Home
Cryptcat Project License Sourceforge
Credits
cryptcat = netcat + encryption
Cryptcat is the standard netcat enhanced with twofish encryption by farm9. netcat was origianally written by the l0pht (hobbit and weld pond).
Note that the L0pht has information on their copyrights covering netcat. See the 'hobbit.txt' file for that information.
Twofish is courtesy of counterpane, and cryptix. We started with the Java version of twofish from cryptix, converted it to C++ (don't ask why), and enhanced it by adding CBC mode and the ciphertext stealing technique from Applied Cryptography (pg. 196)
License
Cryptcat is licensed under the the GNU General Public License, Version 2 or later (GPLv2) in conformance with the original NetCat license.
How do you use it?
Machine A: cryptcat -l -p 1234 < testfileMachine B: cryptcat <machine A IP> 1234
This is identical to the normal netcat options for doing exactly the same thing. However, in this case the data transferred is encrypted.
Is it Really Secure?
Not if you know the secret key, which is hardcoded to be "metallica" (use the -k option to change this key)
CERT
There is a CERT vulnerability released on CryptCat for NT. The release comes with a precompiled binary which has a gaping security hole in the '-e' option.
CERT/CC Vulnerability Note VU#165099
The included binary is compiled with the compile time option "GAPING_SECURITY_HOLE" to allow the '-e' option to work.
This option is intended to allow CryptCat to be used as an encrypting tunnel for a spawn'd binary. Unfortunately, this does not work on NT! The pipe is opened, but I/O is not encrypted. There is no workaround.
Changes
Thanks for the contributions: linux 7.0 build fixes, tricky bug fixes, -k option, OpenBSD/FreeBSD compiles, directory friendly zips & tars, including MSVC++ makes.
Since release alot of people have been submitting changes (many times for the same thing). I've been doing my best to keep up, we are trying to get this up on sourceforge, but there seems to be some sort of "approval" process that makes it unclear if that will actually happen.
So, if you have submitted something, and its not here, let me know. If you've submitted a change, and its here with someone else's name, that just means someone else got the same change in before you.
If you have a change, drop a line to info@farm9.org.
Contributors
The following individuals have made significant contributions to Cryptcat:
| Hobbit | Developed netcat |
| Weld Pond | First windows port |
| Jo Johansen | netcat -> Cryptcat |
| Dan F | ? |
| Jeff Nathan | Windows version |
| Matt W | ? |
| Frank Knobbe | ? |
| Dragos | FreeBSD version |
| Bill Weiss | ? |
| Jimmy ? | ? |
Thanks for the contributions: linux 7.0 build fixes, tricky bug fixes, -k option, OpenBSD/FreeBSD compiles, directory friendly zips & tars, including MSVC++ makes.