netcat是网络工具中的瑞士军刀,它能通过TCP和UDP在网络中读写数据。通过与其他工具结合和重定向,你可以在脚本中以多种方式使用它。使用netcat命令所能完成的事情令人惊讶。
netcat所做的就是在两台电脑之间建立链接并返回两个数据流,在这之后所能做的事就看你的想像力了。你能建立一个服务器,传输文件,与朋友聊天,传输流媒体或者用它作为其它协议的独立客户端。
1、下载netcat二进制安装包
[root@VM_0_14_centos ~]# wget https://sourceforge.net/projects/netcat/files/netcat/0.7.1/netcat-0.7.1.tar.gz
2、解压缩文件
[root@VM_0_14_centos ~]# tar -zxf netcat-0.7.1.tar.gz
[root@VM_0_14_centos ~]# ls
index.html mysql netcat-0.7.1 netcat-0.7.1.tar.gz
3、进入解压目录进行编译
[root@VM_0_14_centos ~]# cd netcat-0.7.1/
[root@VM_0_14_centos netcat-0.7.1]# ./configure
[root@VM_0_14_centos netcat-0.7.1]# make && make install
4、添加环境变量
[root@VM_0_14_centos netcat-0.7.1]# vim /etc/profile
export NETCAT_HOME=/root/netcat-0.7.1
export PATH=$PATH:$NETCAT_HOME/bin
[root@VM_0_14_centos netcat-0.7.1]# source /etc/profile
5、查看nc的帮助
[root@VM_0_14_centos netcat-0.7.1]# nc --help
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere: nc [options] hostname port [port] ...
listen for inbound: nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere: nc -L hostname:port -p port [options]
Mandatory arguments to long options are mandatory for short options too.
Options:
-c, --close close connection on EOF from stdin
-e, --exec=PROGRAM program to exec after connect
-g, --gateway=LIST source-routing hop point[s], up to 8
-G, --pointer=NUM source-routing pointer: 4, 8, 12, ...
-h, --help display this help and exit
-i, --interval=SECS delay interval for lines sent, ports scanned
-l, --listen listen mode, for inbound connects
-L, --tunnel=ADDRESS:PORT forward local port to remote address
-n, --dont-resolve numeric-only IP addresses, no DNS
-o, --output=FILE output hexdump traffic to FILE (implies -x)
-p, --local-port=NUM local port number
-r, --randomize randomize local and remote ports
-s, --source=ADDRESS local source address (ip or hostname)
-t, --tcp TCP mode (default)
-T, --telnet answer using TELNET negotiation
-u, --udp UDP mode
-v, --verbose verbose (use twice to be more verbose)
-V, --version output version information and exit
-x, --hexdump hexdump incoming and outgoing traffic
-w, --wait=SECS timeout for connects and final net reads
-z, --zero zero-I/O mode (used for scanning)
Remote port number can also be specified as range. Example: '1-1024'
6、使用nc命令进行端口扫描
[root@VM_0_14_centos netcat-0.7.1]# nc -v -z -w2 127.0.0.1 22
VM_0_14_centos [127.0.0.1] 22 (ssh) open