Netcat Vs Ncat—The Big Confusion!

October 4, 2018 | Views: 3093

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Netcat and Ncat are tiny but robust tools that are used for reading from and writing to network connections using the TCP or the UDP protocol. The two tools are feature-rich and can function both as clients and servers.

Transformers, who has extensive experience in penetration testing and currently teaches people his skills, says that “because of the versatility of these cyber security tools in completing network debugging and exploration tasks, either of them is often referred to as the “Swiss army knife” for ethical hacking.”

However, despite their close semblance, Netcat and Ncat are very different from each other—just like the day is different from the night; something which is often the big source of confusion in the hacking cycles.

What is Netcat?

Netcat, often abbreviated as nc, is a network analysis tool used for accomplishing various tasks. It was developed by someone called Hobbit in 1996.

Here is a description of some of the tasks that Netcat can be used for:

  • Port scanning

This involves scanning a target host for open ports. Once the ports are discovered to be open, an attacker can use them to penetrate the host or execute other dangerous types of attacks.

  • Banner grabbing

This involves using Netcat to gather useful reconnaissance information about the target host such as type of operating system and other services available on the host.

With this technique, hackers can take inventory of the systems and services running on a network, enabling them to cause extensive damages.

  • Transferring files

Rather than using FTPs or other techniques, you can use the Netcat tool to transfer files from one system to the other. To transfer files, you’ll need to set up Netcat both in connect mode and listen mode.

Example of how to use Netcat

Let’s say we want to use Netcat for port scanning, we’ll apply the following syntax:

#nc -v 192.168.0.1 80

  • nc—netcat

  • -v—verbose mode flag; provides feedback on the screen when the process is ongoing

  • 192.168.0.1—the target’s IP address

  • 80—the port number to be scanned

Here is a screenshot of how to run the command on Kali Linux:

https://lh6.googleusercontent.com/4_8dXeROxizjRN9VCLn3trJbW2b3HST88KCj5wlzFtHF65mDVK3SrILBpP8gPzVprQHy46r5WqctAWJ1BTELFgFj3NooIJUm_r6--bUH8bU2Og1cS4s8CQRJo8IRzJtcoKxrr1LsTy80Q2pUBQ

What is Ncat?

As earlier hinted, Ncat is a powerful tool that can be used for reading and writing data to network connections. Ncat was developed for the Nmap Project; it combines the best capabilities of the various Netcat variants into a single sophisticated tool.

Therefore, Ncat is a modern reinvention of Netcat. Ncat includes several features not available in Hobbit’s original version of the tool.

Even though Ncat works based on Netcat’s spirit and functionality, it is not 100% reverse-compatible with Hobbit’s version. In fact, Ncat has better features than the original Netcat.

For example, while the traditional Netcat has a simple port scanning feature, Ncat lacks that feature because Nmap can be used more effectively for that purpose.

Here are some key new features available in Ncat but absent in Netcat:

  • Connection brokering

  • Proxy connections

  • SSL support

  • IPv6 support

  • Possibility to chain Ncat’s together

Ncat comes with the standard Nmap download packages, which saves you the hassle of downloading it differently. It’s also available by default on Kali Linux.

Example of how to use Ncat

Let’s say we want to use Ncat for chatting between two hosts.

On the first terminal (listener), we’ll apply the following Ncat syntax:

#ncat -l -p 6900 > data.txt

#ncat -l -p 6900 -t

  • ncat—Ncat

  • -l—flag for binding and listening for incoming connections

  • -p—flag for specifying the source port

  • -t—flag for answering telnet negotiations

  • 6900—port number used

  • > data.txt—file containing the message to be replicated

On the second terminal, we’ll connect to the first terminal using the following syntax:

#telnet 127.0.0.1 6900

  • telnet—initiating telnet negotiations

  • 127.0.0.1—IP address of the target

After that, if we type any message on either of the terminals, it will be replicated on both sides:

Wow!

Here is a screenshot of how it works on Kali Linux:

Conclusion

The Netcat vs. Ncat confusion is common in hacking cycles discussions. However, we hope that this article has cleared the air and provided you with information about how to differentiate between Netcat and Ncat.

What’s your experience with the two network utility tools?

Please let us know in the comment section below.                                                                                                                                                                                                                                                                                 

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel