Merged with master

websockets-multiuser
xorrior 2017-10-12 12:15:44 -04:00
commit 4aea7272f0
18 changed files with 128 additions and 259 deletions

View File

@ -14,18 +14,24 @@ Running
- Improved ScriptBlock logging bypasses #740 @cobbr_io
- Slack Integration - Notification for new Agents #737 @dchrastil
- Improve Get-ChromeDump #734 @ThePirateWhoSmellsOfSunFlowers
- Fix Eternal Blue Issue #656
- Merge Invoke-Kerberoast: Print hashes only. Formatting with a text editor is no longer required. #663
- Fix Macro syntax error per @utkusen issue #664
- Fix Better powershell install, obfuscation bug fixes, fixed vbs/macro launchers #686 @cobbr
- Fix creds manual add parsing with whitespace in password
- Fix validate length parameter attribute for Invoke-PSInject.ps1d
8/28/2017
--------
- Version 2.1 Master Release
-Add get schwifty trollsploit module @424f424f
-Add -sta flag to launcher @xorrior
-Fixed hardoced cert path @xorrior
-Fixed hardcoded cert path @xorrior
-Fix for #567
-Merge Capture OSX credentials from Prompt Module in Empire DB @malcomvetter.
-Rest Api fixups #526 @byt3bl33d3r
-Rest API fixups #526 @byt3bl33d3r
-Added MS16-135 exploit module @ThePirateWhoSmellsOfSunflowers
-Updated Bloodhound Ingestion module @rvrsh3ll
-Updated Bloodhound Ingestion module @424f424f
-Added Dropbox exfil module @ktevora1
-Added EternalBlue module @ktevora1
-Fix SSL certificate issue with Flask @diskonnect
@ -37,7 +43,7 @@ Running
-Add SandboxMode to evade Apple Sandbox protection on applescript #578 @dchrastil
-Add Obfuscated Empire #597 @cobbr
-Add Bypass ScriptBlock Logging #603 @cobbr
-Add mimipenguin module @rvrsh3ll
-Add mimipenguin module @424f424f
-Add dyld_print_to_file Mac privesc @checkyfuntime
-Added manual proxy specifications @xorrior
-Fix libssl-dev and libssl1.0.0 packages @xorrior

