Netcat and Ncat are tiny but robust tools that are used for reading from and writing to network connections using the TCP or the UDP protocol. The two tools are feature-rich and can function both as clients and servers.

Transformers, who has extensive experience in penetration testing and currently teaches people his skills, says that “because of the versatility of these cyber security tools in completing network debugging and exploration tasks, either of them is often referred to as the “Swiss army knife” for ethical hacking.”

However, despite their close semblance, Netcat and Ncat are very different from each other—just like the day is different from the night; something which is often the big source of confusion in the hacking cycles.

What is Netcat?

Netcat, often abbreviated as nc, is a network analysis tool used for accomplishing various tasks. It was developed by someone called Hobbit in 1996.

Here is a description of some of the tasks that Netcat can be used for:

  • Port scanning

This involves scanning a target host for open ports. Once the ports are discovered to be open, an attacker can use them to penetrate the host or execute other dangerous types of attacks.

  • Banner grabbing

This involves using Netcat to gather useful reconnaissance information about the target host such as type of operating system and other services available on the host.

With this technique, hackers can take inventory of the systems and services running on a network, enabling them to cause extensive damages.

  • Transferring files

Rather than using FTPs or other techniques, you can use the Netcat tool to transfer files from one system to the other. To transfer files, you’ll need to set up Netcat both in connect mode and listen mode.

Example of how to use Netcat

Let’s say we want to use Netcat for port scanning, we’ll apply the following syntax:

#nc -v 192.168.0.1 80

  • nc—netcat
  • -v—verbose mode flag; provides feedback on the screen when the process is ongoing
  • 192.168.0.1—the target’s IP address
  • 80—the port number to be scanned

Here is a screenshot of how to run the command on Kali Linux:

https://lh6.googleusercontent.com/4_8dXeROxizjRN9VCLn3trJbW2b3HST88KCj5wlzFtHF65mDVK3SrILBpP8gPzVprQHy46r5WqctAWJ1BTELFgFj3NooIJUm_r6--bUH8bU2Og1cS4s8CQRJo8IRzJtcoKxrr1LsTy80Q2pUBQ

What is Ncat?

As earlier hinted, Ncat is a powerful tool that can be used for reading and writing data to network connections. Ncat was developed for the Nmap Project; it combines the best capabilities of the various Netcat variants into a single sophisticated tool.

Therefore, Ncat is a modern reinvention of Netcat. Ncat includes several features not available in Hobbit’s original version of the tool.

Even though Ncat works based on Netcat’s spirit and functionality, it is not 100% reverse-compatible with Hobbit’s version. In fact, Ncat has better features than the original Netcat.

For example, while the traditional Netcat has a simple port scanning feature, Ncat lacks that feature because Nmap can be used more effectively for that purpose.

Here are some key new features available in Ncat but absent in Netcat:

  • Connection brokering
  • Proxy connections
  • SSL support
  • IPv6 support
  • Possibility to chain Ncat’s together

Ncat comes with the standard Nmap download packages, which saves you the hassle of downloading it differently. It’s also available by default on Kali Linux.

Example of how to use Ncat

Let’s say we want to use Ncat for chatting between two hosts.

On the first terminal (listener), we’ll apply the following Ncat syntax:

#ncat -l -p 6900 > data.txt

#ncat -l -p 6900 -t

  • ncat—Ncat
  • -l—flag for binding and listening for incoming connections
  • -p—flag for specifying the source port
  • -t—flag for answering telnet negotiations
  • 6900—port number used
  • > data.txt—file containing the message to be replicated

On the second terminal, we’ll connect to the first terminal using the following syntax:

#telnet 127.0.0.1 6900

  • telnet—initiating telnet negotiations
  • 127.0.0.1—IP address of the target

After that, if we type any message on either of the terminals, it will be replicated on both sides:

Wow!

Here is a screenshot of how it works on Kali Linux:

Conclusion

The Netcat vs. Ncat confusion is common in hacking cycles discussions. However, we hope that this article has cleared the air and provided you with information about how to differentiate between Netcat and Ncat.

What’s your experience with the two network utility tools?

Please let us know in the comment section below.

Start learning with Cybrary

Create a free account

Related Posts

All Blogs