ea471062a /etc/hosts |
|
1 2 |
root@wkstn-a:~# md5sum /tmp/hostsfile a7e53cc2948718551c5eff9ea471062a /tmp/hostsfile |
Did you notice that no authentication was required at all for the file transfer using netcat? This example definitively demonstrates the danger of allowing an unauthorized user running netcat.
Netcat is available for both Windows and UNIX. The Windows version of netcat is available here. Most recent distibutions of UNIX comes with a decent version of netcat.
Mohamed Ibrahim
ibrahim = { interested_in(unix, linux, android, open_source, reverse_engineering); coding(c, shell, php, python, java, javascript, nodejs, react); plays_on(xbox, ps4); linux_desktop_user(true); }
