top of page

Beginners guide to Netcat

In this article we will learn some basic things about netcat and how to get a shell by using it.

  1. Introduction

  2. Starting Netcat

  3. Connect to a server

  4. HTTP Header

  5. Communication via netcat

  6. Getting a shell

  7. Port scanning


netcat (also known as nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP.

With the help of Netcat we can investigate a network and can debug it also.

Starting with netcat

To start with the netcat we will type the command nc -h

These are the command options that we can use along with the netcat to perform more operations in a network.

Connect to a server

Here we have used metasploitable2 machine to setup the ftp server , So that we can connect to it. But before connecting let’s check if the port 21 is open or not by running the command

Command used : nmap -p21

Here we have configured our metasploitable2 machine with IP address So in the next step we will try to connect with the server using nc.

After providing the correct login credentials we have successfully logged into the server.


We can use nc to fetch the information about the server.

To do this we will use the same machine.

First of all we check if the port 80 is open or not by executing the command nmap -p80

port 80 is open. Now let’s fetch the HTTP Header using the command

nc 80


The option HEAD/HTTP/1.1 gives us the header and the source code of the of the HTTP service running on the server.

Communication via netcat

Netcat can also be used to communicate or to chat between two users , but before doing any kind of communication we need to establish the connection between the two users.So for doing this we need two machines in the same network . we can do this by using virtual box or any other utility.

In this scenario we have to create two users. One will be the listener and another will be the initiator.

Let’s create the listener first using the command:

nc -lvp 4444

  1. l means listen mode

  2. v means verbose mode

  3. p means local port

Now it’s time to setup the initiator using the command

nc 4444

Here we have used the IP address of the machine on which we have established the listener and the port we have provided earlier (4444)

Now the connection is established and we can start communicating.

We can see that communication between the two user is successful.