I just started using ncat, and playing around with simple HTTP requests, I came across the following:
Starting ncat and typing a two-line get request works fine:
$ ncat 192.168.56.20 80
GET / HTTP/1.1
Host: 192.168.56.20
HTTP/1.1 200 OK
If however the request gets echoed to ncat, it apparently breaks somewhere:
$ echo 'GET / HTTP/1.1\nHost: 192.168.56.20' | ncat 192.168.56.20 80
HTTP/1.1 400 Bad Request
I don't get it.
The \n in the string is sent literally. Use echo -e to enable interpretation of backslash escapes. Also, the newline sequence for HTTP 1.1 is \r\n (CRLF). And the header section ends with an additional end-of-line.
Try:
echo -e 'GET / HTTP/1.1\r\nHost: 192.168.56.20\r\n\r\n' | ncat 192.168.56.20 80
Alternatively, the ncat has the option to convert new lines to CRLF:
-C, --crlf Use CRLF for EOL sequence
Hence, you can write:
echo -e 'GET / HTTP/1.1\nHost: 192.168.56.20\n\n' | ncat -C 192.168.56.20 80
and you should get the same result.