Netcat in windows
Posted by stu at May 22nd, 2008
Just had a nightmare finding a binary for windows that wasn’t cygwinized… eventually found it here
http://www.hackosis.com/wp-content/uploads/2007/12/nc111nt.zip
[update]
Jon Craton has mirrored this file in case the other link goes down
http://joncraton.org/files/nc111nt.zip
(Cheers 
[update 2]
It seems that antivirus programs mark netcat as a threat when actually it is just a useful tool – see conversation and links in comments for details.
Thanks mate, saved me a whole lot of looking, I was just starting to despair
Dave
I had a hard time finding this file myself. Thanks for the link. I found this blog via Google.
I have mirrored the file on my site in case that link goes down in the future.
http://joncraton.org/files/nc111nt.zip
Jon Craton
It won’t go down. :p
Shane
But the real origin of netcat win32 port, http://www.vulnwatch.org/netcat/, is indeed down for (at least) days. It even disappeared completely from google cache. So your copy may be more valuable now
Abel Cheung
Too bad these links no longer work. Only downloads 65,536 bytes and ZIP complains of missing signature and cannot open it.
Madman
Thank you very much, I had a very hard time tracking down this little tool a week or so ago, I did end up finding it but then someone deleted it on me and I couldn’t remember where I got it from last time.
Your just saved me a lot of time searching all over again
Valamer Kutayami
@Madman: I just tried redownloading the first link and it seems to work ok.
stu
Hey guys, it is me or all the archives you linked contain a virus-infected executable in it ? Kapersky, Norton and AVG all complain that it is infected by RemoteAdmin.Win32.NetCat
I recompiled the source with MinGW and no more complain …
Maybe a false positive, since I didn’t see any port in the listening state opened while running the command, but still I wonder if you can have a similar warning if you compile the source with VC.
tpierron
@tpierron: If you read the description here http://research.sunbelt-software.com/threatdisplay.aspx?name=RemoteAdmin.Win32.NetCat&threatid=47713 it appears that netcat itself is flagged in the enterprise versions as it’s not something that “normal” users would be running on a business network. They probably flag other networking tools too.
stu
Here are some more details
http://66.102.9.104/search?q=cache:wIIgDd8B6xQJ:packetstormsecurity.org/papers/virus/Taking_Back_Netcat.pdf+netcat+marked+by+virus+checker&hl=en&ct=clnk&cd=3&gl=uk&client=firefox-a
stu
Thanks for the link dude! Its random awesome blogs that do things like this that make the internet a better place.
Cheers!
MiW
Thank you, man! I have been looking for it for days, since Jon’s site appeared to be down. Cheers!
Pablo
Hi
have also mirrored it on my “often down” site.
stevepedwards.dyndns.org
Just to note, I couldnt get it in Win as AVG blocked it, but I used wget on my debian box:
wget http://joncraton.org/files/nc111nt.zip
then I could get it to winbox on internal LAN (????), but Vista will not allow extraction to any folder….hmmmm…cheers Steve
steve
Thanks! Sourceforge only gave “unknown” file type to me. LOL yep i’m a newbie.
Kiddie
god bless you !
A
@steve Unfortunately some antivirus programs have it in their databases, as in theory it could be used for evil… this is stupid, next they’ll be marking notepad.
stu
@stu to be fair, the -e option can is far more dangerous than just about anything you can do with notepad
chris
Fair enough, but it’s still annoying for people who want to use it legitimately… I’m not sure all the antivirus programs even let you whitelist individual executables.
stu
Thanks.
The 1st link was down, so I’ve also mirrored it:
http://team5150.com/~random/apps/netcat/
random
thanx men
first timer
Nice m8 !!!!
jmdz
It’s back up
paul
thx m8
anon