September 28, 2008

nc2 : Netcat without a couple of annoyances

Netcat is without doubt one of the most useful tools I know. For years I've used it almost every day, and I still do, in different platforms. Its simplicity is its beauty.

All this time, however, two small details have kept the experience from being absolutely perfect for me. I know there are many rewrites of nc out there nowadays and some versions may not show the behavior I'm about to describe. I'm talking here about code based on that original from Hobbit, both for Linux (v1.10) and for Windows (v1.11).

The first annoyance is (was) in the Linux version. While in the Windows version there is a "-L" option ("listen harder") to make netcat continue listening for new connection attempts after a connection is terminated, there is no such option in the Linux version. You can get around it by launching netcat inside a "while" shell loop, but personally I've always found that to be a pain in the neck, especially when you compare it to simply invoke netcat with a capital "L" instead of lowercase "l", as you do in the Windows version.

The second annoyance is (was) in the Windows version. If you send a file through the client netcat's standard input (e.g. "cat(or type) file.txt ¦ nc target_ip target_port"), in Linux netcat terminates the connection as soon as it is finished sending the file, but in Windows the connection stays active until you tear it down manually, pressing CTRL-C, when you think the transfer is finished. That simply sucks.

Well, I decided to put an end to it. I downloaded the source code, which fortunately is distributed under the GPLv2 license, made a couple of tiny modifications (yes, you may call them quick and dirty hacks, I won't be offended) et voilà, "nc2" was born. Thus, let me make it clear that "nc2" is nothing more than "nc" with two little hacks that eliminate the small annoyances I just described.

I made it for myself, but I decided to publish it in case someone else finds it useful. The zip file (, MD5 b26fd6bab7b4a4d89a76fa52dca0f64b, SHA1 b8639b450974a182b67fa637aa9484d111bff534) contains binaries for both platforms ("nc2" and "nc2.exe", respectively), their source code, and a copy of the original source code I derived nc2 from. I downloaded the Windows version from and for Linux I used the source code of the netcat package that comes with openSUSE 10.3 (yes, you got me, I used NETinVM for this too :-) ).

Finally, and before you ask... I renamed it to "nc2" because this way it is easier for my feeble mind to distinguish when I'm running my own version or some other. For those of you with stronger minds that may feel outraged by this fact, I only have two words: "mv" and "move" ;-).

David Perez.


Blogger rochem said...

Ole! :)

Thanks for the effort David, we'll use it.

4:56 PM  
Blogger David Perez said...

You're most welcome!

5:00 PM  
Blogger Robin said...

It is always the simplest changes that are the best!

1:57 PM  
Anonymous Anonymous said...

For your second issue...that Windows doesn't close the conneciton, I always use the -w [seconds] option to tell it to wait x seconds after the final read and then close. For example, on the receiving end I use:

nc -l -p 3333 > filename.ext

On the sending end, I use:

cat filename.ext | nc -w 3 3333

Seems to work for me, but I admit that I use nc in Cygwin on my Windows box, so perhaps that's why?

8:46 PM  
Anonymous David Negreira said...

Thanks a lot for this! the -L option comes very very very handy! Why dont you push this as a patch to the main netcat?

Kind regards,
David Negreira.

4:28 PM  
Blogger David Perez said...

Hi David (Negreira), I'm glad to hear that you find it as useful as I do!

I haven't pursued making an official patch for two reasons, mainly. For one thing, it's a quick and dirty hack that I'm not especially proud of, it works but most probably there is a much cleaner way to achieve the same purpose. And second, because there are several "main" development branches of netcat out there and I didn't feel like approaching all of them to include this functionality. I guess you might call me lazy for that... But hey! If you're up for it, don't let me stop you! Please go ahead and make it happen! ;-)

David (Perez).

PS (to anonymous): Maybe the cygwin version with the -w option doesn't need the hack. I haven't checked.

6:11 PM  
Blogger Jim said...

very nice.. Do you think you may have the same fixes for cryptcat?

11:05 PM  
Blogger David Perez said...

Hi Jim,

I don't have the same fixes for cryptcat, nor plans to make them.

You may want to have a look at ncat, though. Ncat is a new incarnation of netcat, written from scratch by Fyodor and a small group of authors, and includes SSL and many other features. I haven't tried yet, but I would be very surprised if you would find these little annoyances in its code too.

10:08 PM  
Anonymous Anonymous said...

hey David Perez, your version is great ... but, what happened with the -e Option??? (GAPING_SECURITY_HOLE) ??? you version "nc2" has no that !!!

I did:
~$ ./nc2 -h

and the result was all without "-e" option ....

Then i recompiled your source code adding the DGAPING_SEC... at makefile and now the my new result was "the -e option is there but DOESNT work properly ... i use:
~$ ./nc2 -vvLp 8002 -e /bin/sh

But it doesnt work .. the bahavior of the -L is identical to -l only when i use the -e option ...

Could you explainme whats up???

My email account is and my freak name is Broox, thnx David

6:12 AM  

Post a Comment

<< Home