Команда nc
netcat is a simple unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat, or "nc" as the actual program is named, should have been supplied long ago as another one of those cryptic but standard Unix tools.
nc [-options] hostname port[s] [ports] ...
nc -l
-p port [-options] [hostname] [port]
| -c string | specify shell commands to exec after connect (use with caution). The string is passed to /bin/sh -c for execution. See the -e option if you don't have a working /bin/sh (Note that POSIX-conformant system must have one). |
| -e filename | specify filename to exec after connect (use with caution). See the -c option for enhanced functionality. |
| -g gateway | source-routing hop point[s], up to 8 |
| -G num | source-routing pointer: 4, 8, 12, ... |
| -i secs | delay interval for lines sent, ports scanned |
| -l | listen mode, for inbound connects |
| -n | numeric-only IP addresses, no DNS |
| -o file | hex dump of traffic |
| -p port | local port number (port numbers can be individual or ranges: lo-hi [inclusive]) |
| -q seconds | after EOF on stdin, wait the specified number of seconds and then quit. |
| -b | allow UDP broadcasts |
| -r | randomize local and remote ports |
| -s addr | local source address |
| -t | enable telnet negotiation |
| -u | UDP mode |
| -v | verbose [use twice to be more verbose] |
| -w secs | timeout for connects and final net reads |
| -z | zero-I/O mode [used for scanning] |
| -x type | set TOS flag (type may be one of "Minimize-Delay", "Maximize-Throughput", "Maximize-Reliability", or "Minimize- Cost".) |
nc -v -w 2 localhost -z 1-65535
Probe ports 1-65535 on the localhost and look for available open ports. Below is an example of what the output may look like when probing ports 1-82.
localhost [127.0.0.1] 80 (www) open
localhost [127.0.0.1] 79 (finger) open
localhost [127.0.0.1] 25 (smtp) open
localhost [127.0.0.1] 23 (telnet) open
localhost [127.0.0.1] 22 (ssh) open