一、命令簡介
Netcat的簡稱nc,是一款被譽為網絡界瑞士軍刀的強大網絡工具。實際上,Linux系統中的命令是ncat。nc命令只是一個指向ncat的軟鏈接。nc命令的主要作用如下:
實現任意TCP/UDP端口的偵聽,nc可以作為server以TCP或UDP方式偵聽指定端口端口的掃描,nc可以作為client發起TCP或UDP連接機器之間傳輸文件機器之間網絡測速
nc如果找不到nc命令可以使用yum install -y nc安裝,其中centos6系統安裝的是nc-1.84-24.el6.x86_64,centos7安裝的是nmap-ncat-6.40-19.el7.x86_64。
二、使用示例
1、驗證服務器端口是否通
如下驗證172.16.7.78服務器的80端口通,81端口不通。
2、拷貝文件
首先在文件接收終端test2機器上激活nc監聽
然后在文件發送終端test1機器上發送文件
在test2上檢查文件是否已成功接收
3、終端之間通信聊天
test1主機上啟動nc監聽,ctrl+C中斷通信。
test2上連接監聽,ctrl+C中斷通信。
4、端口掃描
端口掃描,通的端口返回succeeded,不通的端口返回refused。此掃描基于nc-1.84-24.el6.x86_64。
[root@test1 /]# nc -v -w 1 172.16.7.78 -z 22-81
Connection to 172.16.7.78 22 port [tcp/ssh] succeeded!
nc: connect to 172.16.7.78 port 23 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 24 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 25 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 26 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 27 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 28 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 29 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 30 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 31 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 32 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 33 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 34 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 35 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 36 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 37 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 38 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 39 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 40 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 41 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 42 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 43 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 44 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 45 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 46 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 47 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 48 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 49 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 50 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 51 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 52 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 53 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 54 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 55 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 56 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 57 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 58 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 59 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 60 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 61 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 62 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 63 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 64 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 65 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 66 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 67 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 68 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 69 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 70 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 71 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 72 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 73 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 74 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 75 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 76 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 77 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 78 (tcp) failed: Connection refused
nc: connect to 172.16.7.78 port 79 (tcp) failed: Connection refused
Connection to 172.16.7.78 80 port [tcp/http] succeeded!
nc: connect to 172.16.7.78 port 81 (tcp) failed: Connection refused
5、驗證UDP端口
[root@test1 ~]# nc -uvz 192.168.0.125 111
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 192.168.0.125:111.
Ncat: UDP packet sent successfully
Ncat: 1 bytes sent, 0 bytes received in 2.04 seconds.
6、測速網速
測速網速需要結合dstat命令查看。
安裝dstat命令
[root@test1 ~]# yum install -y dstat
[root@test2 ~]# yum install -y dstat
test1主機上監聽端口
[root@test1 ~]# nc -l 33333 >/dev/null
test2主機上發送數據,全0數據
[root@test2 ~]# nc 192.168.0.124 33333 </dev/zero
查看流量
[root@test1 ~]# dstat
[root@test2 ~]# dstat
三、使用語法及參數說明
1、使用語法
用法:ncat [options] [hostname] [port]
2、參數說明
| 參數 | 參數說明 |
|---|---|
| -4 | Use IPv4 only |
| -6 | Use IPv6 only |
| -U, –unixsock | 僅使用Unix域套接字 |
| -C, –crlf | 將crlf用于EOL序列 |
| -c, –sh-exec <command> | 通過/bin/sh執行給定的命令 |
| -e, –exec <command> | 執行給定的命令 |
| –lua-exec <filename> | 執行給定的lua腳本 |
| -g hop1[,hop2,…] | 松散源路由躍點(最多8個) |
| -G <n> | 松散源路由躍點指針(4,8,12,…) |
| -m, –max-conns <n> | 最大同時連接數 |
| -h, –help | 幫助顯示此幫助屏幕 |
| -d, –delay <time> | 讀/寫之間的延遲 |
| -o, –output <filename> | 將會話數據轉儲到文件 |
| -x, –hex-dump <filename> | 將會話數據作為十六進制轉儲到文件 |
| -i, –idle-timeout <time> | 空閑讀/寫超時 |
| -p, –source-port port | 指定要使用的源端口 |
| -s, –source addr | 指定要使用的源地址(不影響-l) |
| -l, –listen | 綁定并偵聽傳入連接 |
| -k, –keep-open | 在偵聽模式下接受多個連接 |
| -n, –nodns | 不通過DNS解析主機名 |
| -t, –telnet | 應答telnet協商 |
| -u, –udp | 使用udp而不是默認TCP |
| –sctp | 使用sctp而不是默認的TCP |
| -v, –verbose | 設置詳細級別(可以多次使用) |
| -w, –wait <time> | 連接超時時間,單位秒 |
| -z | 僅報告連接狀態 |
| –append-output | 追加而不是重擊指定的輸出文件 |
| –send-only | 忽略接收;退出EOF |
| –recv-only | 從不發送任何東西 |
| –allow | 給定主機連接到Ncat |
| –allowfile | 允許連接到Ncat的主機的文件 |
| –deny | 給定主機連接到Ncat |
| –denyfile | 拒絕連接到Ncat的主機文件 |
| –broker | 啟用Ncat的連接代理模式 |
| –chat | 開始一個簡單的Ncat聊天服務器 |
| –proxy <addr[:port]> | 指定要通過代理的主機地址 |
| –proxy-type <type> | 指定代理類型(“http”或“socks4”或“socks5”) |
| –proxy-auth <auth> | 通過HTTP或SOCKS代理服務器進行身份驗證 |
| –ssl | 使用ssl連接或偵聽 |
| –ssl-cert | 指定用于偵聽的ssl證書文件(PEM) |
| –ssl-key | 指定用于偵聽的ssl私鑰(PEM) |
| –ssl-verify | 證書的信任和域名 |
| –ssl-trustfile | 包含可信ssl證書的PEM文件 |
| –ssl-ciphers | Cipherlist包含要使用的ssl密碼 |
| –version | 查看命令版本 |
