{"id":1562,"date":"2022-11-08T10:40:09","date_gmt":"2022-11-08T02:40:09","guid":{"rendered":"https:\/\/markjohntaylor.com\/blog\/wordpress\/?p=1562"},"modified":"2022-11-08T21:47:14","modified_gmt":"2022-11-08T13:47:14","slug":"awesome-netcat","status":"publish","type":"post","link":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/2022\/11\/08\/awesome-netcat\/","title":{"rendered":"Awesome Netcat"},"content":{"rendered":"\n<p>We can <a href=\"https:\/\/en.wikipedia.org\/wiki\/Netcat#Making_any_process_a_server\">turn any process into a server<\/a> in an incredibly simple manner using the powerful networking utility <code>netcat<\/code>. For example, we can make a shell a server:<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"\" data-enlighter-highlight=\"3\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">(a computer with ip address 192.168.1.2)\n$ mkfifo fifo  # create a named pipe\n$ cat fifo | sh -i 2>&amp;1 | nc -l 1234 > fifo  # server\n\n(on another window)\n$ nc localhost 1234  # client\n\n(or if you're on the same netwok from another computer)\n$ nc 192.168.1.2 1234  # client<\/pre>\n\n\n\n<p>Now let&#8217;s try to understand the above-highlighted line. Noting that a pipeline runs in parallel, <code>cat fifo<\/code> therefore outputs the content of <code>fifo<\/code> only when <code>nc -l 1234<\/code>  writes its output to the pipe <code>fifo<\/code>. <\/p>\n\n\n\n<p>We know that when the client connects to the server via <code>netcat<\/code>, if the client types in anything, it will be output to the server; and vice versa. Hence, <code>nc localhost 1234<\/code>&#8216;s input becomes <code>nc -l 1234<\/code>&#8216;s output, and <code>nc -l 1234<\/code>&#8216;s input becomes <code>nc localhost 1234<\/code>&#8216;s output.<\/p>\n\n\n\n<p>When the client types in something, say, the command <code>ls<\/code>,  it also appears in the output of the server, which then is redirected to the pipe <code>fifo<\/code>, which in turn goes to <code>cat fifo<\/code> (read end comes the data). Then the output of <code>cat fifo<\/code> (&#8220;ls&#8221;) is redirected to as the input of <code>sh -i 2>&amp;1<\/code>, which executes the command <code>ls<\/code> and sends the results to the server <code>nc -l 1234<\/code> as its input, which finally as output appears in the client <code>nc localhost 1234<\/code>.<\/p>\n\n\n\n<p>Isn&#8217;t it beautiful? Just setting a few pipes and redirections we can turn a process into a server. Pipes are really one of the greatest UNIX inventions. They make many incredible things possible.<\/p>\n\n\n\n<p>See also <a href=\"https:\/\/en.wikipedia.org\/wiki\/Netcat#Proxying\">using <code>netcat<\/code> as a proxy<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>We can turn any process into a server in an incredibly simple manner using the powerful networking utility netcat. For example, we can make a shell a server: Now let&#8217;s try to understand the above-highlighted line. Noting that a pipeline runs in parallel, cat fifo therefore outputs the content of fifo only when nc -l &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/2022\/11\/08\/awesome-netcat\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Awesome Netcat&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[],"_links":{"self":[{"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/1562"}],"collection":[{"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/comments?post=1562"}],"version-history":[{"count":26,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/1562\/revisions"}],"predecessor-version":[{"id":1591,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/posts\/1562\/revisions\/1591"}],"wp:attachment":[{"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/media?parent=1562"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/categories?post=1562"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/markjohntaylor.com\/blog\/wordpress\/index.php\/wp-json\/wp\/v2\/tags?post=1562"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}