View File

@ -1,46 +0,0 @@
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDT8qCR+GR2lVKG
M6G7pABaOIfCQKvzO3eckz8q+jVq2HgI34AvIg4tctgEnh4r1euxKtMkkSRmvedT
zZgPKh0UaEjROs5rIbXeRhqE7Ey6oVXcJG7DLYZ/Awk1G3Yi+TmtzRGGfE3VJ61O
V+gzTH2Q7jayFF1sNdpBk2Rs4I2VU46k/UWyHnPzIxbPlkBa5D/LiPnI+/b6qpqk
p/fsvewb6Xqb3PujemF+y/4jiHDtE9KicgxDh9u3niTi8Bg7fOWfBbhMaGIzITkK
WFXpJe9feDqxhoys5qUh8hfccFdNXz6QCBZiw5COq6s8ybimOBrmEs09IdGZi86T
bwGOQI3XAgMBAAECggEBANNjZiqwJuLuw0P+MwzG4WMahqyDe/w4D3AmnBXtP2G1
TOLspxhbSvChXjocydLGpTAqmjQaXsfqF9JJd6OISUCVUir8D+xhztZF7SUt2Mk7
KDtMSvx3Z3E+Qeyp2wW+tHxXz2bmi2pRDFTa8EhZvdLTA9JQ5WyLuYc1zi+ZNxz6
SzybS0Th9RJT0crPuhxEHxAN50pc61trRnI2YHYTaW4ArRbNFXImqRLsU9l9h9kz
VVlVoP9oIJos2a40Osi3Du+6tmVFWcs9+fxxNnY1sfVrAVk6nHI40Vln4Ul+BZyo
ZP8SMnxI9NoSMJahymjkcZad3tbwgvjq+yaQck1alGECgYEA/V14iLkCJoUK6dmU
zhR8p3Pycxy19s0CSSqPYvvnENfxarimOHW6nIMu0eDMXLVnIHAXsr81zWkeh4eP
GPEUSqclGwkXp4yHirMtoTFWhbo16QMSEFBKUHmwNJNSzScLR5jRGgVJapXr+qsN
WNlR3ifF+Ki6f87io9u8/rwUut0CgYEA1ibkSUs2POa0UcAXtE7G/Rsc7aEuVo9b
U+I5uIhMvveKm0Ff2oo1yQzDSxmjFhYzBeXsBQ6Jy796EcaLFpUc9H08kOsJq9gP
JAfSMljLasrqqAQ6J37CAmbEqHQ3MEdEFqUIk6Cf0iVmphXexd7LaDx2IuAy5Kfn
3MXH4KVo3kMCgYA2Yv4guzYO9rglAqPCqPspJuaAd0VIOTGoaw5kfRZYs0ILWp+z
tvHb7vz56Ht12yrL98PehtURxuLazOqWvAlTDRYV+5msSao+x7+fvmuIQTSZVCNo
hROuurBsWMOJbjwpnlAkecYMryn8oQM4c03zli4U9oMyNELKUbz8IXuBsQKBgQC0
4/klKBDSdJWQEFB1j61qEsLmvqVjnIgqXQcgppEdJf/AkQIkmWZBQzSbdTZa67mB
m+s3gkZHAqBb73eBRcdFhZvpVX+/1itD5g9ZU8PPm0OHVLrCrcG3QZOQL0qGz0vm
TNTnzl/xpIIGfKbGQSFUFO49G2Ah4Oprg+0IBvCD/QKBgQCZcIjPZDWMIRg/Q4Fj
ypUb59p8wCQHMuZNwuxRTwjQkAp3xpqYNIBafHSlPzNf8BWzx+orsLnh6RJbA8uB
9++4Wu01u4JofuGdVqN73AJBx8eQEJkJsPNEwxSv4Swzwkw5mGkqi5UzPFMlwwQi
DIF8+rA64PoZDIUB3UkV0i70ng==
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIC8DCCAdigAwIBAgIJAIVXuX8kX4CxMA0GCSqGSIb3DQEBCwUAMA0xCzAJBgNV
BAYTAlVTMB4XDTE3MDUxNzA1NDkxNVoXDTE4MDUxNzA1NDkxNVowDTELMAkGA1UE
BhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT8qCR+GR2lVKG
M6G7pABaOIfCQKvzO3eckz8q+jVq2HgI34AvIg4tctgEnh4r1euxKtMkkSRmvedT
zZgPKh0UaEjROs5rIbXeRhqE7Ey6oVXcJG7DLYZ/Awk1G3Yi+TmtzRGGfE3VJ61O
V+gzTH2Q7jayFF1sNdpBk2Rs4I2VU46k/UWyHnPzIxbPlkBa5D/LiPnI+/b6qpqk
p/fsvewb6Xqb3PujemF+y/4jiHDtE9KicgxDh9u3niTi8Bg7fOWfBbhMaGIzITkK
WFXpJe9feDqxhoys5qUh8hfccFdNXz6QCBZiw5COq6s8ybimOBrmEs09IdGZi86T
bwGOQI3XAgMBAAGjUzBRMB0GA1UdDgQWBBRietD7PGv5ivWBLRJMyra4elWlLjAf
BgNVHSMEGDAWgBRietD7PGv5ivWBLRJMyra4elWlLjAPBgNVHRMBAf8EBTADAQH/
MA0GCSqGSIb3DQEBCwUAA4IBAQCOU0aqgYba7aD7/7pV3rZrTFC+kwUs3TZ0/xWi
CZA8aN5+TRQDdvOUM1fqyJx5Y7uv+V9gafHwJAc7FZ9643zS6Zt0I2eUrbP9dmg7
sj8u19Isdy0EetDGXeyA7r+BRUSkFpKbXZYWE7rUr7t3QkROyGbU2ebEE/S2RnBc
A+/d7waKqIyu7wlmcP2jUgQjiwDiWJAuGeb9gJGsTjCj1I4z6rk6/xpnXV70ovG7
jUNm6tOTkxB5pgEel/2gHs/KZVld9gYSoh5GnJWtlFQYvZGaMEK419hfTMElLoQY
8JL+XvYxkA/4+zXtQS3ZgslAAZlh96Nx8SU8QWJ4qJ2jYQJg
-----END CERTIFICATE-----

