netcat | |
Author: |
|
Developer: | Avian Research |
Released: | [1] |
Latest Release Version: | 1.10 |
Operating System: | Unix and Unix-like, DOS, Microsoft Windows, Windows CE |
Genre: | Network utility |
License: | Original version: custom, permissive license GNU version: GPL OpenBSD version: BSD |
Discontinued: | yes |
netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP. The command is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.
It is able to perform port scanning, file transferring and port listening.
The original netcat's features include:[2]
Rewrites like GNU's and OpenBSD's support additional features. For example, OpenBSD's nc supports TLS, and GNU netcat natively supports a tunneling mode supporting UDP and TCP (optionally allowing one to be tunneled over the other) in a single command,[3] where other versions may require piping data from one netcat instance to another.
The original version of netcat was a Unix program. The last version (1.10) was released in March 1996.[4]
There are several implementations on POSIX systems, including rewrites from scratch like GNU netcat[5] or OpenBSD netcat,[6] the latter of which supports IPv6 and TLS. The OpenBSD version has been ported to the FreeBSD base,[7] Windows/Cygwin,[8] and Linux.[9] Mac OS X comes with netcat installed as of OSX 10.13 or users can use MacPorts to install a variant.[10]
A DOS version of netcat called NTOOL is included in the FreeDOS Package group Networking.[11] It is based on the WatTCP stack and licensed under the European Union Public Licence Version 1.1.[12]
Known ports for embedded systems includes versions for Windows CE (named "Netcat 4 wince"[13]) or for the iPhone.[14]
BusyBox includes by default a lightweight version of netcat.
Solaris 11 includes netcat implementation based on OpenBSD netcat.
Socat[15] is a more complex variant of netcat. It is larger and more flexible and has more options that must be configured for a given task. On February 1, 2016, Santiago Zanella-Beguelin and Microsoft Vulnerability Research issued a security advisory regarding a composite Diffie-Hellman parameter which had been hard-coded into the OpenSSL implementation of socat.[16] The implausibility that a composite might have been unintentionally introduced where a prime number is required has led to the suspicion of sabotage to introduce a backdoor software vulnerability.[17] This socat bug affected version 1.7.3.0 and 2.0.0-b8 it was corrected in following releases from 1.7.3.1 and 2.0.0-b9.[16]
Cryptcat[18] is a version of netcat with integrated transport encryption capabilities.
In the middle of 2005, Nmap announced another netcat incarnation called Ncat.[19] It features new possibilities such as "Connection Brokering", TCP/UDP Redirection, SOCKS4 client and server support, ability to "Chain" Ncat processes, HTTP CONNECT proxying (and proxy chaining), SSL connect/listen support and IP address/connection filtering. Like Nmap, Ncat is cross-platform.
On some systems, modified versions or similar netcat utilities go by the command name(s) nc
, ncat
, pnetcat
, socat
, sock
, socket
, sbd
.
Ncat is a similar tool to netcat provided by Nmap suite.[19] "While Ncat isn't built on any code from the “traditional” Netcat (or any other implementation), Ncat is most definitely based on Netcat in spirit and functionality."[20]
Ncat features includes: ability to chain Ncats together, redirect both TCP and UDP ports to other sites, SSL support, and proxy connections via SOCKS4 or HTTP (CONNECT method) proxies (with optional proxy authentication as well).[21]