Nmap Development mailing list archives
Ncat
From: Chris Gibson <chris () linuxops net>
Date: Tue, 12 Jul 2005 11:46:58 +0100
Nmap-hackers, As mentioned earlier, Google are sponsoring University students over summer to work with mentoring organisations, in my case, Nmap! My name is Chris Gibson. I am a 2nd year Computer Science student at the University of Manchester, UK. It is my job over summer (and for continued development in the future.) to bring you a new re-interpretation of Netcat, a piece of software originally written by Hobbit in ~1995 for shuffling network data around over the command-line. I will also be developing a compact packet crafter that will be something similar to hping2. Some of the new Ncat features are to include: * Enhanced Security with SSL support, password-protected encrypted channels, incoming IP address restrictions. * Support for IPv6. * Connection forwarding, Connection Redirection. * HTTP proxy and SOCKS proxy (chained) client support. * Connection brokering. This will allow a proxied communication between hosts that are each behind a NAT and thus can't connect directly. * ASCII and Hex session dumps for various logging and replay functionality. I've appended a copy of the initial documentation for Ncat, which is basically the initial formation of the man page. I would be extremely greatful for any constructive criticism, ideas about the interface, features or basically anything anyone can think of that would make Ncat better. The manpage is still relatively rough and arguments and general usage, options, etc are still open to interpretation. I am also aware that the list of switches does not go in alphabetical order. I'm in the process of fixing this issue :) Thanks, Chris. Ncat(1) Ncat(1) NAME Ncat - The Netcat Swiss Army Knife. USAGE Connect to `foobar' on port `8080' ncat foobar 8080 Listen for connections on port `8080' ncat -l 8080 Redirect TCP `8080' on the local machine to host `foobar' on port 80. ncat -l 8080 --exec "ncat foobar 80" Bind to port `8081' and attach /bin/bash for all to access freely. ncat --exec /bin/bash -l 8081 Bind a shell to port `8081', restrict access based on IP address, encrypt the connection and require a passphrase to connect: ncat --exec /bin/bash --allow 192.168.0.0/24 --secure -l 8081 Proxy incoming connections on port `8081' through proxy- host.com on port 1080 to otherhost.net on port `9899' using the user `foobar' ncat -l 8081 --exec "ncat --socks-proxy proxy- host.com:1080,otherhost.net:9899 --socks-user foobar" Send a file over port `9899', which is encrypted & requires a passphrase to connect. Ncat is set to shutdown after the connection goes idle for longer than 8000ms. HOST1$ ncat --secured -l 9899 > fat_file HOST2$ ncat --send-only --secured --idle-ms 8000 foobar 9899 < mylargefile OPTIONS -6 Force the use of IPv6 only. -e, --exec [command] Execute the specified command after a con- nection has been established. All input from the remote client will be sent to the application and responses sent back to the remote client over the socket. Thus, effectively instantly making your applica- tion interactive over a socket. Ncat will handle multiple simultaneous connections to your specified port/application rather like inetd does. Ncat will only accept a maximum (definable) number of simultaneous connec- tions. By default this is set to 100. -h, --help Display help for Ncat and exit. This is a short set of parameters and some simple examples of Ncat's uses. -i, --idle-ms [TIME] Set the delay interval for lines sent. Passing this command limits the number of lines that Ncat will send in the specified period. This is specified in milliseconds for maximum flexibility. This may be useful for low bandwidth sites, or have other uses such as annoying iptables --limit options? Minimum fixed value of 500ms. -n, --no-dns Disable reverse lookup queries for any con- nections done by Ncat. This applies to incoming and outgoing connections. -l, --listen [PORT] Set the port number to listen on. This operation will cause Ncat to bind to the port specified in the argument. -o, --output [FILE] ASCII text dump with timestamps of protocol chatter from your session. -x, --hex-dump [FILE] Hexdump of the session. (I think?) This can be used by other applications to 'replay' the session. -t, --idle-timeout [TIME] Set a fixed timeout for idle connections. If the idle timeout is reached, the connec- tion is terminated & Ncat shutsdown. The time is taken in seconds. One potential use for this is demonstrated in the "USAGE" section of this file. -r, --recv-only If this option is passed, Ncat will only receive data and will not try to send any- thing. -a, --address [HOST] Set the address for Ncat to bind to locally. -s, --secure Set Ncat into secure mode. When connecting to another Ncat process, you will be prompted to enter a passphrase (fiddle termios settings to disabled echo) that Ncat will use to authenticate you into an encrypted connection with the other secured Ncat process. --secure also works with lis- ten mode, where you will be prompted for a one-time password, which is then required of any client before connecting. --send-only If this option is passed, then Ncat will only send data and will ignore anything received. --socks-server Used in conjunction with the --listen option to cause Ncat to spawn a SOCKS server on the port specified by --listen. --socks-proxy [SOCKS-PROXY-HOST]:[SOCKS-PROXY- PORT],[HOST]:[PORT] This option makes Ncat proxy through a SOCKS4 host (SOCKS-PROXY-HOST) running on the specified port (SOCKS-PROXY-PORT) and uses your login name as the default user- name for SOCKS connection. --socks-user [NAME] Set the SOCKS4 username you wish to supply during a --socks-proxy based connection. Without this option the default will be to supply your login username during the SOCKS4 connection. --ssl Use in conjunction with your normal socket operations (either --listen or --connect) to cause Ncat to either connect using SSL or to listen on a port as an SSL server. --broker <[PORT],[PORT],[PORT],...> Not sure how this is going to work yet. So this space is intentionally left blank: --ssl-cert [FILE] Specifies the SSL certificate to use. --deny <[HOST],[HOST],[HOST],...> Issue Ncat with a list of hosts that will not be allowed to connect to the listening Ncat process. Hosts in this range will have their connection silently dropped if they try to connect. --denyfile [FILE] This is the same functionality as the --deny option, except that excluded hosts are provided in a new-line delimited deny file, rather than directly on the command line. --allow <[HOST],[HOST],[HOST],...> The list of hosts specified will be the only hosts allowed to connect to the Ncat process. All other connection attempts will be silently dropped. --allowfile <[HOST],[HOST],[HOST],...> This has the same functionality as the --allow option, except that the allowed hosts are provided in a new-line delimited allow file, rather than directly on the command line. -u, --udp Use UDP for the connection. (Default is TCP.) -v, --verbose Ncat will be verbose and display all kinds of connection based information. If you issue this twice (-vv) then you will get all the code debugging information. Three times (-vvv) and you get the connection information AND the code debugging informa- tion. --version This displays the Ncat version, release information and any additional build infor- mation and then exits. BUGS If you find any bugs or have patches you would like to submit to the Ncat project then email them to Chris Gibson <chris () linuxops net> AUTHORS Chris Gibson <chris () linuxops net> Ncat(1) ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev