Skip to content

Ncat Guide

Overview

Ncat is a reimplementation of Netcat, but with a lot of added functionality. Like Netcat, Ncat allows you to send raw data in the payload of TCP or UDP. However it can do a lot more as well.

Usage

To connect to a host and port with ncat, the syntax is ncat <host> <port>. For example, to connect to port 80 on www.google.com:

ncat www.google.com 80

To listen with ncat on a port, the syntax is ncat -l -p <port>. For example, to listen on port 80:

ncat -l -p 80

Quiet by Default

By default ncat doesn't tell you it's doing anything. Unless you give it the -v option (discussed below) it will be quiet. It's running, it's just not saying anything.

Listening on Ports < 1024

If you want to listen on a port that is less than 1024, you must run ncat as root.

Some common options for ncat:

  • -v Enable verbose mode (written to stderr)

  • -n Don't resolve hostnames

  • -l Tell ncat to listen (default is to connect)

  • -u Tell ncat to use UDP (default is TCP)

  • -p Port to listen on (in listening mode) or source port (in connecting mode)

  • -o Write a copy of data received from the network to a file

  • -x Write a copy of a hexdump of the data received from the network, to a file

Common Typo

To tell ncat to listen use -l, which is a lowercase letter L not a number one

Examples

Connect to UDP port 53 on 127.0.0.1:

ncat -u 127.0.0.1 53

Listen on UDP port 53:

ncat -lup 53

Listen on TCP port 80:

ncat -lp 80

Be verbose while listening on TCP port 80:

ncat -vlp 80

Be verbose and don't resolve host names, while listening on UDP port 80:

ncat -nvlup 80