diff options
| author | Dave Hull <dave.hull@tanium.com> | 2017-09-08 16:33:11 -0500 |
|---|---|---|
| committer | Dave Hull <dave.hull@tanium.com> | 2017-09-08 16:33:11 -0500 |
| commit | 6eb3c6f281f0812a103283d1da80be14bb04f944 (patch) | |
| tree | cfe2e46596ef251274e954c267c5634d62991da2 /ScriptModification/Out-EncryptedScript.ps1 | |
| parent | bf652bcd261c2c74445c2aa1b4e283c4bf167109 (diff) | |
| parent | 3d0d32d9ee6af70f0dfd5ecfe809a49a65d6822d (diff) | |
| download | PowerSploit-6eb3c6f281f0812a103283d1da80be14bb04f944.tar.gz PowerSploit-6eb3c6f281f0812a103283d1da80be14bb04f944.zip | |
Merge branch 'dev' of github.com:PowerShellMafia/PowerSploit into dev
Diffstat (limited to 'ScriptModification/Out-EncryptedScript.ps1')
| -rw-r--r-- | ScriptModification/Out-EncryptedScript.ps1 | 42 |
1 files changed, 24 insertions, 18 deletions
diff --git a/ScriptModification/Out-EncryptedScript.ps1 b/ScriptModification/Out-EncryptedScript.ps1 index eba48f7..c24b126 100644 --- a/ScriptModification/Out-EncryptedScript.ps1 +++ b/ScriptModification/Out-EncryptedScript.ps1 @@ -5,11 +5,11 @@ function Out-EncryptedScript Encrypts text files/scripts.
-PowerSploit Function: Out-EncryptedScript
-Author: Matthew Graeber (@mattifestation)
-License: BSD 3-Clause
-Required Dependencies: None
-Optional Dependencies: None
+PowerSploit Function: Out-EncryptedScript
+Author: Matthew Graeber (@mattifestation)
+License: BSD 3-Clause
+Required Dependencies: None
+Optional Dependencies: None
.DESCRIPTION
@@ -36,7 +36,8 @@ is randomly generated by default. .EXAMPLE
-C:\PS> Out-EncryptedScript .\Naughty-Script.ps1 password salty
+$Password = ConvertTo-SecureString 'Password123!' -AsPlainText -Force
+Out-EncryptedScript .\Naughty-Script.ps1 $Password salty
Description
-----------
@@ -48,10 +49,10 @@ function 'de' and the base64-encoded ciphertext. .EXAMPLE
-C:\PS> [String] $cmd = Get-Content .\evil.ps1
-C:\PS> Invoke-Expression $cmd
-C:\PS> $decrypted = de password salt
-C:\PS> Invoke-Expression $decrypted
+[String] $cmd = Get-Content .\evil.ps1
+Invoke-Expression $cmd
+$decrypted = de password salt
+Invoke-Expression $decrypted
Description
-----------
@@ -64,34 +65,39 @@ unencrypted script is called via Invoke-Expression This command can be used to encrypt any text-based file/script
#>
- [CmdletBinding()] Param (
+ [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSShouldProcess', '')]
+ [CmdletBinding()]
+ Param (
[Parameter(Position = 0, Mandatory = $True)]
[String]
$ScriptPath,
-
+
[Parameter(Position = 1, Mandatory = $True)]
- [String]
+ [Security.SecureString]
$Password,
-
+
[Parameter(Position = 2, Mandatory = $True)]
[String]
$Salt,
-
+
[Parameter(Position = 3)]
[ValidateLength(16, 16)]
[String]
- $InitializationVector = ((1..16 | % {[Char](Get-Random -Min 0x41 -Max 0x5B)}) -join ''),
-
+ $InitializationVector = ((1..16 | ForEach-Object {[Char](Get-Random -Min 0x41 -Max 0x5B)}) -join ''),
+
[Parameter(Position = 4)]
[String]
$FilePath = '.\evil.ps1'
)
+ $TempCred = New-Object System.Management.Automation.PSCredential('a', $Password)
+ $PlaintextPassword = $TempCred.GetNetworkCredential().Password
+
$AsciiEncoder = New-Object System.Text.ASCIIEncoding
$ivBytes = $AsciiEncoder.GetBytes($InitializationVector)
# While this can be used to encrypt any file, it's primarily designed to encrypt itself.
[Byte[]] $scriptBytes = Get-Content -Encoding Byte -ReadCount 0 -Path $ScriptPath
- $DerivedPass = New-Object System.Security.Cryptography.PasswordDeriveBytes($Password, $AsciiEncoder.GetBytes($Salt), "SHA1", 2)
+ $DerivedPass = New-Object System.Security.Cryptography.PasswordDeriveBytes($PlaintextPassword, $AsciiEncoder.GetBytes($Salt), "SHA1", 2)
$Key = New-Object System.Security.Cryptography.TripleDESCryptoServiceProvider
$Key.Mode = [System.Security.Cryptography.CipherMode]::CBC
[Byte[]] $KeyBytes = $DerivedPass.GetBytes(16)
|