From 057636c447e9d80c6a733069fad50c09ddfcf7c3 Mon Sep 17 00:00:00 2001
From: cobbr <ryancobb65@gmail.com>
Date: Sat, 22 Apr 2017 21:37:50 -0500
Subject: [PATCH] Invoke-Obfuscation merged into 2.0_beta

---
 data/agent/stagers/http.ps1                          | 12 ++++++------
 lib/listeners/http.py                                |  4 ++--
 lib/listeners/http_foreign.py                        |  2 +-
 lib/listeners/meterpreter.py                         |  2 +-
 lib/listeners/template.py                            |  2 +-
 .../Out-ObfuscatedTokenCommand.ps1                   |  6 +++---
 6 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/data/agent/stagers/http.ps1 b/data/agent/stagers/http.ps1
index ec35ada..11d0941 100644
--- a/data/agent/stagers/http.ps1
+++ b/data/agent/stagers/http.ps1
@@ -4,20 +4,20 @@ function Start-Negotiate {
     function ConvertTo-RC4ByteStream {
         Param ($RCK, $In)
         begin {
-            [Byte[]] $S = 0..255;
+            [Byte[]] $Str = 0..255;
             $J = 0;
             0..255 | ForEach-Object {
-                $J = ($J + $S[$_] + $RCK[$_ % $RCK.Length]) % 256;
-                $S[$_], $S[$J] = $S[$J], $S[$_];
+                $J = ($J + $Str[$_] + $RCK[$_ % $RCK.Length]) % 256;
+                $Str[$_], $Str[$J] = $Str[$J], $Str[$_];
             };
             $I = $J = 0;
         }
         process {
             ForEach($Byte in $In) {
                 $I = ($I + 1) % 256;
-                $J = ($J + $S[$I]) % 256;
-                $S[$I], $S[$J] = $S[$J], $S[$I];
-                $Byte -bxor $S[($S[$I] + $S[$J]) % 256];
+                $J = ($J + $Str[$I]) % 256;
+                $Str[$I], $Str[$J] = $Str[$J], $Str[$I];
+                $Byte -bxor $Str[($Str[$I] + $Str[$J]) % 256];
             }
         }
     }
diff --git a/lib/listeners/http.py b/lib/listeners/http.py
index 72ec441..31d1565 100644
--- a/lib/listeners/http.py
+++ b/lib/listeners/http.py
@@ -396,7 +396,7 @@ class Listener:
                         randomizedStager += line
             
             if obfuscate:
-                randomizedStager = helpers.obfuscate(randomizedStager, self.mainMenu.installPath, obfuscationCommand=obfuscationCommand)
+                randomizedStager = helpers.obfuscate(randomizedStager, obfuscationCommand=obfuscationCommand)
             # base64 encode the stager and return it
             if encode:
                 return helpers.enc_powershell(randomizedStager)
@@ -483,7 +483,7 @@ class Listener:
             if workingHours != "":
                 code = code.replace('$WorkingHours,', "$WorkingHours = '" + str(workingHours) + "',")
             if obfuscate:
-                code = helpers.obfuscate(code, self.mainMenu.installPath, obfuscationCommand=obfuscationCommand)
+                code = helpers.obfuscate(code, obfuscationCommand=obfuscationCommand)
             return code
 
         elif language == 'python':
diff --git a/lib/listeners/http_foreign.py b/lib/listeners/http_foreign.py
index 8b618de..7ab921a 100644
--- a/lib/listeners/http_foreign.py
+++ b/lib/listeners/http_foreign.py
@@ -458,4 +458,4 @@ def send_message(packets=None):
         """
         Nothing to actually shut down for a foreign listner.
         """
-        pass
\ No newline at end of file
+        pass
diff --git a/lib/listeners/meterpreter.py b/lib/listeners/meterpreter.py
index 5c6c3e8..c330a42 100644
--- a/lib/listeners/meterpreter.py
+++ b/lib/listeners/meterpreter.py
@@ -158,4 +158,4 @@ class Listener:
         """
         Nothing to actually shut down for a foreign listner.
         """
-        pass
\ No newline at end of file
+        pass
diff --git a/lib/listeners/template.py b/lib/listeners/template.py
index 2b84c41..02c057f 100644
--- a/lib/listeners/template.py
+++ b/lib/listeners/template.py
@@ -251,4 +251,4 @@ class Listener:
         #     print helpers.color("[!] Killing listener '%s'" % (self.options['Name']['Value']))
         #     self.threads[self.options['Name']['Value']].kill()
 
-        pass
\ No newline at end of file
+        pass
diff --git a/lib/powershell/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1 b/lib/powershell/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1
index 018c6bb..0ab3061 100644
--- a/lib/powershell/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1
+++ b/lib/powershell/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1
@@ -118,7 +118,7 @@ http://www.danielbohannon.com
         # 'RandomWhitespace' will be manually added last for reasons defined below.
         $ObfuscationChoices  = @()
         $ObfuscationChoices += 'Member'
-        # $ObfuscationChoices += 'Command'
+        $ObfuscationChoices += 'Command'
         $ObfuscationChoices += 'CommandArgument'
         $ObfuscationChoices += 'Variable'
         $ObfuscationChoices += 'Type'
@@ -257,8 +257,8 @@ http://www.danielbohannon.com
             $Counter--
 
             # Set valid obfuscation levels for current token type.
-            # $ValidObfuscationLevels = @(0,1,2,3,4)
-            $ValidObfuscationLevels = @(0,1,2)
+            $ValidObfuscationLevels = @(0,1,2,3,4)
+            
             # If invalid obfuscation level is passed to this function then default to highest obfuscation level available for current token type.
             If($ValidObfuscationLevels -NotContains $ObfuscationLevel) {$ObfuscationLevel = $ValidObfuscationLevels | Sort-Object -Descending | Select-Object -First 1}