Netcat is without any doubt my favorite security tool, it’s always in my toolbox alwayswith me, it comes in handy a few times. It’s the first tool I pick when I need to perform a banner grab, just connect and send some requests and see what it spits back at you (sometimes just random crap). In this tutorial i’ll show you how can perform one yourself and how easy it is.
The first thing, and the most obvious one, is to get your hands on a copy (Google to the rescue!), once you have your copy follow these simple steps:
Open up your terminal of choice and type nc -vv [host] [port] and press [Enter]. Now, depending on what protocol is behind that port you have to send some requests MANUALLY. In other words, all off the automated requests, for example, your web-browser sends out you will have to send manually.
If you connected to a web server (port 80) you can try to send a header request, to do that you connect, press [Enter], enter HEAD / HTTP/1.0, press [Enter] twice and the server will spit out some information about itself.
Now don’t expect a simple header request will reveal some serious security info, it may have in the early 90:s, but not so much these days. Also, it’s not uncommon these days for an web-server administrator to spoof the server header, to hide the server software name, current version, uptime etc. Nevertheless it’s worth a try.