Talk About CryptCat

Cryptcat is the standard netcat enhanced with twofish encryption. Ports for WIndows NT and Linux exist at http://www.farm9.com. Twofish is courtesy of counterpane, and cryptix. We started with the Java version of twofish from cryptix, converted it to C++ (don't ask why), and enhanced it by adding CBC mode and the ciphertext stealing technique from Applied Cryptography (pg. 196).

Adding twofish encryption to NetCat may not be the answer to all your prayers, but it you're using NetCat to connect to other machines and move data around the network and you're properly paranoid, this is the right way to do it. Note that you have to change the secret key from its default ("metallica") if you want real security.

What a cool little tool! Even cooler than hobbit's classic.... deployed it across a lot of stuff :-)

Cryptcat is the standard netcat enhanced with twofish encryption. Cryptcat allows you to pipe data from one host to another using encryption. "Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat, or "nc" as the actual program is named, should have been supplied long ago as another one of those cryptic but standard Unix tools." Posted By: Dave Wreski 9/27/2000

CryptCat is a natural extension to netcat, allowing simple encrypted tunnels to be generated between machines, across the Internet and, in some cases, through firewalls. CryptCat is available for both Windows and Linux.

Vulnerability Note VU#165099 - cryptcat does not encrypt data communications when -e command argument is used

OVERVIEW: With certain options used, cryptcat does not encrypt network connections as expected.

DESCRIPTION: Cryptcat is an enhanced version of netcat that adds twofish encryption. If cryptcat is started in listen (server) mode binding a shell to a network port, cryptcat fails to enable encryption. Without encryption enabled on the server, cryptcat clients will not be able to connect. Furthermore, netcat clients can connect to the server port and communicate without encryption.

SOLUTION: The CERT/CC is currently unaware of a practical solution to this problem.

CREDIT: Thanks to Eric Sheesley for reporting this vulnerability. This document was written by Shawn Van Ittersum.

Well, improving upon netcat we have cryptcat. What's the improvement? Cryptcat encrypts the data sent across the network (strong encryption, too!). Very nice.

NetCat has been dubbed the network Swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using the TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. Netcat is now part of the Red Hat Power Tools collection and comes standard on several BSD and Linux distributions. Plus Cryptcat. Cryptcat is the standard netcat enhanced with twofish encryption.

Uses Cryptcat in combination with other tools.

SFile is a utility that we've found a lot of use for. We've used SFile to search for files on a remote drive, and preserve the file path, size, and MAC (Modification, last Access, Creation) times, and save those in a .CSV format. Also, for forensic purposes, the beginning and end of the search are timestamped. This utility can be loaded on a CD or diskette, and be used in conjunction with netcat or cryptcat to perform "live" forensic analysis of a system. SFile can search all files, or any combination of graphics files (.avi, .mpg, .mov, .jpg, .gif), Office files (.xls, .csv, .doc, .ppt), or mailboxes (.mbx, .snm, .pst). The results are then easily opened in Excel for viewing.

SEE ARTCLES if you need more specific information on how to use this utility with netcat or cryptcat.

Gives examples of using dd, TCT and cryptcat for data collection.

White paper describing usage and uses for several programs that listen and affect traffic on the raw sockets level. Provides a good example of how to use cryptcat in conjunction with tcpdump.

(Netcat + Encryption = Cryptcat) - Netcat is a useful tool as it is, but if someone were using it you would be able to at least get a feel for what they were doing. At least you could before Cryptcat! Cryptcat is the standard netcat enhanced with Bruce Schneier’s twofish encryption. It can be found at www.farm9.com. Linux, OpenBSD, FreeBSD, and Windows versions are available. So much for sniffing any netcat traffic!

A Twofish-encrypted version of the L0pht's netcat program. It allows simple encrypted tunnels to be generated between machines, across the Internet and, in some cases, through firewalls. Free and open source.

CryptCat, the encrypted netcat - CryptCat is a natural extension to netcat, allowing simple encrypted tunnels to be generated between machines, across the Internet and, in some cases, through firewalls. (2424 hits)