0

I have two lab machines, one Kali and one Windows 10. Netcat is running on both and both are communicating successfully. If I create a simple text file I can transfer the file from Kali onto Windows no problem. However, if I run the following commands:

[on windows] nc -nlvp 4444 > incoming.exe
[on kali] nc -nv 10.11.0.22 4444 < /usr/share/windows-resources/binaries/wget.exe

And then try to execute incoming.exe on the Windows host (through Powershell) I get:

Program 'incoming.exe' failed to run: The specified executable is not a valid application for this OS platform.

Just in case, I tried to send over executables that for sure work on the Windows machine and it still showed the same message. What's weird is that the size of the executable is approximately doubled from what it is in Kali. In fact it seems that even the text files double in size once transferred to Windows. What could the issue be?

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
trallgorm
  • 875
  • 7
  • 19
  • 1
    I've tried to make it more clear which command you run on which platform. Hope that I've understood your question correctly. – Steffen Ullrich Dec 10 '20 at 04:45
  • 2
    There's no inherent reason why this should not work. I've used nc to transfer many binary files, and the hashes has turned out identically so far. Have you tried comparing to see how the files differ? – vidarlo Dec 10 '20 at 06:50
  • I'm suspicious of your *Windows netcat* . Often various Windows malware scanners have considered netcat to be malware. I suggest testing between Kali and Kali. If that works normally then replace your Windows netcat. (You may need to whitelist it in your Windows malware scanner.) – user10216038 Dec 10 '20 at 17:30
  • Since it turns out that the problem was not with nc but with Powershell, I'm closing as off-topic. – schroeder Dec 11 '20 at 11:37

2 Answers2

2

The "doubling in size" to me smells like Unicode encoding at work. Does your Windows netcat have any option for binary only transfer?

To verify, does the text on Linux remain readable and apparently identical, but become _t_e_x_t (_ representing a 00 hex) if you look at it with a binary editor, on Windows?

From your comments, "a simple text file I can transfer the file from Kali onto Windows no problem" and "In fact it seems that even the text files double in size once transferred", it looks as if the text remains readable and apparently identical if you open it on Windows, and yet its size changes. In my experience, if it changes by very little (one character every row) that's linefeed encoding, if it doubles straight then it's two-byte encoding on Windows.

LSerni
  • 22,521
  • 4
  • 51
  • 60
0

It could be an encoding issue as LSerni pointed out but the fix was actually rather simple. Instead of using PowerShell (which I was using to run the commands before) I actually just needed to run it through CMD. Unclear as to why it works differently in PowerShell, I'm guessing the redirect does some sort of conversion.

trallgorm
  • 875
  • 7
  • 19
  • ... you never mentioned that you were using Powershell. That's a vital piece of context ... Powershell encodes... – schroeder Dec 11 '20 at 07:46