test.py

import sys
from qiling import *
from utils import *

class MyPipe():
    def __init__(self):
        self.buf = b''

    def write(self, s):
        self.buf += s

    def read(self, l):
        if l <= len(self.buf):
            ret = self.buf[ : l]
            self.buf = self.buf[l : ]
        else:
            ret = self.buf
            self.buf = ''
        return ret

    def fileno(self):
        return 0

    def show(self):
        pass

    def clear(self):
        pass

    def flush(self):
        pass

    def close(self):
        self.outpipe.close()

i = 0

def incr_count(ql):
    global i
    i += 1

def brute(pas):
    global i
    stdin = MyPipe()

    ql = Qiling(
            ["ch12"],
            "/",
            output="off", # off / debug
            log_file = 'logfile',
            separate_log_file = True,
            stdin=stdin,
            stdout=sys.stdout,
            consolelog = True)

    ql.hook_address(incr_count, result_3)

    #ql.root = False
    #ql.add_fs_mapper('/proc', '/proc')
    stdin.write("{}\n".format(pas).encode())

    ql.run()
    res = i
    i = 0
    return res

alphab_list = [chr(x).encode() for x in range(0x20, 0x7F)]

pas = b""
while True:
    currlen = 1
    print("looped")
    for x in alphab_list:
        l = brute(pas + x)

        if l != currlen:
            print(currlen)
            print(pas)
            #pas += x