Netcat is a network communication utility used to read and write information using TCP or UDP protocols. Netcat is a powerful utility; which Read and Write data across TCP and UDP networkConnections. It can be used for port scanning, a backdoor, a port listener, banner grabbing and it is used for many other purposes liketransferring files and for funny stuffs like chatting etc..,
Netcat is by default installed in Backtrack but where as in windows we have to manually download and install.
Let me tell you one simple usage of Netcat as a port listener and creates backdoor
netcat command for Windows machine
-n Numeric only (i.e ip only not the dns)
-l Wait for connections
-p specifies a port to listen0
-e program to run once the port is connected (/bin/bash)
The above command runs the service in the above mentioned port i.e 5000, so that other machine can use this service by connecting to same port.
Where as in case of Linux
In other end, which wants to connect..?
Where 192.168.2.110 is the ip address of the listener machine
It will take over the service which is running on that port (i.e of the windows system) So that can able to run all the windows commands.
Suppose someone else is in the same network, which is running the Wireshark (Wireshark is a packet capture tool).
They can easily capture the data which is transferring over the network; they can monitor the traffic since it uses cleartext protocols
Click on the below link to download the netcat cheat sheet
Netcat cheat sheet
It is unsafe because it uses clear text protocol, anyone can see the communication and they can use the backdoor.
There is no authentication, so that anyone who knows the ip and port no. can connect.
ncat is a general-purpose command-line tool for reading, writing, redirecting data across a network.
We can tell ncat is the advanced version of netcat, because it will do all the functions of netcat along with that it as extra functionalities like using ssl for connecting or listening, set ssl certificates, set authentication so many.
It will show the help file and usage of the ncat and their various options
Same like netcat but it uses encryption technique since it uses ssl here
Its listening on the port 5000 along with the ssl(for encryption)
In the other end which wants to communicate
It opens the connection but it uses ssl for communication (i.e SHA-1 technique)
Suppose same case as in the netcat, if someone else in the same network runs Wireshark and tries to capture and monitor the data. They will not understand anything because it is in the encrypted format.
ncat may control which hosts connect to it with the –allow and –deny options If we use –allow it will allow only the mentioned Ip to connect where as in the –deny it allows all other ip’s to connect except mentioned one.
It will show all the HTTP Methods that are enabled in the target And so on.., So many features are there in ncat compare to netcat…,
For more info go through the below link http://nmap.org/ncat/