====== Netcat ======

== Simple Port Scan ==
<code bash>
nc -v -w 1 192.0.0.1 1-65535 | & grep -v "refused"
</code>

== Web Site download ==
<code bash>
printf "GET / HTTP/1.1\nHost:www.entensuppe.ch \n\n" | nc www.entensuppe.ch 80
</code>

== Test OpenVPN Server ==

By sending a [[https://github.com/OpenVPN/openvpn/blob/0f904615bd2eac9d246055ff1ca4e4da95586f86/src/openvpn/ssl_pkt.h#L51|P_CONTROL_HARD_RESET_CLIENT_V2]] package to the server, a new session is initiated and the server will respond with P_CONTROL_HARD_RESET_SERVER_V2 package.

:!: This won't work if tls-auth is active.

<code bash>
echo -e "\x38\x01\x00\x00\x00\x00\x00\x00\x00" | timeout 3 nc -u 192.0.0.1 1194 | cat -v
</code>

<code - Example>
user@server:~$ echo -e "\x38\x01\x00\x00\x00\x00\x00\x00\x00" | timeout 3 nc -u 192.0.0.1 1194 | cat -v
@M-*g^EDXM-R+z^@^@^@^@^@
</code>

The command above doesn't work on OPNsense (FreeBSD). In this case, the following command should work.

<code bash>
echo -n "3801000000000000000a" | perl -e 'print pack "H*", <STDIN>' | timeout 3 nc -u 192.0.0.1 1194 | cat -v
</code>

<code - Example>
root@opnsense:~ # echo -n "3801000000000000000a" | perl -e 'print pack "H*", <STDIN>' | timeout 3 nc -u 192.0.0.1 1194 | cat -v
@E4M-^CM-*|JQa^@^@^@^@^@@E4M-^CM-*|JQa^@^@^@^@^@
</code>