Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Instant Netcat Starter

You're reading from   Instant Netcat Starter Learn to harness the power and versatility of Netcat, and understand why it remains an integral part of IT and Security Toolkits to this day

Arrow left icon
Product type Paperback
Published in Jan 2013
Publisher Packt
ISBN-13 9781849519960
Length 64 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Kenneth Curtis Yerrid Kenneth Curtis Yerrid
Author Profile Icon Kenneth Curtis Yerrid
Kenneth Curtis Yerrid
Arrow right icon
View More author details
Toc

Table of Contents (8) Chapters Close

Instant Netcat Starter
Credits
About the author
Acknowledgement
About the reviewer
www.packtpub.com
packtLib.packtPub.com
1. Instant Netcat Starter FREE CHAPTER

Installation


In four easy steps, you can install Netcat and get it set up on your system, whether it is Windows, Linux, Unix, or Mac OS X. For brevity, we will be focusing on Windows and Debian distributions of Linux. Mac OS X has Netcat installed by default, albeit without the DGAPING_SECURITY_HOLE option enabled (which is explained later). For information on recompiling Netcat for Mac OS X (BSD) with the DGAPING_SECURITY_HOLE option, please refer to the build instructions in the man pages.

For all supported platforms

The requirements for Netcat are reflective of the good old days of computing, when Bill Gates was famously (and also incorrectly) attributed to the 640 K memory ceiling on personal computing needs (see http://www.wired.com/politics/law/news/1997/01/1484). While Netcat is not quite that lightweight, let's examine the requirements.

Step 1 – what do I need?

One of the most attractive features of using Netcat in your environment is the incredibly small footprint that the utility occupies on both the client and the listener. If you are not completely comfortable in a Command-line Interface (CLI) environment, fear not. Most of the heavy lifting for installing Netcat is done in the steps leading up to the installation.

Before diving in with both feet, there is some minor historical context that must be imparted to you. As mentioned before, Netcat is an oldie, but goodie. One of the byproducts of its longevity is how the utility has been maintained over the years. There have essentially been three major paths that the utility has evolved through. The first is the original Unix Netcat that was released by Hobbit. This version will contain the Version 1.10 (or 1.11 in some instances). The second major version is the GNU Netcat version that is hosted on SourceForge's web-based source code repository. The GNU version's goal is to have full compatibility with all of the functions of Unix Netcat Version 1.10. Finally, this book would be remiss to not include references to the Nmap project's version of Netcat, simply called Ncat. According to the Nmap Project website, Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat (Nmap Project).

The last thing you need to be aware of regarding the original Unix Netcat is that some flavors of Linux and Unix may have recompiled the original Unix Netcat without the ability to execute programs upon connection to the listener. The DGAPING_SECURITY_HOLE option allows an operator to execute programs using the –e switch to do a number of powerful tasks, including launching a shell. As a result, those precompiled, preinstalled versions are considered "safer" than the other versions that allow the –e switch. If you were to search for "Netcat DGAPING_SECURITY_HOLE" in your favorite search engine, you will undoubtedly see the equivalent of a hamster slap fight over the risks and benefits of the DGAPING_SECURITY_HOLE option. To determine whether your instance of Netcat was compiled with the DGAPING_SECURITY_HOLE option, simply type nc –h in the command line. The following screenshot demonstrates the output of a Netcat instance without the DGAPING_SECURITY_HOLE (notice the absence of the –e switch):

Conversely, the following screenshot demonstrates the Netcat utility with the DGAPING_SECURITY_HOLE option enabled:

Netcat is a relatively easy program to obtain, configure, and install. In fact, most distributions of Unix and Linux have a precompiled version of Netcat already installed and configured. We will briefly discuss the primary reason why you may want to recompile your instance of Netcat in a bit, but for now, let's focus on the requirements to get you up and running quickly.

Fortunately, the distributions I am providing links to in this section all have the DGAPING_SECURITY_HOLE option enabled. This includes the Unix Netcat, GNU Netcat, and, of course, Ncat for both Windows and Unix.

