in BT3 was GNU netcat with SSL support included. In BT4 it isnt any more. I think the SSL support is quite helpfull for security audits, so it would be gread if you can provide a GNU-netcat package which has SSL support enabled.
Yes, it is CryptCat. Netcat by design did not have any encryption.
There is also Socat.
more info: Top 2 Netcats
Cryptcat is not working with SSL.Code:bt ~ # netcat -E --dontcheckhost www.xyz.de 443 GET / HTTP/1.0 HTTP/1.1 200 OK Date: Fri, 09 Apr 2010 15:10:09 GMT Server: Apache Last-Modified: Wed, 10 Jan 2007 09:16:58 GMT Content-Length: 151 Connection: close Content-Type: text/html
you can use netcat from BT3 also in BT4, just copy the netcat binary (located in /usr/local/bin/netcat - BT3)
on BT4 do the following:
Code:root@bt:~# file netcat netcat: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.16, dynamically linked (uses shared libs), stripped root@bt:~# ./netcat -h ./netcat: error while loading shared libraries: libssl.so.0: cannot open shared object file: No such file or directory root@bt:~# ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so.0 root@bt:~# ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.0 root@bt:~# ./netcat -h GNU netcat 0.7.1, a rewrite of the famous networking tool. ...
Last edited by Archangel-Amael; 04-09-2010 at 06:47 PM.
I think I understand more of what you are asking for.(probably a language barrier but hopefully we can work through it.) By default BT4 final has netcat, cryptcat, and socat all installed.
These commands should help you to get on your way, in a terminal type:
Code:nc -hCode:cryptcat -hI'm not sure yet whether you are trying to enumerate a listening ssl port or attempt to connect to a ssl server. Hopefully these should help you do what you are wishing.Code:socat -h
From what I've seen from an unknown source is that the developer of netcat no longer supports it. They probably aren't around anymore. It's uses are amazing and work very well even to this day, I have nothing to complain about with netcat. Although I like getting used to newer tools based off of netcat such as socat or cryptcat. They are all good tools to have and provide a lot of functionality in a quick and easy to use payload. As far as I remember most BT distributions had at least netcat and probably cryptcat aswell. Socat is fairly new I believe but can be found in the latest version of BT.
Taking a closer look at the socat help you will see some openssl commands that take host:port inputs and you can also setup a ssl listener. It has a lot of interesting stuff like proxies, piping and tunneling. IPv4 and IPv6 suport.
Hope this helps and good luck!
Last edited by hhmatt; 04-12-2010 at 07:29 AM. Reason: Spelling
If you want true SSL connections then just use openssl in s_client mode.
Code:openssl s_client -connect www.google.com:443
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.