19
empire
View File

@ -4,11 +4,17 @@ import sqlite3, argparse, sys, argparse, logging, json, string
import os, re, time, signal, copy, base64, pickle
from flask import Flask, request, jsonify, make_response, abort, url_for
from time import localtime, strftime, sleep
<<<<<<< HEAD
import hashlib
from OpenSSL import SSL
from Crypto.Random import random
import ssl
=======
from OpenSSL import SSL
from Crypto.Random import random
import ssl
>>>>>>> master
# Empire imports
from lib.common import empire
from lib.common import helpers
@ -200,7 +206,6 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
# suppress all stdout and don't initiate the main cmdloop
sys.stdout = open(os.devnull, 'w')
# validate API token before every request except for the login URI
@app.before_request
def check_token():
@ -1221,7 +1226,10 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
signal.signal(signal.SIGINT, signal.default_int_handler)
sys.exit()
<<<<<<< HEAD
=======
>>>>>>> master
try:
signal.signal(signal.SIGINT, signal_handler)
except ValueError:
@ -1234,7 +1242,6 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
app.run(host='0.0.0.0', port=int(port), ssl_context=context, threaded=True)
if __name__ == '__main__':
parser = argparse.ArgumentParser()
@ -1267,7 +1274,11 @@ if __name__ == '__main__':
print empire.VERSION
elif args.rest:
<<<<<<< HEAD
# start an Empire instance and RESTful API
=======
# start an Empire instance and RESTful API
>>>>>>> master
main = empire.MainMenu(args=args)
def thread_api(empireMenu):
while serverExitCommand == 'restart':
@ -1290,7 +1301,11 @@ if __name__ == '__main__':
start_restful_api(empireMenu=main, suppress=True, username=args.username, password=args.password, port=args.restport)
except SystemExit as e:
pass
<<<<<<< HEAD
=======
>>>>>>> master
else:
# normal execution
main = empire.MainMenu(args=args)

View File

@ -371,7 +371,7 @@ def parse_credentials(data):
if parts[0].startswith("Hostname:"):
return parse_mimikatz(data)
# collection/prompt output
# powershell/collection/prompt output
elif parts[0].startswith("[+] Prompted credentials:"):
parts = parts[0].split("->")
@ -392,6 +392,13 @@ def parse_credentials(data):
print color("[!] Error in parsing prompted credential output.")
return None
# python/collection/prompt (Mac OS)
elif "text returned:" in parts[0]:
parts2 = parts[0].split("text returned:")
if len(parts2) >= 2:
password = parts2[-1]
return [("plaintext", "", "", password, "", "")]
else:
return None

View File

@ -13,7 +13,6 @@ import pickle
import hashlib
import copy
class Listeners:
"""
Listener handling class.

View File

@ -7,7 +7,6 @@ import time
import copy
from pydispatch import dispatcher
from flask import Flask, request, make_response
import pdb
# Empire imports
from lib.common import helpers
from lib.common import agents

View File

@ -263,6 +263,7 @@ class Listener:
uris = [a.strip('/') for a in profile.split('|')[0].split(',')]
stagingKey = listenerOptions['StagingKey']['Value']
host = listenerOptions['Host']['Value']
workingHours = listenerOptions['WorkingHours']['Value']
folder = listenerOptions['Folder']['Value']
if language.lower() == 'powershell':
@ -325,6 +326,7 @@ class Listener:
lostLimit = listenerOptions['DefaultLostLimit']['Value']
killDate = listenerOptions['KillDate']['Value']
folder = listenerOptions['Folder']['Value']
workingHours = listenerOptions['WorkingHours']['Value']
b64DefaultResponse = base64.b64encode(self.default_response())
if language == 'powershell':