Before you obtain and install Netcat, you will need to check that you have all of the required elements, listed as follows:

  • Disk space: 300 KB free (minimum). You read that correctly. On Windows, the nc folder, including all of the source and help files, occupies 280 KB on disk. For Windows installations, once you are done extracting the files, the only required file is nc.exe, which weighs in at 60 KB.

  • Memory: 2 MB (minimum), 8 MB (recommended).

For Windows installations

Windows distributions are relatively straightforward, once you find the archive to download from.

Step 2 – downloading Netcat from the Internet

Finding the Windows binaries has proven somewhat difficult and unreliable, as the most common distribution point, formerly located at http://www.vulnwatch.org/netcat/nc111nt.zip appears to have gone offline and the binary is not available. Fret not, in doing a search for nc111nt.zip on my favorite search engine, I was able to locate two mirror sites that appear to be both reliable and committed to hosting the binary. Please check out one of the following sites:

For the purpose of our exercises, we will be using the version from these sites, both of which calculated an MD5 hash value of 37f2383aa4e825e7005c74099f8bb2c3, as shown in the following screenshot (special thanks to the Security Xploded team for creating an awesome hash generator tool):

Step 3 – extracting Netcat from ZIP archive

For Windows binaries, simply double-click on the nc111nt.zip file you downloaded in Step 2 – downloading Netcat from the Internet. The only file that is required to run is nc.exe, located in the extracted folder as shown in the following screenshot:

Step 4 – verifying program operation

Once this is completed, you can verify the success of compilation and installation by typing the nc –h command in the command prompt.

If your screen looks similar to what is shown in the preceding screenshot, then you have successfully implemented Netcat on the Windows platform. From this point, you can continue to explore other distribution installation instructions, or skip ahead to the next section where we will actually start working with the tool.

For Linux/Unix installations (Unix Netcat Installation)

For Linux/Unix installations, you may find it easier or slightly more difficult to get up and running with Netcat. Today, many distributions of Linux (as well as Mac OS X, based on BSD) have a version of Netcat preinstalled. However, the installed version may not suit your exact needs; therefore, let's examine a couple of different approaches to getting the right version on your Linux/Unix machine.

Step 2 – downloading Netcat from the Internet

In my experience, most distributions of Linux have the Unix version of Netcat available within the package management applications on your particular distribution. However, there may be a time when you will want to grab the source from a trusted location. The following locations host the binaries:

The MD5 hash produced by this file is 402632f2fe01c169ff19a0ad6e9d608c, as shown in the following screenshot:

Step 3 – installing Unix Netcat

As mentioned earlier, most distributions of Linux have Netcat installed by default. In this example, I am using Linux Mint 13, with the MATE desktop. In my case, the version of Netcat that I am running by default is an OpenBSD version that has the DGAPING_SECURITY_HOLE option disabled. Since we will be exploring this option in future exercises, I will need to install the proper version. In later examples, I will show you how to compile and install Netcat from a source; however, in this example, I will use Linux Mint's Package Manager to install the correct version. The following screenshot shows the default Netcat installation; notice the text that explains that there is another version available in the Netcat-traditional package (line 3):

Before we install the correct Netcat binaries, we will go ahead and remove the old version. To do this, you can either issue the apt-get command from the command line, or simply launch your package manager and have the script do it for you. We will take the GUI route, probably much to the chagrin of Linux purists. For those of you wanting to remove the package from the command line, simply type the command sudo apt-get remove --purge netcat-openBSD, type your sudo password, and select Y to confirm. However, assuming zero experience in Linux, from the MATE desktop, we will first select the Package Manager application as shown in the following screenshot:

Because Synaptic is modifying your system, you will likely be required to enter your sudo credentials as shown in the following screenshot:

A listing of software packages will appear. By entering netcat in the search bar, you will see both the netcat-openbsd package and the netcat-traditional package. The green box in the following screenshot shows that netcat-openbsd is being installed currently:

We will mark the netcat-openbsd package for complete removal using the right mouse button, as demonstrated in the following screenshot:

The square will turn from green to red to indicate this, as shown in the following screenshot:

Click on the Apply button. Synaptic will tell you what the results of the actions will be, and you will be presented with the image in the following screenshot:

After we apply to commit the complete removal of the netcat-openbsd package, the package manager will execute the requested actions and, when completed, shows you the feedback as displayed in the following screenshot:

Now we will simply install the netcat-traditional package using the same technique. If you want to install from the command line, simply type sudo apt-get install netcat-traditional, and hit Enter. The following screenshot demonstrates marking the netcat-traditional package for installation with the right mouse button:

In the next screenshot, I demonstrate what you should see when you apply the installation.

