On RHEL 7.2 OS, I get following error when trying to run nc commnad
nc -z -v -w1 host port
nc: invalid option -- 'z'
Ncat: Try `--help' or man(1) ncat for more information, usage options and help. QUITTING.
Is there any alternative to it
maybe nc is a link to ncat, use the commands to checkļ¼
which nc | xargs ls -l
if the nc is linked to ncat,you should relink nc to netcat, if netcat is not installed, refer the website:http://netcat.sourceforge.net/download.php
It seems the old version of nc is being phased out everywhere in favour of Nmap Ncat. Unfortunately this doesn't have the rather useful -z option.
One way to get equivalent functionality (test whether the target host is listening on a given port) is to transform this:
nc -z hostname port
Into this:
cat /dev/null | nc hostname port
You might also want to add in an option like -w 1s to avoid the long default timeout.
There might be a cleaner combination of options that avoids the need for the /dev/null but I couldn't figure out what.
I've also seen talk of using tcping to do the same thing, but that doesn't seem to be available on all distros.
On the newer RHEL 7 nc is a link to ncat, while you may be used to nc on the older RHEL6 and below.
ncat seems not to have the -z option, and being a different project having a look at it's man page is a good idea, or at least examine it's internal help
ncat -h
Related
Is it possible to do it in one netcat invocation?
This works:
nc WHKWDCTGABUZUN1 12345 -w 5
How do I make this work?
nc WHKWDCTGABUZUN1,WHKWDCTGABUZUN2,WHKWDCTGABUZUN3 12345 -w 5
As far as I know, nc cannot directly do what you want. But, as the man pages say, nc works nicely in scripts, so you can do something like:
#!/bin/bash
ADDRESSES=("WHKWDCTGABUZUN1" "WHKWDCTGABUZUN2" "WHKWDCTGABUZUN3")
for ADDR in ${ADDRESSES[#]}
do
nc "$ADDR" 12345 -w 5
done
You can wrap this into a shell script that will send whatever you pass on stdin to each of the hosts.
If this doesn't work for you, check out one or more of the beefed-up versions of nc, including ncat and socat, both of which are available for Linux. I'm not sure that they can do what you want either, but it's more likely.
You can't actually do that in a single line, the way you're asking. However, something like this may work:
printf "WHKWDCTGABUZUN1\nWHKWDCTGABUZUN2\nWHKWDCTGABUZUN3\n" |
while read address; do
nc "$address" 80 -w 5 <<< GET;
done
I am trying to understand why netcat listener isn't working in my Kali Linux VM. From what I understand,I open a terminal and open the port.
nc -l 155
Then, I open another terminal within my VM and use the following command to connect to that port number.
nc 127.0.0.1 155 (loopback IP address and same port number)
It was unsuccessful and since I am just a newbie in this field, I was hoping to get some assistance on this issue. However, I found a new way to execute this command but I am not understanding the logic behind why this new way works and not the original method that I learned in class. Thank you for your help in advance!
First of all, to elevate your self from newbie status, you have to understand what errors mean. "it was unsuccessful" is an insufficient description of your results for any real debugging. Probably, what happened was a valuable clue to the issue - you should have included that information. Furthermore, you really have to get your commands in the quetsion exactly right. Don't say you did one thing, then post a screenshot of something else happening. I'm not sure what the -e is supposed to be doing, but I don't find any record of it in my osx implementation or online man pages.
Different builds or implementations of netcat could differ, but from what I'm seeing from a netcat on my osx box, -p is not the right way to specify destination port.
$ nc localhost -p 1055
nc: missing hostname and port
usage: nc [-46AacCDdEFhklMnOortUuvz] [-K tc] [-b boundif] [-i interval] [-p source_port] [--apple-delegate-pid pid] [--apple-delegate-uuid uuid]
[-s source_ip_address] [-w timeout] [-X proxy_version]
[-x proxy_address[:port]] [hostname] [port[s]]
-p specifies source port. You don't usually need to specify this. Furthermore, you can't have a source and destination of the socket on the same box on the same port. Usually source port doesn't need to be specified.
Finally, ports under 1024 can only be allocated as root. Like most linux professionals, I don't run anything as root unless I really have to, so I changed to 1055 for this demonstration. One nc each in a termina window, typing messages in one print out the other side. Observe:
$ nc -l 1055
hi world
hi yourself, world!
$ nc localhost 1055
hi world
hi yourself, world!
server: nc -l ${port} > ${file}
local: nc ${ip} -z ${port} < ${file}
I want command to get Linux machine(amazon) external/public IP Address.
I tried hostname -I and other commands from blogs and stackoverflow like
ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'
and many more. But they all are giving me internal IP Address.
Then I found some sites which provides API for this.
Example : curl http://ipecho.net/plain; echo
But I don't want to rely on third party website service. So, is there any command line tool available to get external IP Address?
simplest of all would be to do :
curl ifconfig.me
A cleaner output
ifconfig eth0 | awk '/inet / { print $2 }' | sed 's/addr://'
You could use this script
# !/bin/bash
#
echo 'Your external IP is: '
curl -4 icanhazip.com
But that is relying on a third party albeit a reliable one.
I don't know if you can get your external IP without asking someone/somesite i.e. some third party for it, but what do I know.
you can also just run:
curl -4 icanhazip.com
This is doing the same thing as a command the -4 is to get the output in Ipv4
You can use this command to get public ip and private ip(second line is private ip; third line is public ip.)
ip addr | awk '/inet / {sub(/\/.*/, "", $2); print $2}'
I would suggest you to use the command external-ip (sudo apt-get install miniupnpc) as it (I'm almost sure) uses upnp protocol to ask the router instead of asking an external website so it should be faster, but of course the router has to have upnp enabled.
