nerdexam
EC-Council

312-50V11 · Question #680

An attacker runs netcat tool to transfer a secret file between two hosts. Machine A: netcat -l -p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234 He is worried about information being sniffed o

The correct answer is D. Use cryptcat instead of netcat. Standard netcat has no built-in encryption capability; cryptcat is the purpose-built variant that adds Twofish encryption to the same netcat-style interface.

Sniffing

Question

An attacker runs netcat tool to transfer a secret file between two hosts. Machine A: netcat -l -p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234 He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?

Options

  • AMachine A: netcat -l -p -s password 1234 < testfile
  • BMachine A: netcat -l -e magickey -p 1234 < testfile
  • CMachine A: netcat -l -p 1234 < testfile -pw password
  • DUse cryptcat instead of netcat

How the community answered

(57 responses)
  • A
    2% (1)
  • B
    2% (1)
  • C
    7% (4)
  • D
    89% (51)

Why each option

Standard netcat has no built-in encryption capability; cryptcat is the purpose-built variant that adds Twofish encryption to the same netcat-style interface.

AMachine A: netcat -l -p -s password 1234 < testfile

Netcat has no -s flag for password-based encryption; -s in some netcat implementations sets the source address, not a cipher.

BMachine A: netcat -l -e magickey -p 1234 < testfile

The -e flag in netcat executes an external program after connection, not invoke an encryption key; -e magickey is not a valid encryption syntax.

CMachine A: netcat -l -p 1234 < testfile -pw password

Netcat does not support a -pw flag for password-based encryption; this option does not exist in the netcat specification.

DUse cryptcat instead of netcatCorrect

Cryptcat is a modified version of netcat that incorporates the Twofish symmetric cipher to encrypt all data in transit, protecting the stream from network sniffing. Because the syntax mirrors standard netcat, an attacker can simply replace the netcat binary with cryptcat and both endpoints use a shared key to encrypt and decrypt the channel transparently.

Concept tested: Using cryptcat for encrypted netcat file transfer

Source: https://cryptcat.sourceforge.net/

Topics

#netcat#cryptcat#network encryption#file transfer security

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice