
A Unix Utility You Should Know About: Netcat - twampss
http://www.catonmat.net/blog/unix-utilities-netcat/
======
pwk
Sometimes handy for me: if you have information that you've sent in an HTTP
POST, and you need to recover it for whatever reason, there's often no easy
way to get at it from the browser interface. The browser will send the data
again if you reload the page, so:

1\. In a terminal, startup netcat as a listener:

    
    
      nc -l -p9999
    

2\. In your browser, configure the connection preferences to use manual proxy
settings of host "localhost" and port "9999"

3\. Hit reload on the browser, and tell it "yup, send the POST data again"

4\. Look at the output of netcat

(Don't forget to change your proxy settings back!)

~~~
there
a firefox extension like tamper data is much easier than doing all that -
<https://addons.mozilla.org/en-US/firefox/addon/966>

or just use a sniffer like wireshark and let it reconstruct the tcp stream -
<http://www.wireshark.org/>

~~~
pwk
Absolutely. I already wrote in another part of this discussion "Most of the
things one wants or needs to do on the net are most easily accomplished with
dedicated tools, so places where only netcat will serve are rare." On the
other hand, my little trick does just take a few seconds, and is probably
easier than getting ethereal (oops, wireshark) set up for someone new to it.

I do think it's still useful to be aware of and play with tools like netcat,
even when there are dedicated tools to accomplish most tasks. It's a bit like
hacking in assembly... probably not practical in many cases, but you'll learn
how stuff works underneath, and that understanding can still be really useful
even when working at a higher level of abstraction.

------
mct
My favorite nc trick of late is using it in combination with ssh_config(5)'s
"ProxyCommand" directive. "ProxyCommand" tells ssh to use the specified
command's stdin and stdout to communicate with the destination host, rather
than establishing a TCP connection itself. For example, if I can connect to
the host "bastion", and if "bastion" can connect to the host "destination",
but I cannot connect directly to "destination", I can stick the following in
my ~/.ssh/ssh_config file:

    
    
       host destination
         ProxyCommand ssh bastion nc -w 1 destination 22
    

Much cleaner, and easier to manage than tunnels.

------
shax
I'm surprised to hear that people have forgotten about Netcat!

------
kurtosis
socat is better IMHO

<http://www.dest-unreach.org/socat/>

------
jncraton
Their link to netcat for windows supposedly from security focus definitely
points to my website. I'm not actually affiliated with security focus in any
way...

<http://joncraton.org/files/nc111nt.zip>

edit: They've fixed the link to actually point to securityfocus

~~~
pkrumins
"They" is just a single person :)

~~~
Goladus
And conveniently gender-neutral as well?

------
fuzzbang
Netcat is an old and venerable Unix hacker tool. If you want to be a better
hacker the netcat README is required reading. I would also recommend reading
the source code, in particular the comments. Hobbit can be quite funny at
times.

Netcat is usually installed on linux systems these days, but it is seldom
compiled with -DGAPING_SECURITY_HOLE like it should be. Those really were the
good old days...

------
yan
nc is also great for redirecting *sqldump over the wire and importing directly
on another machine. Using "nc -l" (for listen) and pointing a browser to it
also let's you know plenty about what headers a browser is sending. (Yes, you
can get a tool made especially for that, but when you don't, it's a great two
second hack.)

------
old-gregg
Hm... Neat, but it looks like unencrypted mini-ssh to me, at least that's what
I use to quickly send files or tunnel X between machines. What did I miss?

~~~
reconbot
It's tiny, you don't need keys, it can run any any port privileged or not with
or without an install. It can take a port and pipe it to a shell, or a
program, or the file system. I guess I didn't say anything the article didn't,
I've mostly seen it as part of rootkits honestly. Good tools can be used for
anything good or bad.

------
paulgb
Another use of netcat is to stream video or audio from one computer to
another. All you need is a player that supports playing from standard input.

------
neovive
Very interesting utility. It's mini-apps like these that make Unix such a
powerful and flexible platform. I have to try it out on Ubuntu.

------
ruby_roo
Us Rubyists are used to using curl for testing our REST apps. What additional
help/insight can netcat provide when building REST apps? Or Rails apps in
general? Is there any?

~~~
tlrobinson
curl is higher level. It implements a number of protocols like HTTP. nc is
basically raw sockets. You can listen on a port with curl like you can with
nc.

~~~
tlrobinson
" _can't_ listen on a port with curl"

Sorry, waited too long to edit.

------
tlrobinson
nc is one of the first tools I install on a fresh OS.

