From SecWiki
Jump to: navigation, search

Ncat is designed to be compatible in as many ways as possible with both Traditional netcat (as implemented by Hobbit) and OpenBSD netcat. In many cases, such compatibility is not possible, such as when an option conflicts in meaning between the two older implementations. This page will document Ncat's options for features that it shares with these implementations or which have not been implemented. Ncat has many other features (such as SSL/TLS) that are not documented here.

Shared options

Options shared by all implementations

The following options are the same in all three netcat implementations: -C, -h, -p, -s, -l, -n, -t, -u, -v, -z

Options shared with OpenBSD netcat

The following options are shared with OpenBSD netcat and not implemented by traditional netcat: -4, -6, -U, -k.

Note that OpenBSD netcat's -k option does not allow multiple simultaneous connections, but instead restarts the listener when the first connection is finished. Ncat, on the other hand, will combine input from any number of connections into a single stream on STDOUT, and will send input from STDIN to each connection. In combination with -c or -e, it will fork a new process for each connection.

Options shared with Traditional netcat

The following options are shared with traditional netcat and not implemented by OpenBSD netcat: -c, -e, -g, -G

Options which differ from one or more implementations

Feature Ncat netcat-traditional netcat-openbsd
Don't read from stdin --recv-only [1] Unimplemented -d
Enable broadcast Always on -b -b
Delay between lines read/written -d -i -i
Dump session as hex to file -x [2] -o Unimplemented
Idle/connect timeout -i for idle timeout,
-w for connect timeout
-w -w
Wait after EOF on stdin Unimplemented [3] -q -q
Randomize port numbers Unimplemented [4] -r -r
Set IP TOS value Unimplemented [3] -T -T
  1. This will shut down the socket with FIN for half-duplex operation. Some servers will terminate the connection in this case. The --no-shutdown option can be used instead or in addition if this is unacceptable and for full compatibility with OpenBSD netcat's -d behavior. For more details, see Ncat/EOF behavior
  2. The -o option for Ncat dumps raw data to the file.
  3. 3.0 3.1 Ncat feature requests may be made at the Nmap Issues Tracker
  4. Ncat does not allow multiple destination port numbers, so this option is not relevant

Other caveats

  • Ncat does not allow multiple destination port numbers.
  • OpenBSD netcat supports proxy connections, and all of its options are different than Ncat's. Traditional netcat does not support proxy connections.
  • Some versions of OpenBSD use the -e and -c options for SSL/TLS connections. Ncat has its own set of long options for this feature, following traditional netcat's convention of using -e and -c for executing processes.