Netcat Tips and Tricks

netcat is a really great tool installed on almost all UNIX based systems, even on most windows systems. Here you'll find some examples of what you can do with this great tool.

On UNIX based systems, the tool is usually called netcat, but on some systems it also may be called nc. On Windows, you'll find the nc.exe binary in C:\WINDOWS\system32.

Remember, on UNIX based systems you have to be root in order to listen on sockets with a port number less that 1024.

Spoofing a HTTP Request

Find out which headers your browser would normally send to a web site by pointing your browser to http://localhost:3333 after having set up the listener:

netcat -lp 3333

After that, establish a connection to the website you want to send the spoofed headers to and paste the modified headers:

netcat 80

Note that a HTTP request is finished by and empty line, meaning two newlines.


You can do some very basic chatting with netcat. To do this, User A has to set up a netcat listener:

netcat -vlp 3333

User B can then connect to this server with the following command, where IP is AA's IP;

netcat IP 3333

As soon as user B has connected A will get a notice and they can start chatting.

Transferring a File

On the destination side a listener which writes anything he receives to a file has to be set up:

netcat -lp 3333 > file

The sender issues the following command, where file is the file he wants to send and IP is the destination IP.

cat file | netcat -w 1 IP 3333

Getting System Information

netcat can also be used to obtain information about a system. The system which is to be monitored just sets up a listener which, whenever another program connects, sends the output of uptime. As soon as netcat terminates (that is, when a connection has been terminated) it'll be restarted:

while `netcat -lp 3333 -e /usr/bin/uptime`;do;done

The user who wants to obtain system information has to issue the following command:

netcat IP 3333

Setting up a (very minimal) webserver

You can set up netcat to act as a very basic webserver which can just serve one file:

while `netcat -lp 8080 -c 'echo HTTP/1.0 200 OK';echo;cat file`;do;done

Doing Local Port Forwards

This command would forward every request on port 8080 to port 80:

while `netcat -lp 8080 -c 'netcat localhost 80'`;do;done

Article written by AUTHOR_NAME