Missing response to "cat /bin/echo" command

[morgajp]

The Mirai scanners run the command "cat /bin/echo" in order to determine system architecture, after which the scanner will run a wget command to fetch the mirai malware.

The following response is sufficient to trigger the wget command: '\x7fELF\x01\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x08\x00\x00\x00\x00\x00'

Unfortunately, this string can't be included in the json "commands", since it includes control characters. If you would like to include this functionality, and have an idea for how to include it, I will put it in a pull request. In my local branch I just added a special check for this inside get_busybox_response(), but that is kind of a hacky/ugly solution.

[itamarsher]

Correct me if I'm wrong but can't you just do this - "\\x7fELF\\x01\\x01\\x01\\x03\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\x08\\x00\\x00\\x00\\x00\\x00"

Tested it locally via telnet and I got the correct response (didn't test if with actual Mirai scanner)

[itamarsher]

Solved with pull request #10