起因是最近在做pwnable.kr上的题目的时候发现有很多是要求你直接run a
as下面这样
Running at : nc pwnable.kr 9009
我之前一直把它跟那个计算次数的命令wc
给弄混了,实在是有些尴尬,于是就想来记录一下
man nc
了The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP. It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6. Unlike telnet(1), nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet(1) does with some.
这段话的意思是nc(或netcat)实用程序用于涉及TCP或UDP的任何事情。它可以开启TCP连接,发送UDP数据包,监听任意的TCP/UDP端口,做端口扫描,并且在IPV4和IPV6上都起作用。和telnet不同的是,nc的脚本是很n简洁的,并且它将错误信息代替从标准输出中输出,转化为输出到标准错误中。
Common uses include:
o simple TCP proxies
o shell-script based HTTP clients and servers
o network daemon testing
o a SOCKS or HTTP ProxyCommand for ssh(1)
o and much, much more
man中给了一个很好玩的例子这是一个快速建立c/s模型的例子
After the connection has been set up, nc does not really care which side is being used as a server and which side is being used as a client.
在建立之后,nc不区分哪端是客户端,哪端是服务器端,这点我们从上面的图片中也可以看出:两端都可以发送信息也都可以接收信息。
我们再来讲解一下我们最前面提到的那个语句nc pwnable.kr 9009
,我们这里也就是用nc在本地运行了一个客户端,在服务器端也是有运行了一个这样的nc程序的服务器,所以,当我们连接到服务器端的时候,我们就能够运行服务器端的程序。
TALKING TO SERVERS
在这一小节其讲了一个有关其作用一:作为服务器代理的例子
echo -n "GET / HTTP/1.0\r\n\r\n" | nc www.baidu.com 80> 1.txt
我们就可以得到百度这个网站给我们的回复信息。当我们知道服务器需要的请求格式时,可以构建更复杂的命令。
PORT SCANNING
It may be useful to know which ports are open and running services on a target machine. The -z flag can be used to tell nc to report open ports, rather than initiate a connection.
这段话的意思是:通过nc命令你可以知道在目标机器上开了哪些端口,运行了哪些服务。
-z
选项用来测试是否开启了20-30这一之间的端口,如果开启了服务就会显示succeed的字样,如果没有开启就什么也不显示。由于本题中已经知道开启了9009,所以也会测试成功。
EXAMPLES
Open a TCP connection to port 42 of host.example.com, using port 31337 as the source port, with a timeout of 5 seconds:
$ nc -p 31337 -w 5 host.example.com 42
Open a UDP connection to port 53 of host.example.com:
$ nc -u host.example.com 53
Open a TCP connection to port 42 of host.example.com using 10.1.2.3 as
the IP for the local end of the connection:
$ nc -s 10.1.2.3 host.example.com 42
Create and listen on a Unix Domain Socket:
$ nc -lU /var/tmp/dsocket
总之,感觉用好nc对于我们学习网络的同学来说很重要,man大法好啊~