A client-server model represents the process of how a server communicates with one or more clients. The client begins the conversation, whereas the server accepts connections and manages data transfers. For this process to begin, the client needs to request a connection. The server either accepts or denies the request, of accepted a connection, is established over a specific protocol like TCP or UDP.
There are several tools you can use to begin this process, but today we will focus on using Netcat and Ncat. Netcat is a reliable back-end tool that can read and write data across network connections. Netcat can also be utilized along with other programs and scripts to send files between the client and the server. The main purpose of this utility is to make the initial socket to establish a connection from the server to the client, and, once connected, creating the second socket connection transmitting files from the server to the client.
Ncat is the more secure way of communicating between server and client. This utility can encrypt all traffic using SSL. Like Netcat, this tool is capable of reading/writing data to the network connection and is considered a more robust tool than Netcat because it combines all Netcat variants into one and contains additional features. Some new features included in Ncat are connection brokering, proxy connections, SSL support, and IPv6 support. Further, both tools considered swiss army knife can be used by the likes of pentesters and attackers. The tools may be used for port scanning or banner grabbing when leveraged by attackers or red team but can also be handy for incident responders, as they provide remote devices imaging capabilities.
Netcat
To initiate a TCP/UDP Client Using Netcat follow these steps:
Basic Parameters
-l: set the “listen” mode, waits for the incoming connections.
–p: local port.
-u: set the UDP mode.
Syntax
The basic syntax you will use is:
nc [-options] hostname port[s] [ports]
nc -l -p port [-options] [hostname] [port]
TCP Client
- To begin, you will need to open up two terminals; one which will act as the client and second which will be the client
- Use the first terminal to set the server side by inputting: $ nc -l 2399
- Use the second terminal to set the client side by inputting $ nc localhost 2399
The connection is now established and now the client should be able to write to the server. To do this follow these steps:
Using the terminal with the client running to type in (without repeating the command nc localhost 2399, as the connection is still opened: just type in the empty line in the command prompt): Hello Server
The terminal acting as the server should receive the following message: Hello Server
UDP Client
Netcat uses TCP as the default protocol to communicate, however, UDP can also be used with the -u option. To establish a connection using the UDP client follow these steps:
- You will need to open two terminals again; one for the server and the other for the client
- Using the server terminal, type in: $ nc -u -l 2399
- Using the client terminal, type in: $ nc -u localhost 2399
- The connection is now established. To verify this, open a third terminal
- Type in the following:
$ netstat | grep 2399
udp 0 0 localhost:2399 localhost:57508 ESTABLISHED
In the output, we can see opened network connection (although only connecting 2 localhost ports) – local server port 2399 has established a connection with local port 57508, using UDP protocol.
- Now if you try to write something to the client’s console, the server should receive this message, thus proving that connection is indeed working.
In TCP or UDP scenario, you can do further testing and try to connect to a different machine on your network. Change localhost to IP address or hostname of a machine you can connect to. Remember that in real-life scenarios hosts may (and should) have firewalls configured to block such connections.
Ncat
Basic Parameters
-l: set the “listen” mode, waits for the incoming connections.
–p: local port.
— SSL: encrypt traffic
Syntax
The basic syntax you will use is:
ncat [-options] hostname port[s] [ports]
ncat -l -p port [-options] [hostname] [port]
TCP Client
- To begin, you will need to open up two terminals; one which will act as the client and second which will be the client
- Use the first terminal to set the server side by inputting: $ ncat -l –ssl 2399
- Use the second terminal to set the client side by inputting $ ncat –ssl localhost 2399
As we used –ssl option, all the traffic will be encrypted. The server must provide a certificate that clients can verify if they choose. If we start an SSL server without using the –ssl-cert and –ssl-key options, Ncat will automatically generate a certificate and 1,024-bit RSA key. Of course, this certificate will not be trusted by any application doing certificate verification, but for purposes of this quick guide, we only mention that you should always use an existing certificate and key, because it allows for robust server authentication. Before attempting to use Ncat in production networks, check out its SSL configuration options.
The connection is now established and now the client should be able to write to the server.
To do this follow these steps:
Using the terminal with the client running, type your message (without repeating the command ncat –ssl localhost 2399, as the connection is still opened: just type in the empty line in command prompt): Hello Server
The terminal acting as the server should receive the following message in the new line: Hello Server
UDP Client
Netcat uses TCP as the default protocol to communicate, however, UDP can also be used with the -u option. To establish a connection using the UDP client follow these steps:
- You will need to open two terminals again: one for the server and the other for the client
- Using the server terminal, type in: $ ncat -u -l 2399
- Using the client terminal, type in: $ ncat -u localhost 2399
- The connection is now established. To verify this, open a third terminal
- Type in the following:
$ netstat | grep 2399
udp 0 0 localhost:2399 localhost:57509 ESTABLISHED
In the output, we can see opened network connection (although only connecting 2 localhost ports) – local server port 2399 has established a connection with local port 57509, using UDP protocol.
Now if you try to write something to the client’s console, the server should receive this message, thus proving that the UDP connection is really working.
Hopefully, this helped you gain a better understanding of the client-server model and how to use a utility like Netcat and Ncat to establish connections.
