netcat

View documentation for the original command

$ tldr nc

nc [options] hostname port
nc -l [options] [port]

-l
    Listen mode: Instructs netcat to listen for an incoming connection rather than initiating one.

-p port
    Local port: Specifies the source port for outgoing connections or the listening port when in listen mode (alternative to simply providing port after -l).

-u
    UDP mode: Uses UDP instead of the default TCP protocol.

-v
    Verbose mode: Provides more detailed output, useful for debugging and understanding connection status. Can be repeated (e.g., -vv) for even more verbosity.

-w timeout
    Timeout: Specifies a connection timeout in seconds. Netcat will close the connection if idle for this duration.

-z
    Zero-I/O mode: Performs a port scan without sending any data. Useful for quick port checking.

-k
    Keep open: Forces netcat to stay listening for multiple connections after the first client has disconnected (only applicable in listen mode with -l).

-n
    Numeric-only IP addresses: Disables DNS lookups, forcing netcat to use only numeric IP addresses. This can speed up operations and avoid DNS issues.

-q seconds
    Quit after EOF on stdin: Exits after EOF on stdin for the client. If seconds is specified, waits that long after EOF on stdin, then quits.

-4
    Force IPv4: Forces netcat to use IPv4 addresses only.

-6
    Force IPv6: Forces netcat to use IPv6 addresses only.

Netcat, often abbreviated as nc, is a versatile utility designed for reading from and writing to network connections using TCP or UDP protocols.

It's widely regarded as a 'network Swiss army knife' due to its broad range of capabilities. Users can establish arbitrary TCP and UDP connections, send raw data, listen for incoming connections, and perform various network debugging tasks.

Common applications include port scanning (e.g., checking if a specific service is running on a port), banner grabbing (retrieving initial service messages), simple file transfers between machines, and even basic client/server communication. Its simplicity combined with its powerful features makes it an indispensable tool for network administrators, security professionals, and developers for testing and debugging network-enabled applications.

While straightforward to use, its flexibility means it can also be leveraged for more advanced, and sometimes malicious, network operations.

Due to its powerful and flexible nature, netcat can be misused for malicious activities like creating backdoors or launching attacks. Therefore, its usage should always be within legal and ethical boundaries.

It's important to note that there are several implementations of netcat (e.g., OpenBSD netcat, traditional netcat, GNU ncat), which may have slight variations in features and command-line options. For instance, the traditional version often includes an -e option for program execution, which is deliberately omitted from more secure versions like OpenBSD netcat due to security concerns.

File Transfer: Establish a listening nc on one machine (e.g., nc -l -p 1234 > received_file.txt) and send from another (e.g., nc remote_ip 1234 < local_file.txt).
Simple Chat: Two users can type messages to each other after establishing a connection.
Banner Grabbing: Connect to a service port (e.g., nc example.com 80) and press Enter to see the service banner (e.g., HTTP server version).
Port Scanning: Use -z for quick checks (e.g., nc -zv example.com 20-25).
Basic Web Server/Client: Serve simple HTTP content or make raw HTTP requests.

While immensely useful, netcat is a powerful tool that can be exploited if not used responsibly. It's often used by attackers to create bind shells (where netcat listens for incoming connections and executes commands) or reverse shells (where netcat connects out to an attacker-controlled listener). For legitimate use, always ensure proper permissions and network security measures are in place, and be aware of which netcat implementation you are using, especially regarding features like -e.

The original netcat was developed by Hobbit in 1995. It quickly gained popularity for its simplicity and power, becoming a staple in network administration and security toolkits. Over time, due to its licensing and the desire for enhanced or more secure features, various forks and reimplementations emerged. Notable versions include the widely adopted OpenBSD netcat (which prioritizes security and omits some features like the -e option), and GNU ncat (part of the Nmap project), which offers additional features and cross-platform compatibility. Despite these variations, the core functionality and conceptual usage remain consistent across most implementations.

telnet(1), socat(1), ssh(1), tcpdump(8), nmap(1)