Discover Top Posts Tagged with #chatserver

Don't Chat with Ncat Without SSL

I recently blogged about how to set up a lightweight chat server with Ncat, which is the Nmap version of netcat.

But after trying it out, I realized that my connection was probably not encrypted and thus, someone with access to monitor the network running a packet capture at the time my chat messages were sent could see the contents of the messages. Below is an example of running Ncat without encryption.

Here is the ncat chat server:

And here is the client:

And I ran Wireshark on the chat server to capture the conversation:

You can see that the packets were captured and the contents of the conversation are displayed on the bottom right side.

It may not be a super big deal considering someone snooping must be on the network, have access to mirror the port that the traffic is going through and have the packet capture running at the time of the conversation. But nevertheless, I prefer the traffic to be encrypted.

The solution is to enable SSL when starting the chat server. This way, all traffic between hosts will be encrypted, and someone snooping with Wireshark won't get more than a page of a jibberish. Here's an example with SSL enabled.

This is the chat server:

And this is the client side:

And this is the ouptut from the Wireshark packet capture:

As you can see, in the bottom right corner, there isn't any human readable content.

So if you're going to use Ncat as a chat server, its better to throw in the --ssl tag and keep your traffic encrypted.

#encryption #ncat #nmap #chatserver #networking #windows #mac

Chat with ncat

If you've ever Facebook chatted, or g-chatted someone in the same room as you. Its fun at first, and then you can annoy them (or vice versa) without saying a word, and then you both eventually stop and go out to get some food.

But Facebook and Google haven't stopped thinking about your chat. You've gone through their servers, and now they are in possession of your conversation (even though your conversation was probably really silly).

There's got to be a better way. A while back I tried a LAN messenger but it seemed cumbersome to have to load the software on every machine, and load the messenger every time. Once again, there has got to be a better way.

I was doing some research on the NMAP version of netcat called NCAT, to see what I could learn about the tool, and I came across an NCAT flag that said "--chat".

the --chat command didn't do what I wanted it to do, but after a little bit of time, I figured out how to get a lightweight LAN messenger going on my network with 2 machines.

To do this, the first thing you will need is 2 machines with NMAP installed. You can get Nmap from HERE. You will also need the IP address of the machine hosting the chat server.

On the host machine go to the directory with NMAP, if you're on a windows machine its usually located in C:\program files (x86)\Nmap and if you're on a mac go to /Applications/Utilities

Now type:

ncat -l

you've got your chat server running. I think the -l means listening.

On your other machine, type:

ncat <ip address of other machine>

and you have both machines connected to the chat server. To stop the chat server, press crtl + C.

#windows #chat #server #nmap #chatServer #netcat #Ncat