-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpowerXor.py
71 lines (56 loc) · 2.36 KB
/
powerXor.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/usr/bin/env python3
import argparse
import base64
import random
from pathlib import Path
import os
"""
Example: python3 powerXor.py test.ps1 -k 13 -o run.ps1 --template custom_template.ps1
"""
def xor_encrypt(data, key):
return bytes([b ^ key for b in data])
def main():
# Argument parsing
parser = argparse.ArgumentParser(description="Encode a PowerShell script file using XOR encryption and base64 encoding")
parser.add_argument("file_path", type=Path, help="Path to the PowerShell script file")
parser.add_argument("-k", "--key", type=int, help="XOR encryption key (default: randomly generated)")
parser.add_argument("-o", "--output", type=Path, help="Output file name (default: output.ps1)")
parser.add_argument("--template", type=Path, help="Path to the template file (default: template.ps1 in the script directory)")
args = parser.parse_args()
# Read the content of the file
print(f"[*] Reading the file ...")
with args.file_path.open('r', encoding='utf-8') as file:
script_content = file.read()
# Encode the content into UTF-16-LE
print(f"[*] Encoding the content (utf-16-le) ...")
encoded_content = script_content.encode('utf-16-le')
# Generate or use provided key
if args.key is None:
key = random.randint(0, 255)
else:
key = args.key
# XOR encrypt the content
print(f"[*] Xoring with Key: {key}")
encrypted_content = xor_encrypt(encoded_content, key)
# Base64 encode the result
print(f"[*] Base64 encoding")
encoded_result = base64.b64encode(encrypted_content).decode('utf-8')
# Prepare output content
output_content = ""
# Determine template path
if args.template:
template_path = args.template
else:
script_dir = Path(__file__).parent
template_path = script_dir / "template.ps1"
# Read the template file
with template_path.open('r', encoding='utf-8') as template_file:
output_content = template_file.read().replace("%%KEY%%", str(key)).replace("%%DATA%%", encoded_result)
# Write to output file
output_file = args.output if args.output else Path("output.ps1")
print(f"[*] Writing to output file: {output_file}")
with output_file.open('w', encoding='utf-8') as output:
output.write(output_content)
print("[*] Process completed.")
if __name__ == "__main__":
main()