#!/usr/bin/env python3
+from argparse import ArgumentParser
import binascii
import os
import struct
import sys
+import telnetlib
from elftools.elf.elffile import ELFFile
import keystone
+parser = ArgumentParser(prog=sys.argv[0])
+parser.add_argument('--host', action='store', default='localhost', help='target host')
+parser.add_argument('--port', type=int, default=1337, help='target port')
+args = parser.parse_args()
+
+HOST = args.host
+PORT = args.port
+
+
FILENAME = 'tiny_backdoor_v1'
prolog_asm = b'push rbp; mov rbp, rsp; sub rsp, 0x10'
key = xor(ct, pt)
print("[+] recovered key: {}".format(binascii.hexlify(key)),
file=sys.stderr)
- os.write(1, key)
+ # os.write(1, key)
+ t = telnetlib.Telnet(HOST, PORT)
+ t.write(key)
+ print(t.read_all().decode())
if __name__ == '__main__':