View File

@ -77,7 +77,7 @@ class Module:
if option in self.options:
self.options[option]['Value'] = value
def generate(self):
def generate(self, obfuscate=False, obfuscationCommand=""):
# read in the common module source code
moduleSource = self.mainMenu.installPath + "/data/module_source/exploitation/Exploit-EternalBlue.ps1"

View File

@ -1,5 +1,6 @@
import os
from lib.common import helpers
import pdb
class Module:

View File

@ -73,7 +73,7 @@ class Module:
self.options[option]['Value'] = value
def generate(self):
def generate(self, obfuscate=False, obfuscationCommand=""):
moduleSource = self.mainMenu.installPath + "/data/module_source/privesc/Invoke-MS16135.ps1"
try:
@ -101,5 +101,6 @@ class Module:
script += 'Invoke-MS16135 -Command "' + launcherCode + '"'
script += ';`nInvoke-MS16135 completed.'
if obfuscate:
script = helpers.obfuscate(psScript=script, obfuscationCommand=obfuscationCommand)
return script

View File

@ -1,137 +0,0 @@
from lib.common import helpers
class Module:
def __init__(self, mainMenu, params=[]):
# metadata info about the module, not modified during runtime
self.info = {
# name for the module that will appear in module menus
'Name': 'ls',
# list of one or more authors for the module
'Author': ['@xorrior'],
# more verbose multi-line description of the module
'Description': ('List contents of a directory'),
# True if the module needs to run in the background
'Background': False,
# File extension to save the file as
# no need to base64 return data
'OutputExtension': None,
'NeedsAdmin' : False,
# True if the method doesn't touch disk/is reasonably opsec safe
'OpsecSafe': True,
# the module language
'Language' : 'python',
# the minimum language version needed
'MinLanguageVersion' : '2.6',
# list of any references/other comments
'Comments': [
'Link:',
'http://stackoverflow.com/questions/17809386/how-to-convert-a-stat-output-to-a-unix-permissions-string'
]
}
# any options needed by the module, settable during runtime
self.options = {
# format:
# value_name : {description, required, default_value}
'Agent': {
# The 'Agent' option is the only one that MUST be in a module
'Description' : 'Agent to run the module.',
'Required' : True,
'Value' : ''
},
'Path': {
'Description' : 'Path. Defaults to the current directory. This module is mainly for organization. The alias \'ls\' can be used at the agent menu.',
'Required' : True,
'Value' : '.'
}
}
# save off a copy of the mainMenu object to access external functionality
# like listeners/agent handlers/etc.
self.mainMenu = mainMenu
# During instantiation, any settable option parameters
# are passed as an object set to the module and the
# options dictionary is automatically set. This is mostly
# in case options are passed on the command line
if params:
for param in params:
# parameter format is [Name, Value]
option, value = param
if option in self.options:
self.options[option]['Value'] = value
def generate(self, obfuscate=False, obfuscationCommand=""):
filePath = self.options['Path']['Value']
filePath += '/'
script = """
try:
import Foundation
from AppKit import *
import os
import stat
except:
print "A required module is missing.."
def permissions_to_unix_name(st_mode):
permstr = ''
usertypes = ['USR', 'GRP', 'OTH']
for usertype in usertypes:
perm_types = ['R', 'W', 'X']
for permtype in perm_types:
perm = getattr(stat, 'S_I%%s%%s' %% (permtype, usertype))
if st_mode & perm:
permstr += permtype.lower()
else:
permstr += '-'
return permstr
path = "%s"
dirlist = os.listdir(path)
filemgr = NSFileManager.defaultManager()
directoryListString = "\\t\\towner\\tgroup\\t\\tlast modified\\tsize\\t\\tname\\n"
for item in dirlist:
fullpath = os.path.abspath(os.path.join(path,item))
attrs = filemgr.attributesOfItemAtPath_error_(os.path.abspath(fullpath), None)
name = item
lastModified = str(attrs[0]['NSFileModificationDate'])
group = str(attrs[0]['NSFileGroupOwnerAccountName'])
owner = str(attrs[0]['NSFileOwnerAccountName'])
size = str(os.path.getsize(fullpath))
if int(size) > 1024:
size = int(size) / 1024
size = str(size) + "K"
else:
size += "B"
perms = permissions_to_unix_name(os.stat(fullpath)[0])
listString = perms + " " + owner + "\\t" + group + "\\t\\t" + lastModified.split(" ")[0] + "\\t" + size + "\\t\\t" + name + "\\n"
if os.path.isdir(fullpath):
listString = "d"+listString
else:
listString = "-"+listString
directoryListString += listString
print str(os.getcwd())
print directoryListString
""" % filePath
return script