You can simply do this :
curl https://ipinfo.io/ip
It might not work on amazon because you might be using NAT or something for the server to access the rest of the world (and for you to ssh into it also). If you are unable to ssh into the ip that is listed in ifconfig then you are either in a different network or dont have ssh enabled.
This is the best I can do (only relies on my ISP):
ISP=`traceroute -M 2 -m 2 -n -q 1 8.8.8.8 | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`
extIP=`ping -R -c 1 -t 1 -s 1 -n $ISP | grep RR | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'`
echo $extIP
Or, the functionally same thing on one line:
ISP=`traceroute -M 2 -m 2 -n -q 1 8.8.8.8 | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'` | ping -R -c 1 -t 1 -s 1 -n $ISP | grep RR | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
to save it to a temporary & hidden file add > .extIP to the end of the last line, then cat .extIP to see it.
If your ISP's address never changes (honestly i'm not sure if it would or not), then you could fetch it once, and then replace $ISP in line two with it
This has been tested on a mac with wonderful success.
the only adjustment on linux that I've found so far is the traceroute "-M" flag might need to be "-f" instead
and it relies heavily on the ping's "-R" flag, which tells it to send back the "Record Route" information, which isn't always supported by the host. But it's worth a try!
the only other way to do this without relying on any external servers is to get it from curl'ing your modem's status page... I've done this successfully with our frontier DSL modem, but it's dirty, slow, unreliable, and requires hard-coding your modem's password.
Here's the "process" for that:
curl http://[user]:[password]#[modem's LAN address]/[status.html] | grep 'WanIPAddress =' | grep -m 1 -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
That fetches the raw html, searches for any lines containing "WanIpAddress =" (change that so it's appropriate for your modem's results), and then narrows down those results to an IPv4 style address.
Hope that helps!
As others suggested, we have to rely on third party service which I don't feel safe using it. So, I have found Amazon API on this answer :
$ curl http://169.254.169.254/latest/meta-data/public-ipv4
54.232.200.77
For more details, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-retrieval
The super-easy way is using the glances tool. you can install it on Ubuntu using:
$ sudo apt install glances
then using it with:
$ glances
and at the top of the terminal, it highlights your public IP address, and so many other information about your system (like what htop does) and network status.
For a formatted output use :-
dig TXT +short o-o.myaddr.l.google.com #ns1.google.com
it'll give you formatted output like this
"30.60.10.11"
also FYI,
dig is more faster than curl and wget
The following works as long as you have ifconfig and curl.
curl ifconfig.me
Specifically RHEL 6.5
It's a Dev box and we have certain port ranges we are permitted for development use.
...unfortunately, getting a tech's attention to find out what ports are available is like pulling teeth. Would prefer a script or alias that does this so that we don't have to ask all the time. Clues? Is this an iptables command or is it a netstat command or some weird combo? nmap is not available on this machine.
Please don't say this is a Server Fault question. They say it's a programming question. :-|
Definitely a SF question but here we go. From the dev box itself (command line) you should be able to see what ports are in use with the netstat tool.
To see the list of listening ports both UDP and TCP, complete with the program names:
# preferably as root
netstat --listening --program --numeric-ports --protocol=ip -6 -4
From another machine, you can use nmap or a similar tool to see what ports are open/listening by scanning the IP address assigned to the dev box. Before trying this, maybe you should ask for permission. Also, you should consider that the box in question might have firewall rules in place that can thwart your scanning attempts.
To see what firewall rules are in place in the dev box try:
# as root
iptables -nvxL -t filter
# maybe there are NAT rules, redirects to other addresses, etc.
iptables -nvxL -t nat
To see what these iptables options do, try man iptables.
As an example, assuming 172.16.0.1 is the IP address assigned to the dev box, to run nmap in the simplest way possible:
# preferably as root
nmap -v 172.16.0.1
In a few minutes you should see a list of ports/services listening in that relevant box.
Try man nmap and read the documentation for more details.
If you really think this is a programming issue, you can use the netcat tool and program a simple script to do something roughly equivalent to what nmap does.
#!/bin/bash
#
# DISCLAIMER: NOT TESTED -- just an example
# NOTE: This will take many DAYS to complete
HOST=172.16.0.1
for port in `seq 1 65535`
do
echo "Trying ${port}..."
netcat -vvv ${HOST} $port -w 1 -z
done
For every open TCP port you should see a line similar to this:
Connection to 172.16.0.1 23 port [tcp/telnet] succeeded!
Is there a way to quickly bind to a TCP port/ip address and simply print out all information to STDOUT? I have a simple debugging solution which writes things to 127.0.0.1:4444 and I'd like to be able to simply bind up a port from bash and print everything that comes across. Is there an easy way to do this?
$ nc -k -l 4444 > filename.out
see nc(1)
Just because you asked how to do it in bash, though netcat answer is very valid:
$ exec 3<>/dev/tcp/127.0.0.1/4444
$ cat <&3
That is working as you expecting:
nc -k -l 4444 |bash
and then you
echo "ls" >/dev/tcp/127.0.0.1/4444
then you see the listing performed by bash.
[A Brief Security Warning]
Of course if you leave a thing like this running on your computer, you have a wide open gateway for all kinds of attacks because commands can be sent from any user account on any host in your network. This implements no security (authentication, identification) whatsoever and sends all transmitted commands unencrypted over the network, so it can very easily be abused.
Adding an answer using ncat that #Freedom_Ben alluded to:
ncat -k -l 127.0.0.1 4444
and explanation of options from man ncat:
-k, --keep-open Accept multiple connections in listen mode
-l, --listen Bind and listen for incoming connections