Invoke-Obfuscation merged into 2.0_beta

data/agent/stagers/http.ps1

@@ -4,20 +4,20 @@ function Start-Negotiate {
     function ConvertTo-RC4ByteStream {
         Param ($RCK, $In)
         begin {
-            [Byte[]] $S = 0..255;
+            [Byte[]] $Str = 0..255;
             $J = 0;
             0..255 | ForEach-Object {
-                $J = ($J + $S[$_] + $RCK[$_ % $RCK.Length]) % 256;
-                $S[$_], $S[$J] = $S[$J], $S[$_];
+                $J = ($J + $Str[$_] + $RCK[$_ % $RCK.Length]) % 256;
+                $Str[$_], $Str[$J] = $Str[$J], $Str[$_];
             };
             $I = $J = 0;
         }
         process {
             ForEach($Byte in $In) {
                 $I = ($I + 1) % 256;
-                $J = ($J + $S[$I]) % 256;
-                $S[$I], $S[$J] = $S[$J], $S[$I];
-                $Byte -bxor $S[($S[$I] + $S[$J]) % 256];
+                $J = ($J + $Str[$I]) % 256;
+                $Str[$I], $Str[$J] = $Str[$J], $Str[$I];
+                $Byte -bxor $Str[($Str[$I] + $Str[$J]) % 256];
             }
         }
     }

lib/listeners/http.py

@@ -396,7 +396,7 @@ class Listener:
                         randomizedStager += line
             
             if obfuscate:
-                randomizedStager = helpers.obfuscate(randomizedStager, self.mainMenu.installPath, obfuscationCommand=obfuscationCommand)
+                randomizedStager = helpers.obfuscate(randomizedStager, obfuscationCommand=obfuscationCommand)
             # base64 encode the stager and return it
             if encode:
                 return helpers.enc_powershell(randomizedStager)
@@ -483,7 +483,7 @@ class Listener:
             if workingHours != "":
                 code = code.replace('$WorkingHours,', "$WorkingHours = '" + str(workingHours) + "',")
             if obfuscate:
-                code = helpers.obfuscate(code, self.mainMenu.installPath, obfuscationCommand=obfuscationCommand)
+                code = helpers.obfuscate(code, obfuscationCommand=obfuscationCommand)
             return code
 
         elif language == 'python':

lib/listeners/http_foreign.py

@@ -458,4 +458,4 @@ def send_message(packets=None):
         """
         Nothing to actually shut down for a foreign listner.
         """
-        pass
+        pass

lib/listeners/meterpreter.py

@@ -158,4 +158,4 @@ class Listener:
         """
         Nothing to actually shut down for a foreign listner.
         """
-        pass
+        pass

lib/listeners/template.py

@@ -251,4 +251,4 @@ class Listener:
         #     print helpers.color("[!] Killing listener '%s'" % (self.options['Name']['Value']))
         #     self.threads[self.options['Name']['Value']].kill()
 
-        pass
+        pass

lib/powershell/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1

@@ -118,7 +118,7 @@ http://www.danielbohannon.com
         # 'RandomWhitespace' will be manually added last for reasons defined below.
         $ObfuscationChoices  = @()
         $ObfuscationChoices += 'Member'
-        # $ObfuscationChoices += 'Command'
+        $ObfuscationChoices += 'Command'
         $ObfuscationChoices += 'CommandArgument'
         $ObfuscationChoices += 'Variable'
         $ObfuscationChoices += 'Type'
@@ -257,8 +257,8 @@ http://www.danielbohannon.com
             $Counter--
 
             # Set valid obfuscation levels for current token type.
-            # $ValidObfuscationLevels = @(0,1,2,3,4)
-            $ValidObfuscationLevels = @(0,1,2)
+            $ValidObfuscationLevels = @(0,1,2,3,4)
+            
             # If invalid obfuscation level is passed to this function then default to highest obfuscation level available for current token type.
             If($ValidObfuscationLevels -NotContains $ObfuscationLevel) {$ObfuscationLevel = $ValidObfuscationLevels | Sort-Object -Descending | Select-Object -First 1}