View File

@ -810,7 +810,7 @@ http://www.danielbohannon.com
# Perform final check to remove ticks if they now precede lowercase special characters after the string is reversed.
# E.g. "testin`G" in reverse would be "G`nitset" where `n would be interpreted as a newline character.
$SpecialCharacters = @('a','b','f','n','r','t','v','0')
$SpecialCharacters = @('a','b','f','n','r','u','t','v','0')
ForEach($SpecialChar in $SpecialCharacters)
{
If($ScriptString.Contains("``"+$SpecialChar))

View File

@ -1032,7 +1032,7 @@ http://www.danielbohannon.com
$CharIndexesToObfuscate = (Get-Random -InputObject (1..($TokenArray.Length-2)) -Count $NumberOfCharsToObfuscate)
# Special characters in PowerShell must be upper-cased before adding a tick before the character.
$SpecialCharacters = @('a','b','f','n','r','t','v')
$SpecialCharacters = @('a','b','f','n','r','u','t','v','0')
# Remove the possibility of a single tick being placed only before the token string.
# This would leave the string value completely intact, thus defeating the purpose of the tick obfuscation.

View File

@ -9,7 +9,7 @@ class Stager:
'Author': ['@kisasondi','@harmj0y'],
'Description': ('Generates a bunny script that runes a one-liner stage0 launcher for Empire.'),
'Description': ('Generates a bunny script that runs a one-liner stage0 launcher for Empire.'),
'Comments': [
'This stager is modification of the ducky stager by @harmj0y,',

View File

@ -104,7 +104,7 @@ class Stager:
print helpers.color("[!] Error in launcher command generation.")
return ""
else:
chunks = list(helpers.chunks(launcher.replace("'", "\\'"), 50))
chunks = list(helpers.chunks(launcher, 50))
payload = "\tDim "+Str+" As String\n"
payload += "\t"+Str+" = \"" + str(chunks[0]) + "\"\n"
for chunk in chunks[1:]:

1
setup/bomutils Submodule

@ -0,0 +1 @@
Subproject commit 3f7dc2dbbc36ca1c957ec629970026f45594a52c

View File

@ -47,17 +47,27 @@ elif lsb_release -d | grep -q "Kali"; then
pip install zlib_wrapper
pip install netifaces
if ! which powershell > /dev/null; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu55_55.1-7_amd64.deb
if uname -a | grep -q amd64; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu52_52.1-3_amd64.deb
wget http://ftp.debian.org/debian/pool/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
wget https://github.com/PowerShell/PowerShell/releases/download/v6.0.0-alpha.16/powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -y libunwind8
dpkg -i libicu55_55.1-7_amd64.deb
dpkg -i libicu52_52.1-3_amd64.deb
dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
dpkg -i powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -f -y
rm libicu55_55.1-7_amd64.deb
rm libicu52_52.1-3_amd64.deb
rm libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
rm powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
elif uname -a | grep -q i386; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu52_52.1-3_i386.deb
wget http://ftp.debian.org/debian/pool/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
dpkg -i libicu52_52.1-3_i386.deb
dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
rm libicu52_52.1-3_i386.deb
rm libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
fi
curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
curl https://packages.microsoft.com/config/ubuntu/14.04/prod.list | sudo tee /etc/apt/sources.list.d/microsoft.list
apt-get update
apt-get install -y powershell
rm /opt/microsoft/powershell/*/DELETE_ME_TO_DISABLE_CONSOLEHOST_TELEMETRY
fi
mkdir -p /usr/local/share/powershell/Modules
cp -r ../lib/powershell/Invoke-Obfuscation /usr/local/share/powershell/Modules
@ -78,17 +88,15 @@ elif lsb_release -d | grep -q "Ubuntu"; then
pip install zlib_wrapper
pip install netifaces
if ! which powershell > /dev/null; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu55_55.1-7_amd64.deb
wget http://ftp.debian.org/debian/pool/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
wget https://github.com/PowerShell/PowerShell/releases/download/v6.0.0-alpha.16/powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -y libunwind8
dpkg -i libicu55_55.1-7_amd64.deb
dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
dpkg -i powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -f -y
rm libicu55_55.1-7_amd64.deb
rm libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
rm powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
if lsb_release -r | grep -q "14.04"; then
curl https://packages.microsoft.com/config/ubuntu/14.04/prod.list | sudo tee /etc/apt/sources.list.d/microsoft.list
elif lsb_release -r | grep -q "16.04"; then
curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list | sudo tee /etc/apt/sources.list.d/microsoft.list
fi
apt-get update
apt-get install -y powershell
rm /opt/microsoft/powershell/*/DELETE_ME_TO_DISABLE_CONSOLEHOST_TELEMETRY
fi
mkdir -p /usr/local/share/powershell/Modules
cp -r ../lib/powershell/Invoke-Obfuscation /usr/local/share/powershell/Modules
@ -108,19 +116,32 @@ else
pip install 'pyopenssl==17.2.0'
pip install zlib_wrapper
pip install netifaces
pip install M2Crypto
if ! which powershell > /dev/null; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu55_55.1-7_amd64.deb
if lsb_release -d | grep -q Debian | grep 9; then
if uname -a | grep -q amd64; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu52_52.1-3_amd64.deb
wget http://ftp.debian.org/debian/pool/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
wget https://github.com/PowerShell/PowerShell/releases/download/v6.0.0-alpha.16/powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -y libunwind8
dpkg -i libicu55_55.1-7_amd64.deb
dpkg -i libicu52_52.1-3_amd64.deb
dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
dpkg -i powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
apt-get install -f -y
rm libicu55_55.1-7_amd64.deb
rm libicu52_52.1-3_amd64.deb
rm libssl1.0.0_1.0.1t-1+deb8u6_amd64.deb
rm powershell_6.0.0-alpha.16-1ubuntu1.16.04.1_amd64.deb
elif uname -a | grep -q i386; then
wget http://archive.ubuntu.com/ubuntu/pool/main/i/icu/libicu52_52.1-3_i386.deb
wget http://ftp.debian.org/debian/pool/main/o/openssl/libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
dpkg -i libicu52_52.1-3_i386.deb
dpkg -i libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
rm libicu52_52.1-3_i386.deb
rm libssl1.0.0_1.0.1t-1+deb8u6_i386.deb
fi
fi
curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
curl https://packages.microsoft.com/config/ubuntu/14.04/prod.list | sudo tee /etc/apt/sources.list.d/microsoft.list
apt-get update
apt-get install -y powershell
rm /opt/microsoft/powershell/*/DELETE_ME_TO_DISABLE_CONSOLEHOST_TELEMETRY
fi
mkdir -p /usr/local/share/powershell/Modules
cp -r ../lib/powershell/Invoke-Obfuscation /usr/local/share/powershell/Modules
fi