Skip to content

Instantly share code, notes, and snippets.

@kapil1024

kapil1024/netcat_port_forwarding.md

Created December 18, 2021 11:56
Show Gist options
  • Save kapil1024/15095f97fe945040806bfdf0fc153fea to your computer and use it in GitHub Desktop.
Save kapil1024/15095f97fe945040806bfdf0fc153fea to your computer and use it in GitHub Desktop.
Download ZIP
Port forwarding using netcat (nc)
Raw
netcat_port_forwarding.md

Network setup

10.1.1.4/24 --> a system connected to bmc system. 10.1.1.5/24 --> bmc system. localhost --> my laptop. Suppose we want to access a service running at UDP port 623 but UDP port 623 is blocked by our firewall and TCP port 80 is unblocked. So we can use nc to create a tunnel using TCP port 80.

Configuration

  1. laptop terminal#1:
    • mkfifo /tmp/fifo
    • sudo nc -l -u -p 623 < /tmp/fifo | nc 10.1.1.4 80 > /tmp/fifo
  2. Proxy system (10.1.1.4/24) ternminal:
    • mkfifo /tmp/fifo
    • sudo nc -l -p 80 < /tmp/fifo | nc -u 10.1.1.5 623 > /tmp/fifo

Using the tunnel

  1. laptop terminal#2:
    • ipmitool -C 17 -I lanplus -H localhost -p 623 -U username -P password lan print
     Set in Progress         : Set Complete
 Auth Type Support       :
 Auth Type Enable        : Callback :
                         : User     :
                         : Operator :
                         : Admin    :
                         : OEM      :
 IP Address Source       : Static Address
 IP Address              : 10.1.1.5
 Subnet Mask             : 255.255.255.0
 MAC Address             : ff:ee:dd:cc:bb:aa
 Default Gateway IP      : 10.1.1.1
 Default Gateway MAC     : 00:00:00:00:00:00
 802.1q VLAN ID          : Disabled
 RMCP+ Cipher Suites     : 17
 Cipher Suite Priv Max   : aaaaaaaaaaaaaaa
                         :     X=Cipher Suite Unused
                         :     c=CALLBACK
                         :     u=USER
                         :     o=OPERATOR
                         :     a=ADMIN
                         :     O=OEM
 Bad Password Threshold  : Not Available

Note: We are using local IP address
Raw
netcat_reference.md

https://en.wikipedia.org/wiki/Netcat#Proxying http://zarb.org/~gc/html/udp-in-ssh-tunneling.html https://www.tecmint.com/netcat-nc-command-examples/

  • Listen on a tcp port:

    • nc -l -p 80

  • Listen on an UDP port:

    • nc -l -u -p 623

  • Read from a remote TCP port:

    • nc 10.1.1.4 80

  • Write to a remote TCP port:

    • echo "some message" | nc 10.1.1.4 80

  • Read from a remote UDP port:

    • nc -u 10.1.1.4 80

  • Write to a remote UDP port:

    • echo "some message" | nc -u 15.115.65.34 80

  • Chat program:

    • Server:
      • nc -l -vv -p 5000
    • Client:
      • nc localhost 5000

  • Scan remote port (e.g 22):

    • nc -v -w 2 -z 10.1.1.4 22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment