Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: Your favorite Ncat/nc/Netcat trick?
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 13 Feb 2009 00:09:53 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 12 Feb 2009 17:00:09 -0700
David Fifield <david () bamsoftware com> wrote:

Hello again,

I'd like to have some more examples of fun, useful, or unusual things
to do with Ncat. I have a few of them, based on my own limited
experience, at

http://nmap.org/ncat/guide/ncat-tricks.html
http://nmap.org/ncat/guide/ncat-simple-services.html

What's your favorite Ncat trick? Did it (or nc, etc.) ever get you out
of a jam? Do you have any experiences that would make good examples
for the users' guide?

Here are a few web pages that might give you ideas:
http://nc110.sourceforge.net/
http://www.softpanorama.org/Net/Netutils/netcat.shtml

My personal favorite trick is the parser-breaking DNS server I used to
test NSE in http://seclists.org/nmap-dev/2008/q4/0526.html and
http://seclists.org/nmap-dev/2009/q1/0317.html. I almost included
that, but then I thought it would require too much explanation.

David Fifield


I often use socat+netcat+perl to unwrap a SSL service and/or modify the
traffic.  For example, to turn IMAPS into IMAP, save the results, and
even mess with what is being sent via a perl script you'd do something
like:

$ mkfifo backpipe
$ while [ 1 == 1 ]; do socat OPENSSL:popmaster.ucsd.edu:993,verify=0 \
STDIO 0<backpipe | nc -l -p 143 | ./filter.pl | tee -a out 1>backpipe; done

Now, I suspect ncat could replace socat for this job.  It certainly
could replace nc.  It could also probably replace the while loop.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkmUulcACgkQqaGPzAsl94J4EACeMW25jxElbmmLyPOPsIMrr06U
0rAAn2BI6XjV3TVY5X++YcDs1RAhEHRa
=wg99
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]