Difference between revisions of "Linux netcat"
| Line 16: | Line 16: | ||
This creates a simple web server | This creates a simple web server | ||
listen@server1:$ nc -kl 8080 < index.html #works in Chrome | listen@server1:$ nc -kl 8080 < index.html #works in Chrome | ||
listen@server1:$ { echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c <index.html)\r\n\r\n"; cat index.html; } | nc -l 8080 | |||
listen@server1:$ { echo -ne "HTTP/1.0 200 OK\r\n\r\n"; cat index.html; } | nc -l -p 8080 #improved version to correctly respond to '''a single''' HTTP1.1 request | listen@server1:$ { echo -ne "HTTP/1.0 200 OK\r\n\r\n"; cat index.html; } | nc -l -p 8080 #improved version to correctly respond to '''a single''' HTTP1.1 request | ||
This is a simple index.html file | This is a simple index.html file | ||
< | <source lang="bash"> | ||
cat index.html | cat index.html | ||
<html> | <html> | ||
| Line 31: | Line 32: | ||
</body> | </body> | ||
</html> | </html> | ||
</ | </source> | ||
Please be aware that <tt>nc</tt> is not aware of HTTP1.1 specification and is not sending 200 Ok, therefore it will not work out of box in curl, wget or lynx. Therefore please try this in a full flagged web browser like Chrome. | Please be aware that <tt>nc</tt> is not aware of HTTP1.1 specification and is not sending 200 Ok, therefore it will not work out of box in curl, wget or lynx. Therefore please try this in a full flagged web browser like Chrome. | ||
<source lang="bash"> | |||
client@server2:$ curl -v --noproxy "server1.example.com" <nowiki>http://server1.example.com:8080</nowiki> #will disable using a proxy for the "server1" | client@server2:$ curl -v --noproxy "server1.example.com" <nowiki>http://server1.example.com:8080</nowiki> #will disable using a proxy for the "server1" | ||
client@server2:$ lynx <nowiki>http://server1.example.com:8080</nowiki> | client@server2:$ lynx <nowiki>http://server1.example.com:8080</nowiki> | ||
</source> | |||
===Checking if UDP ports (-u) 80-90 are open on 192.168.0.1 using zero mode I/O (-z)=== | |||
nc -vzu 192.168.0.1 <nowiki>80-90</nowiki> | |||
Note that UDP tests will always show as "open". The <code>-uz</code> argument is useless. | |||
===Test if UDP port is open: simple UDP server and client=== | |||
This test is useful, if you have shell access to the server that should be tested, but you do not know whether there is a firewall blocking a specific UDP port on the server. | |||
On the listening host, i.e. on the server whose port needs to be checked, do the following: | |||
nc -ul 7000 | |||
On the sending host, do the following – note that <code>servname</code> is the hostname of the listening host: | |||
nc -u servname 7000 | |||
If text typed on the sending host (type something and hit enter) is displayed also on the listening host, then the UDP port 7000 is open. If it is not open, you will get an error such as "Connection refused". | |||
There is a caveat. On some machines, [[IPv6]] may be the default IP version to use by <tt>netcat</tt>. Thus, the host specified by the hostname is contacted using IPv6, and the user might not know about this. Ports may appear closed in the test, even though they would be open when using [[IPv4]]. This can be difficult to notice and may cause the false impression that the port is blocked, while it is actually open. You can force the use of IPv4 by using adding <code>-4</code> to the options of the <code>nc</code> commands. | |||
= References = | |||
*[https://en.wikipedia.org/wiki/Netcat Netcat] Wikipedia | |||
Revision as of 10:51, 29 September 2016
Netcat in slow translation is the network version of cat command.
Send a string over a network
Start listening for a connection. The command below listen on TCP port 4444 for a new connections and displays any incoming data to a screen (default STDOUT) then it stops when the connection closes. Use -k to continue listening after a transfer completes.
listen@server1# nc -l 4444
Send string to the listening server by redirecting the string(data) into nc
send@server2# echo "Hello Tom!" | nc server1.example.com 4444
Send Files through Netcat
This example will redirect any incoming data to a file
listen@server1# nc -l 4444 > file1.txt
Simple web server
This creates a simple web server
listen@server1:$ nc -kl 8080 < index.html #works in Chrome
listen@server1:$ { echo -ne "HTTP/1.0 200 OK\r\nContent-Length: $(wc -c <index.html)\r\n\r\n"; cat index.html; } | nc -l 8080
listen@server1:$ { echo -ne "HTTP/1.0 200 OK\r\n\r\n"; cat index.html; } | nc -l -p 8080 #improved version to correctly respond to a single HTTP1.1 request
This is a simple index.html file
cat index.html
<html>
<head>
<title>Test Page</title>
</head>
<body>
<h1>Level 1 header</h1>
<h2>Subheading</h2>
<p>Normal text here</p>
</body>
</html>
Please be aware that nc is not aware of HTTP1.1 specification and is not sending 200 Ok, therefore it will not work out of box in curl, wget or lynx. Therefore please try this in a full flagged web browser like Chrome.
client@server2:$ curl -v --noproxy "server1.example.com" <nowiki>http://server1.example.com:8080</nowiki> #will disable using a proxy for the "server1"
client@server2:$ lynx <nowiki>http://server1.example.com:8080</nowiki>
Checking if UDP ports (-u) 80-90 are open on 192.168.0.1 using zero mode I/O (-z)
nc -vzu 192.168.0.1 80-90
Note that UDP tests will always show as "open". The -uz argument is useless.
Test if UDP port is open: simple UDP server and client
This test is useful, if you have shell access to the server that should be tested, but you do not know whether there is a firewall blocking a specific UDP port on the server.
On the listening host, i.e. on the server whose port needs to be checked, do the following:
nc -ul 7000
On the sending host, do the following – note that servname is the hostname of the listening host:
nc -u servname 7000
If text typed on the sending host (type something and hit enter) is displayed also on the listening host, then the UDP port 7000 is open. If it is not open, you will get an error such as "Connection refused".
There is a caveat. On some machines, IPv6 may be the default IP version to use by netcat. Thus, the host specified by the hostname is contacted using IPv6, and the user might not know about this. Ports may appear closed in the test, even though they would be open when using IPv4. This can be difficult to notice and may cause the false impression that the port is blocked, while it is actually open. You can force the use of IPv4 by using adding -4 to the options of the nc commands.
References
- Netcat Wikipedia