Background

Wanted to provide a couple of sample syntax on how to use netcat on a MS Windows machine.

 

Lineage

1. NetCat – Visual Studio – Source Code Compilation
   Link

Outline

1. Help
   • -h
2. Port Scanning
   • -z ( port scan )
   • -v ( verbose )
3.  Timeout
   • -w
4. Session
   • HTTP
     • google.com
       • news.google.com

Tasks

Help

Syntax

nc -h

Sample

nc -h

Output

 

 

Port Scanning

Syntax

nc -z -v [host-name] [port-number]

Sample

Sample – Microsoft SQL Server

nc -z -v localhost 1433

Output

Explanation

1. Port Scanning against localhost and Port 1433 ( for Microsoft SQL Server )
2. Result is open

Finger Print

Syntax

nc -w [time-out-for-connects] [host-name] [port-number]

Sample

nc -w 1 smtp-mail.outlook.com 587

Output

 

Session

HTTP

Outline

1. nc
   • Start netcat session by passing along hostname and port number
     • HTTP :- 80
     • HTTPS :- 433
2. command
   • command verb
     • get
   • path
     • path to document
   • protocol
     • HTTP 1.0
       • HTTP/1.0
     • HTTP 1.1
       • HTTP/1.1
3. Host Header ( If HTTP 1.1 )
   • HOSTNAME
     • Host Header Name
       • For multi homed websites, it allows the web server software to direct request to the web site that has been configured with matching HOST HEADER NAME
4. Press Enter Key a couple of times

Google

news.google.com

Syntax

Syntax – HTTP/1.0

nc fqdn port-number
GET document-path HTTP/1.0

Syntax – HTTP/1.1

nc fqdn port-number
GET document-path HTTP/1.1
HOSTNAME host-header-name

Sample

Sample – HTTP 1.0

nc news.google.com 80
GET / HTTP/1.0

Sample – HTTP 1.1

nc news.google.com 80
GET / HTTP/1.1
HOSTNAME NEWS.GOOGLE.COM

Output

Output – HTTP 1.0

Output – HTTP 1.1