Introduction

Netcat is a versatile networking utility that can be used for a wide range of tasks. It has often been referred to as the “network swiss-army knife”. Netcat was first released in the mid-90s, and I personally find it ironic to be blogging about it in 2023! But I feel like it is a somewhat cryptic tool, and new engineers or college graduates may not be familiar. This article is meant for those people who are not familiar with it, or have only briefly been exposed.

Netcat is a simple utility that reads and writes data across raw TCP/UDP sockets. Netcat is a command-line tool available out of the box on most *nix operating systems and can also be installed on Windows. It’s a powerful tool for debugging and investigating networks. It can even be used for tasks like port scanning, transferring files, chatting with friends on a network, and even creating backdoors (for testing purposes, obviously :) ).

Understanding UDP

Before we dive into exploring UDP connections with netcat, let’s quickly get a refresher on UDP. UDP is a connectionless transport layer protocol that does not provide the same reliability, flow-control, and error-checking mechanisms as TCP. Unlike TCP, UDP also does not establish a persistent connection between the sender and receiver. Instead, it sends data packets, known as datagrams, individually using a ‘fire and forget’ method. UDP is often used for applications where real-time communication and low overhead are crucial, such as streaming media, gaming, DNS (though, certain functions of DNS may also use TCP), and IoT devices.

Understanding TCP

It’s also crucial to have a fundamental knowledge of the TCP protocol. TCP is one of the main protocols in the Internet protocol suite, laying the foundation for the majority of data exchange over the Internet. Unlike its counterpart, UDP (User Datagram Protocol), TCP is connection-oriented, meaning a connection is established and maintained until the application programs at each end have finished exchanging messages. This ensures reliable, ordered, and error-checked delivery of a stream of data between applications running on hosts communicating over an IP network. Key features of TCP include its ability to manage data packet size, data transfer rate, and network traffic congestion, making it ideal for applications where data integrity and accuracy are crucial, such as web browsing, email, and file transfer. Understanding TCP is essential for effectively utilizing tools like Netcat, as it provides the basis for establishing stable and secure connections across a network.

Creating a Simple Client/Server

The following will create a simple UDP server and client.

1. Launch a shell and type the following command. This will tell netcat to listen (-l) on UDP (-u) port (-p) 5555.

nc -l -u -p 5555

2. Launch another shell and type the following. This will connect to the server we created above.

nc -u 127.0.0.1 5555

3. You can now send messages to the server, like so:

Client:

$ nc -u 127.0.0.1 5555
hello

Server:

$ nc -l -u -p 5555
hello

You can do the same thing with TCP, just leave out the -u in each command above.

Transfer a File

On the receiving end:

nc -l -p 5555 > outputfile

On the sending end:

nc [hostname or IP address of server] 5555 < inputfile

Port Scanning:

netcat -v -z -n -w 1 v.txvip1 1-1023

Serve a web page:

If you have an html file, you can create a simple web server for it. Here we tell netcat to listen on port 8080 and redirect the contents of index.html to any ’thing’ that connects:

nc -l -p 8080 < index.html

Note: In the examples above, I always use port 5555. You can technically use just about any port you want. However, attempting to use any port below 1024 will require root privileges. The port you choose cannot be in use by another process.

Other Practical Examples

Let’s explore a few more practical examples to illustrate the usefulness of netcat’s UDP capabilities. I will leave the actual implementation as an exercise for you to try.

Example 1: Testing a TCP/UDP Server

Suppose you are developing a UDP server application, and you want to test its functionality. You can use netcat to send TCP/UDP packets to your server and observe its response. By monitoring the server’s behavior, you can ensure that it correctly handles incoming UDP traffic.

Example 2: Interacting with Networked Devices

Netcat can be handy when interacting with networked devices, such as routers, IoT devices, or even network-enabled printers. By establishing a TCP/UDP connection, you can send commands, queries, or configuration data to these devices, enabling you to troubleshoot or configure them remotely.

Example 3. Banner Grabbing

This is a technique used in network security to gather information about a remote server, including the type and version of the operating system and applications running. The basic concept is that you connect to a network service and see what kind of ‘banner’ (if any) it returns in the output. When I was starting out in the IT world, this was a common thing to do to enumerate devices and services on a network. Though, I would like to believe this is no longer as much of a concern, given the simplicity of preventing this type of information discovery attack.

Conclusion

Netcat’s ability to handle UDP connections makes it an invaluable tool for various network-related tasks. Whether you are testing a UDP server, interacting with networked devices, or exploring your network’s services, netcat provides a convenient and straightforward approach.

In this blog post, we walked through the process of creating a UDP connection using netcat, discussed the fundamentals of UDP, and explored practical examples where netcat can prove useful. By mastering netcat’s capabilities, you can enhance your network troubleshooting and debugging skills, and gain a deeper understanding of UDP communication.

You can read more about netcat in the man pages:

man nc

The OpenBSD repository contains the original source written by Hobbit decades ago: netcat.c