一、命令简介

  nc是netcat的简写,是一个功能强大的网络工具,有着网络界的瑞士军刀美誉。nc命令在linux系统中实际命令是ncat,nc是软连接到ncat。nc命令的主要作用如下:

  • 实现任意TCP/UDP端口的侦听,nc可以作为server以TCP或UDP方式侦听指定端口
  • 端口的扫描,nc可以作为client发起TCP或UDP连接
  • 机器之间传输文件
  • 机器之间网络测速

  nc如果找不到nc命令可以使用yum install -y nc安装,其中centos6系统安装的是nc-1.84-24.el6.x86_64,centos7安装的是nmap-ncat-6.40-19.el7.x86_64。

二、使用示例

1、验证服务器端口是否通

如下验证172.16.10.51服务器的22端口通,23端口不通。

nc -zv 172.16.10.51 22

ios nc命令 nc是什么命令_sed

 

 

2、拷贝文件

  • 首先在文件接收终端kvmbackup机器上激活nc监听


  • 然后在文件发送终端test1机器上发送文件

    • ios nc命令 nc是什么命令_UDP_02

  • 在test2上检查文件是否已成功接收

    • ios nc命令 nc是什么命令_TCP_03

3、终端之间通信聊天

  • test1主机上启动nc监听,ctrl+C中断通信。

    • ios nc命令 nc是什么命令_UDP_04

  • test2上连接监听,ctrl+C中断通信。

    • ios nc命令 nc是什么命令_sed_05

4、端口扫描

端口扫描,通的端口返回succeeded,不通的端口返回refused。此扫描基于nc-1.84-24.el6.x86_64。

[root@test1 /]# nc -v -w 1 172.16.7.78 -z 22-81
 Connection to 172.16.7.78 22 port [tcp/ssh] succeeded!
 nc: connect to 172.16.7.78 port 23 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 24 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 25 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 26 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 27 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 28 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 29 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 30 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 31 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 32 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 33 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 34 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 35 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 36 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 37 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 38 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 39 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 40 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 41 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 42 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 43 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 44 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 45 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 46 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 47 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 48 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 49 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 50 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 51 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 52 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 53 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 54 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 55 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 56 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 57 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 58 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 59 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 60 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 61 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 62 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 63 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 64 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 65 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 66 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 67 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 68 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 69 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 70 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 71 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 72 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 73 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 74 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 75 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 76 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 77 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 78 (tcp) failed: Connection refused
 nc: connect to 172.16.7.78 port 79 (tcp) failed: Connection refused
 Connection to 172.16.7.78 80 port [tcp/http] succeeded!
 nc: connect to 172.16.7.78 port 81 (tcp) failed: Connection refused

5、验证UDP端口

[root@test1 ~]# nc -uvz 192.168.0.125 111
 Ncat: Version 7.50 ( https://nmap.org/ncat )
 Ncat: Connected to 192.168.0.125:111.
 Ncat: UDP packet sent successfully
 Ncat: 1 bytes sent, 0 bytes received in 2.04 seconds.

6、测速网速

测速网速需要结合dstat命令查看。

  • 安装dstat命令
[root@test1 ~]# yum install -y dstat
 [root@test2 ~]# yum install -y dstat
  • test1主机上监听端口
[root@test1 ~]# nc -l 33333 >/dev/null
  • test2主机上发送数据,全0数据
[root@test2 ~]# nc 192.168.0.124 33333 </dev/zero
  • 查看流量
[root@test1 ~]# dstat
 [root@test2 ~]# dstat

ios nc命令 nc是什么命令_sed_06


ios nc命令 nc是什么命令_ios nc命令_07

三、使用语法及参数说明

1、使用语法

用法:ncat [options] [hostname] [port]

2、参数说明

参数

参数说明

-4

Use IPv4 only

-6

Use IPv6 only

-U, --unixsock

仅使用Unix域套接字

-C, --crlf

将crlf用于EOL序列

-c, --sh-exec <command>

通过/bin/sh执行给定的命令

-e, --exec <command>

执行给定的命令

–lua-exec <filename>

执行给定的lua脚本

-g hop1[,hop2,…]

松散源路由跃点(最多8个)

-G <n>

松散源路由跃点指针(4,8,12,…)

-m, --max-conns <n>

最大同时连接数

-h, --help

帮助显示此帮助屏幕

-d, --delay <time>

读/写之间的延迟

-o, --output <filename>

将会话数据转储到文件

-x, --hex-dump <filename>

将会话数据作为十六进制转储到文件

-i, --idle-timeout <time>

空闲读/写超时

-p, --source-port port

指定要使用的源端口

-s, --source addr

指定要使用的源地址(不影响-l)

-l, --listen

绑定并侦听传入连接

-k, --keep-open

在侦听模式下接受多个连接

-n, --nodns

不通过DNS解析主机名

-t, --telnet

应答telnet协商

-u, --udp

使用udp而不是默认TCP

–sctp

使用sctp而不是默认的TCP

-v, --verbose

设置详细级别(可以多次使用)

-w, --wait <time>

连接超时时间,单位秒

-z

仅报告连接状态

–append-output

追加而不是重击指定的输出文件

–send-only

忽略接收;退出EOF

–recv-only

从不发送任何东西

–allow

给定主机连接到Ncat

–allowfile

允许连接到Ncat的主机的文件

–deny

给定主机连接到Ncat

–denyfile

拒绝连接到Ncat的主机文件

–broker

启用Ncat的连接代理模式

–chat

开始一个简单的Ncat聊天服务器

–proxy <addr[:port]>

指定要通过代理的主机地址

–proxy-type <type>

指定代理类型(“http”或“socks4”或“socks5”)

–proxy-auth <auth>

通过HTTP或SOCKS代理服务器进行身份验证

–ssl

使用ssl连接或侦听

–ssl-cert

指定用于侦听的ssl证书文件(PEM)

–ssl-key

指定用于侦听的ssl私钥(PEM)

–ssl-verify

证书的信任和域名

–ssl-trustfile

包含可信ssl证书的PEM文件

–ssl-ciphers

Cipherlist包含要使用的ssl密码

–version

查看命令版本