telnet & netcat

telnet

The TELNET (Teletype Network) protocol, developed in 1969, enables communication with a remote system via a command-line interface (CLI). The telnet command uses this protocol for remote administration, with the default port being 23. However, TELNET sends all data, including usernames and passwords, in cleartext, making it insecure compared to SSH (Secure SHell), which encrypts the communication. Despite its security flaws, TELNET is simple and can be used to connect to other services running on any TCP port to grab banners or exchange messages, as long as encryption isn't enforced.

TELNET can connect to other ports by specifying the target machine's IP address and the desired port in the command:

telnet [IP] [PORT]

This allows TELNET to connect to any service running on a specified TCP port. Once connected, you can interact with the service, often to grab banners or test connectivity, as long as encryption isn’t required by the service.

netcat

Netcat (or nc) is a versatile networking tool that supports both TCP and UDP protocols. It can be used by pentesters for various tasks, such as acting as a client connecting to a listening port or as a server listening on a specified port. This makes it a convenient tool for setting up simple client-server communication over TCP or UDP.

nc [IP] [PORT]

Key Options

-l: Listen mode (acts as a server)

-p: Specify the port number

-n: Numeric only (avoids DNS resolution)

-v: Verbose output (useful for debugging)

-vv: Very verbose

-k: Keep listening after client disconnects

# to set up a server that listens on port 1234
nc -vnlp 1234

# on the client side to connect to the listenig server
nc [Machine_IP] 1234

After the connection is established, any text typed on one side will be echoed on the other, enabling basic communication between the client and server.