import sys
import socket
import binascii

 
def encrypt(data):
    xorKey = 0xab
    k = 0
    result = "" + chr(xorKey ^ ord(data[0]))
    for i in range(1,len(data)):
        result += chr(ord(result[i-1]) ^ ord(data[i]) ^ (i-1))
    return result
    
HOST = sys.argv[1]
PORT = 5631              
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST, PORT))

s.send("\x00\x00\x00\x00") #initial hello
buf = s.recv(1024)
print buf
print binascii.hexlify(buf) #here we get "press enter" or whatever
 

#s.send("\x6f\x06\xfe") #from wshark , \xfe means high grade encryption
s.send("\x6f\x06\xff") # downgrade into legacy mode
buf = s.recv(1024)
print binascii.hexlify(buf)
 
#s.send("\x6f\x61\xff\x09\x00\x07\x00\x00\x01\xff\x00\x00\x07\x00") #from wshark
s.send("\x6f\x61\x00\x09\x00\xfe\x00\x00\xff\xff\x00\x00\x00\x00") #from
buf = s.recv(1024)
#print buf
print binascii.hexlify(buf)
#s.send("\x6f\x62\x00\x02\x00\x00\x00") #wshark
s.send("\x6f\x62\x01\x02\x00\x00\x00") #from
buf = s.recv(1024) # here we get "enter username" or whatever
privKey = buf
#pubExp = 
print buf
print binascii.hexlify(buf)
#
# just figure out the "encryption"  algo 
#
username = "username"
password = "password"
s.send("\x06" + chr(len(username))+encrypt(username)) #send username
buf = s.recv(1024) # 
print buf
print binascii.hexlify(buf)
raw_input()
s.send("\x06" + chr(len(password))+encrypt(password)) #send password
buf = s.recv(1024) # 
if buf.find("Invalid login.") == -1:
    print "Login successfull!"
else:
    print "Failed"
    print buf
    print binascii.hexlify(buf)
s.close()