Finally, the following screenshot shows the result of the operation:

Step 4 – verifying program operation

Once this is completed, you can verify the success of compilation and installation by typing the nc –h command in the command prompt. If your screen looks similar to the following screenshot, you have successfully installed the utility. Feel free to stick around while we install the GNU Netcat utility, or skip ahead to the next section.

For Linux/Unix installations (GNU Netcat Installation)

Keep in mind that the Hobbit/Unix version of Netcat is not centrally supported or maintained. Therefore, you may want to learn and begin keeping up with the currently supported and maintained versions from the GNU Netcat project.

Step 2 – downloading GNU Netcat from the Internet

Finding the GNU Netcat is very simple, as its source is being maintained on the SourceForge web-based source code repository. To download GNU Netcat, navigate to http://netcat.sourceforge.net as shown in the next screenshot, and select the download link as displayed in the upper-right corner of The GNU Netcat project page:

When selecting the download link, you will be presented with a page that looks similar to the following screenshot, allowing you to select both the RPM and compressed archive files:

Simply select the desired distribution and you are off to the races. Unlike the Unix Netcat implementation, the GNU Netcat distributions provide the MD5 hashes for you directly on the site, so please verify your download before installing to make sure there are no errors and no tinkering has been done to the files.

Now, for the sake of consistency, we downloaded the package using our trusted web browser. However, just to change things up a bit, we will use a different means for compiling and installing GNU Netcat using our trusted Command Line Interface (CLI). If you have never compiled and installed a package from a source, don't worry. We will be getting dirt under our fingernails, but it will be a good experience. So let's do it!

Step 3 – compiling and installing GNU Netcat

From your Linux machine, either use the wget command or simply browse to the GNU Netcat download URL. In the command line, type the following command:

wget http://sourceforge.net/projects/netcat/files/netcat/0.7.1/netcat-0.7.1.tar.gz

Once the archive is downloaded, navigate to the directory, and type in the following commands, as shown in the next screenshot:

tar –xzf netcat-0.7.1.tar.gz
cd Netcat-0.7.1
./configure

After the system does its thing (several lines of text will fly by), you will return to the shell prompt. As shown in the next screenshot, type the following command:

make

Finally, type the following command to install the compiled binaries, as shown in the next screenshot:

sudo make install

Step 4 – verifying program operation

If all went well, you should be able to type in nc –h at a shell prompt and see the results of your efforts in the next screenshot. That wasn't so bad now, was it?

Nmap Project's Ncat (All distributions)

The Nmap Project integrates Ncat with their Nmap application, so installing Ncat is as simple as installing Nmap. For our purposes, the specific installation instructions for Nmap are outside of the scope of this book; however, you can find the download page for Nmap and Ncat at http://www.nmap.org/download.html.

Just so you can see the similarities between the Unix and GNU Netcat utilities, the screenshot that follows shows the first page of options. In this screenshot, I am using my personal favorite, Linux distribution, BackTrack, which can be found at http://www.backtrack-linux.org. Important to note that while the other versions of Netcat are launched using the nc executable, the Nmap Project's utility is launched from the command ncat.

And that's it

By this point, you should have at least one working installation of Netcat and are free to play around and discover more about it. If we did not cover your specific operating system or Linux distribution, please refer to your distribution's man pages. However, we will continue under the assumption that when we flip over to the next section, we will be looking at roughly the same things. So, are we ready to actually get underneath the hood?

You have been reading a chapter from
Instant Netcat Starter
Published in: Jan 2013
Publisher: Packt
ISBN-13: 9781849519960
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image