04-nc命令
@
目录
1. 安装
yum install nc -y
2. 选项
2.1 帮助命令
[root@DoM01 ~]# nc -h
Ncat 7.50 ( https://nmap.org/ncat )
Usage: ncat [options] [hostname] [port]
Options taking a time assume seconds. Append 'ms' for milliseconds,
's' for seconds, 'm' for minutes, or 'h' for hours (e.g. 500ms).
-4 Use IPv4 only
-6 Use IPv6 only
-U, --unixsock Use Unix domain sockets only
-C, --crlf Use CRLF for EOL sequence
-c, --sh-exec <command> Executes the given command via /bin/sh
-e, --exec <command> Executes the given command
--lua-exec <filename> Executes the given Lua script
-g hop1[,hop2,...] Loose source routing hop points (8 max)
-G <n> Loose source routing hop pointer (4, 8, 12, ...)
-m, --max-conns <n> Maximum <n> simultaneous connections
-h, --help Display this help screen
-d, --delay <time> Wait between read/writes
-o, --output <filename> Dump session data to a file
-x, --hex-dump <filename> Dump session data as hex to a file
-i, --idle-timeout <time> Idle read/write timeout
-p, --source-port port Specify source port to use
-s, --source addr Specify source address to use (doesn't affect -l)
-l, --listen Bind and listen for incoming connections
-k, --keep-open Accept multiple connections in listen mode
-n, --nodns Do not resolve hostnames via DNS
-t, --telnet Answer Telnet negotiations
-u, --udp Use UDP instead of default TCP
--sctp Use SCTP instead of default TCP
-v, --verbose (can be used several times)
-w, --wait <time> Connect timeout
-z Zero-I/O mode, report connection status only
--append-output Append rather than clobber specified output files
--send-only Only send data, ignoring received; quit on EOF
--recv-only Only receive data, never send anything
--allow Allow only given hosts to connect to Ncat
--allowfile A file of hosts allowed to connect to Ncat
--deny Deny given hosts from connecting to Ncat
--denyfile A file of hosts denied from connecting to Ncat
--broker Enable Ncat's connection brokering mode
--chat Start a simple Ncat chat server
--proxy <addr[:port]> Specify address of host to proxy through
--proxy-type <type> Specify proxy type ("http" or "socks4" or "socks5")
--proxy-auth <auth> Authenticate with HTTP or SOCKS proxy server
--ssl Connect or listen with SSL
--ssl-cert Specify SSL certificate file (PEM) for listening
--ssl-key Specify SSL private key (PEM) for listening
--ssl-verify Verify trust and domain name of certificates
--ssl-trustfile PEM file containing trusted SSL certificates
--ssl-ciphers Cipherlist containing SSL ciphers to use
--version Display Ncat's version information and exit
2.2 常用示例
- 监听TCP端口(默认)
nc -lv 10.10.239.32 1840
说明:
-l
启动监听模式(作为服务器监听指定端口)-v
显示信息和错误
- 监听UDP端口
nc -luv 10.10.239.32 1840
说明:
-u
UDP模式
- 链接TCP端口
nc -vz 10.10.239.32 1840
- 链接UDP端口
nc -vz 10.10.239.32 1840
说明:
-z
链接不传输数据
- 接收数据重定向
nc -lv 10.10.239.32 1840 > liubei.txt
- 上传数据
nc -v 10.10.239.32 1840 < liubei.txt
3. 完整示例
3.1 示例1(端口联通检查)
- 检查本地服务器是和 10.10.239.65的80端口是否能建立TCP链接。
[root@liubei-01 ~]# nc -vz 10.10.239.65 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.10.239.65:80.
Ncat: 0 bytes sent, 0 bytes received in 0.01 seconds.
如上可见,可以联通。
- 检查本地服务器是和 10.10.239.65的80端口是否能建立UDP链接。
[root@liubei-01 ~]# nc -vuz 10.10.239.65 80
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.10.239.65:80.
Ncat: Connection refused.
如上可见,不能联通。
3.2 示例2(文件传输)
- 接收端创建监听服务
[root@liubei-01 ~]# nc -lv 10.10.239.32 1840 > liubei.txt
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Listening on 10.10.239.32:1840
服务端会在前台等待接收
- 客户端准备文件
[root@liubei-02 ~]# cat > liubei.txt << EOF
> 姓名:刘备
> 势力:西蜀
> 身份:主公
> EOF
- 客户端上传文件
[root@liubei-02 ~]# nc -v 10.10.239.32 1840 < liubei.txt
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.10.239.32:1840.
Ncat: 48 bytes sent, 0 bytes received in 0.01 seconds.
- 服务端显示
[root@liubei-02 ~]# nc -v 10.10.239.32 1840 < liubei.txt
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Connected to 10.10.239.32:1840.
Ncat: 48 bytes sent, 0 bytes received in 0.01 seconds.
传输完毕服务端会结束
- 服务端查看接收的文件
[root@liubei-01 ~]# cat liubei.txt
姓名:刘备
势力:西蜀
身份:主公
3.3 带宽测试
本例使用udp测试
- 创建server监听80端口接收upd包,接收数据传入黑洞
[root@liubei-01 ~]# nc -uvl 10.10.239.32 80 > /dev/null
Ncat: Version 7.50 ( https://nmap.org/ncat )
Ncat: Listening on 10.10.239.32:80
- 客户端推送udp包
[root@liubei-01 ~]# nc -u 10.10.239.32 80 < /dev/zero
- 监控网络流量
本例使用
iftop
工具,在客户端查看实时网速。(当然你也可以使用别的方案)
iftop -i eth0
如果没有直接yum
yum install iftop -y
监控结果显示
结果有很多条,其他数据我省略了。
1.86Gb 3.73Gb 5.59Gb 7.45Gb 9.31Gb
└────────────────────────────────────────┴────────────────────────────────────────┴────────────────────────────────────────┴────────────────────────────────────────┴─────────────────────────────────────────
liubei-02 => 10.10.239.32 3.27Gb 3.38Gb 3.30Gb
<= 0b 0b 0b
…………
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
TX: cum: 84.5GB peak: 4.11Gb rates: 3.28Gb 3.39Gb 3.30Gb
RX: 521MB 13.2Mb 3.23Mb 5.74Mb 4.59Mb
TOTAL: 85.0GB 4.11Gb 3.28Gb 3.39Gb 3.31Gb
结果说明:
- 顶部数据:网速标尺
- 中部数据:每个链接的网络数据(我只保留了我们测试的一条,其他用省略号表示)
- 第一列:本机源地址
- 第二列:远端目标地址
- 第三列:2s平均网速
- 第四列:10s平均网速
- 第五列:40s平均网速
- 底部数据
开启后合计值 峰值 2s平均流量 10s平均流量 40s平均流量 发送的数据 接收的数据 汇总