Cleaned up Encrypt-Script coment-based help

1 files changed, 56 insertions, 35 deletions

diff --git a/Encrypt-Script.ps1 b/Encrypt-Script.ps1
index 67a0b24..b9b0b78 100644
--- a/Encrypt-Script.ps1
+++ b/Encrypt-Script.ps1
@@ -1,56 +1,77 @@
 function Encrypt-Script {

 

 <#

-.Synopsis

+.SYNOPSIS

 

- PowerSploit Module - Encrypt-Script

- Author: Matthew Graeber (@mattifestation)

- License: BSD 3-Clause

+    PowerSploit Module - Encrypt-Script

+    Author: Matthew Graeber (@mattifestation)

+    License: BSD 3-Clause

  

-.Description

+.DESCRIPTION

 

- Encrypt-Script will encrypt a script (or any text file for that matter)

- and output the results to a minimally obfuscated script - evil.ps1.

+    Encrypt-Script will encrypt a script (or any text file for that matter) and output the results to a minimally obfuscated script - evil.ps1.

  

-.Parameter ScriptPath

+.PARAMETER ScriptPath

 

- Path to this script

+    Path to this script

  

-.Parameter Password

+.PARAMETER Password

 

- Password to encrypt/decrypt the script

+    Password to encrypt/decrypt the script

  

-.Parameter Salt

+.PARAMETER Salt

 

- Salt value for encryption/decryption. This can be any string value.

+    Salt value for encryption/decryption. This can be any string value.

  

-.Example

+.EXAMPLE

 

- PS> Encrypt-Script .\Naughty-Script.ps1 password salty

+    C:\PS> Encrypt-Script .\Naughty-Script.ps1 password salty

  

- Description

- -----------

- Encrypt the contents of this file with a password and salt. This will make analysis of the

- script impossible without the correct password and salt combination. This command will

- generate evil.ps1 that can dropped onto the victim machine. It only consists of a

- decryption function 'de' and the base64-encoded ciphertext.

-

- Note: This command can be used to encrypt any text-based file/script

+    Description

+    -----------

+    Encrypt the contents of this file with a password and salt. This will make analysis of the script impossible without the correct password and salt combination. This command will generate evil.ps1 that can dropped onto the victim machine. It only consists of a decryption function 'de' and the base64-encoded ciphertext.

+

 .Example

- C:\PS>[String] $cmd = Get-Content .\evil.ps1

- C:\PS>Invoke-Expression $cmd

- C:\PS>$decrypted = de password salt

- C:\PS>Invoke-Expression $decrypted

+

+    C:\PS> [String] $cmd = Get-Content .\evil.ps1

+    C:\PS> Invoke-Expression $cmd

+    C:\PS> $decrypted = de password salt

+    C:\PS> Invoke-Expression $decrypted

+    

+    Description

+    -----------

+    This series of instructions assumes you've already encrypted a script and named it evil.ps1. The contents are then decrypted and the unencrypted script is called via Invoke-Expression

+

+.NOTES

+

+    This command can be used to encrypt any text-based file/script

  

-.Link

+.LINK

 

- My blog: http://www.exploit-monday.com

+    http://www.exploit-monday.com

 #>

 

-Param (

-    [Parameter(Position = 0, Mandatory = $True)] [String] $ScriptPath,

-    [Parameter(Position = 1, Mandatory = $True)] [String] $Password,

-    [Parameter(Position = 2, Mandatory = $True)] [String] $Salt

+Param

+(

+    [Parameter(Position = 0, Mandatory = $True)]

+    [String]

+    $ScriptPath,

+    

+    [Parameter(Position = 1, Mandatory = $True)]

+    [String]

+    $Password,

+    

+    [Parameter(Position = 2, Mandatory = $True)]

+    [String]

+    $Salt,

+    

+    [Parameter(Position = 3)]

+    [String]

+    $InitializationVector = ( @( foreach ($i in 1..16) { [Char](Get-Random -Min 0x41 -Max 0x5B) } ) -join '' ), # Generate random 16 character IV

+    

+    [Parameter(Position = 4)]

+    [String]

+    $FilePath = '.\evil.ps1'

 )

 

 $AsciiEncoder = New-Object System.Text.ASCIIEncoding

@@ -98,8 +119,8 @@ return $encoding.GetString($h,0,$h.Length);
 }'

 

 # Output decrypt function and ciphertext to evil.ps1

-Out-File -InputObject $Output -Encoding ASCII .\evil.ps1

+Out-File -InputObject $Output -Encoding ASCII $FilePath

 

-Write-Host "Encrypted PS1 file saved to: $(Resolve-Path .\evil.ps1)"

+Write-Host "Encrypted PS1 file saved to: $(Resolve-Path $FilePath)"

 

 }