Sometimes you just need a quick and dirty “secure” chat. Secure meaning it’s not terribly easy to eavesdrop on the conversation. Well lucky for us nmap comes with ncat. Directly from it’s website:
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was written for the Nmap Project as a much-improved reimplementation of the venerable Netcat. It uses both TCP and UDP for communication and is designed to be a reliable back-end tool to instantly provide network connectivity to other applications and users. Ncat will not only work with IPv4 and IPv6 but provides the user with a virtually limitless number of potential uses.
Among Ncat’s vast number of features there is the ability to chain Ncats together, redirect both TCP and UDP ports to other sites, SSL support, and proxy connections via SOCKS4 or HTTP (CONNECT method) proxies (with optional proxy authentication as well). Some general principles apply to most applications and thus give you the capability of instantly adding networking support to software that would normally never support it.
Sounds just like what we need. Let’s get it working:
We generate the needed cert(more openssl tricks here: openssl tricks):
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out mycert.pem
We get it’s fingerprint:
openssl x509 -noout -in mycert.pem -fingerprint
We set ncat up to be the secure chat server we want it to be:
ncat -v -l –chat –allow 127.0.0.1,10.0.3.8 –ssl –ssl-key mycert.pem –ssl-cert mycert.pem 1080
The process to actually chat is very easy, transfer the fingerprint to your buddies with an out-of-bound channel and have your buddies run ncat like this and then verify the fingerprint before typing any text:
ncat -v –ssl 10.0.3.7 1080
You also need to connect to the server yourself or your buddies won’t be able to see your messages. If you just need an one-on-one chat, remove the –chat option.
The options are kinda self explanatory, but here is the quick overview:
-v = verbose
-l = listen mode
–chat = chat server mode, multi-user with user prefixes
–allow = the ip addresses allowed to connect
–ssl = use ssl
–ssl-key = needed for ssl
–ssl-cert = needed for ssl
- ncat chat guide
- ncat general guide
Do not use this for really sensitive conversations, use this only at your own risk and as always think before using.