linux의 nc or netcat 명령어(CLI)는 임의의 TCP 또는 UDP 연결 및 리스닝하는 명령어 입니다.

기본 사용법

# TCP Listening
$> nc -l 9999

# UDP Listening
$> nc -l -u 9999 

# Client 연결
$> nc 9999

# Port 스캔
$> nc -v -n 1-100 22 (ssh) open

# 데이터 쓰기
$> echo "Test" | nc 9999

# 연결을 통해서 사용중인 프로그램의 버전을 찾을 수도 있습니다.
$> echo "Test" | nc 22
Invalid SSH identification string.

help nc

nc 옵션은 하이픈 하나(-)로 시작하는 short 형식과 하이픈 두개(–)로 시작하는 long 형식의 옵션이 있습니다.

$> nc --help
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere:  nc [options] hostname port [port] ...
listen for inbound:    nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere:   nc -L hostname:port -p port [options]

Mandatory arguments to long options are mandatory for short options too.
  -c, --close                close connection on EOF from stdin
  -e, --exec=PROGRAM         program to exec after connect
  -g, --gateway=LIST         source-routing hop point[s], up to 8
  -G, --pointer=NUM          source-routing pointer: 4, 8, 12, ...
  -h, --help                 display this help and exit
  -i, --interval=SECS        delay interval for lines sent, ports scanned
  -l, --listen               listen mode, for inbound connects
  -L, --tunnel=ADDRESS:PORT  forward local port to remote address
  -n, --dont-resolve         numeric-only IP addresses, no DNS
  -o, --output=FILE          output hexdump traffic to FILE (implies -x)
  -p, --local-port=NUM       local port number
  -r, --randomize            randomize local and remote ports
  -s, --source=ADDRESS       local source address (ip or hostname)
  -t, --tcp                  TCP mode (default)
  -T, --telnet               answer using TELNET negotiation
  -u, --udp                  UDP mode
  -v, --verbose              verbose (use twice to be more verbose)
  -V, --version              output version information and exit
  -x, --hexdump              hexdump incoming and outgoing traffic
  -w, --wait=SECS            timeout for connects and final net reads
  -z, --zero                 zero-I/O mode (used for scanning)

Remote port number can also be specified as range.  Example: '1-1024'


$> tldr nc


  Netcat is a versatile utility for redirecting IO into a network stream.
  More information:

  - Start a listener on the specified TCP port and send a file into it:
    nc -l -p port < filename

  - Connect to a target listener on the specified port and receive a file from it:
    nc host port > received_filename

  - Scan the open TCP ports of a specified host:
    nc -v -z -w timeout_in_seconds host start_port-end_port

  - Start a listener on the specified TCP port and provide your local shell access to the connected party (this is dangerous and can be abused):
    nc -l -p port -e shell_executable

  - Connect to a target listener and provide your local shell access to the remote party (this is dangerous and can be abused):
    nc host port -e shell_executable

  - Act as a proxy and forward data from a local TCP port to the given remote host:
    nc -l -p local_port | nc host remote_port

  - Send an HTTP GET request:
    echo -e "GET / HTTP/1.1\nHost: host\n\n" | nc host 80