Great project, and looking forward to playing with it moving forward.
I'm running PS 6.0.0-beta on Linux (Ubuntu), and trying to obfuscate a couple of payloads but keep getting a 'The Unicode escape sequence is not valid' error. I'm unsure if this is due to my environment, or if its the latest beta of PS itself.
Let me know if you need more info or need me to test something. Thanks!
Name Value
---- ----- > PSVersion 6.0.0-beta
PSEdition Core
GitCommitId v6.0.0-beta.5
OS Linux 4.4.* UTC 2017
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
$ powershell -Command 'Invoke-Obfuscation -ScriptPath data/misc/ToObfuscate.ps1 -Command "Token,All,1" -Quiet | Out-File -Encoding ASCII data/misc/Obfuscated.ps1'
Exception calling "Create" with "1" argument(s): "At line:55 char:34
+ ${e`MA`i`LsuB`jEcT} = ${s`ubjE`CT}
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:83 char:12
+ ${o`ut`loOk} = Get-OutlookInstance
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:100 char:71
+ ... stem.Runtime.Interopservices.Marshal]::ReleaseComObject(${o`uTlO`oK}) ...
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:121 char:32
+ [System.__ComObject]${o`utlook},
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:156 char:16
+ ${r`u`LEs} = ${M`Api}.DefaultStore.GetRules()
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:159 char:31
+ ${S`UBte`XT} = ${R`uLe}.Conditions.Subject
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:162 char:16
+ ${s`ubte`xt}.Text = ${F`LA`gS}
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:168 char:20
+ ${n`ulL},
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:240 char:17
+ [int]${n`um}
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:303 char:51
+ ${val`UE} = ${OLd`Efau`l`TfOlDERs}.Item(${DeFa`ul`TFOLDEr`N`AME})
+ ~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
Not all parse errors were reported. Correct the reported errors and try again."
At /usr/local/share/powershell/Modules/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1:137 char:13
+ $ScriptString = Out-ObfuscatedTokenCommand ([ScriptBlock] ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ParseException
Exception calling "Create" with "1" argument(s): "At line:55 char:34
${eMAiLsuBjEcT} = ${subjECT}
~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:83 char:12
${outloOk} = Get-OutlookInstance
~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
At line:100 char:71
~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
Not all parse errors were reported. Correct the reported errors and try again."
At /usr/local/share/powershell/Modules/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1:137 char:13
~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
Not all parse errors were reported. Correct the reported errors and try again."
At /usr/local/share/powershell/Modules/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1:137 char:13
~~
The Unicode escape sequence is not valid. A valid sequence is `u{ followed by one to six hex digits and a closing '}'.
Not all parse errors were reported. Correct the reported errors and try again."
At /usr/local/share/powershell/Modules/Invoke-Obfuscation/Out-ObfuscatedTokenCommand.ps1:137 char:13
'u' was added as a special character in PS 6.0 and needs to be upper-cased to be preceded by a ` mark. This has been updated and should be fixed as of: 950785e5f846fb0e8d3be8484d2ba466c2340469
Hey there.
Great project, and looking forward to playing with it moving forward.
I'm running PS 6.0.0-beta on Linux (Ubuntu), and trying to obfuscate a couple of payloads but keep getting a 'The Unicode escape sequence is not valid' error. I'm unsure if this is due to my environment, or if its the latest beta of PS itself.
Let me know if you need more info or need me to test something. Thanks!
Command and output:
Exception calling "Create" with "1" argument(s): "At line:55 char:34
MA
iLsuB
jEcT} = ${subjE
CT}ut
loOk} = Get-OutlookInstanceuTlO
oK}) ...u
LEs} = ${M`Api}.DefaultStore.GetRules()UBte
XT} = ${R`uLe}.Conditions.Subjectubte
xt}.Text = ${FLA
gS}UE} = ${OLd
Efaul
TfOlDERs}.Item(${DeFaul
TFOLDErN
AME})Exception calling "Create" with "1" argument(s): "At line:55 char:34
MA
iLsuB
jEcT} = ${subjE
CT}ut
loOk} = Get-OutlookInstanceuTlO
oK}) ...u
LEs} = ${M`Api}.DefaultStore.GetRules()UBte
XT} = ${R`uLe}.Conditions.Subjectubte
xt}.Text = ${FLA
gS}UE} = ${OLd
Efaul
TfOlDERs}.Item(${DeFaul
TFOLDErN
AME})Exception calling "Create" with "1" argument(s): "At line:55 char:34
MA
iLsuB
jEcT} = ${subjE
CT}ut
loOk} = Get-OutlookInstanceuTlO
oK}) ...u
LEs} = ${M`Api}.DefaultStore.GetRules()UBte
XT} = ${R`uLe}.Conditions.Subjectubte
xt}.Text = ${FLA
gS}UE} = ${OLd
Efaul
TfOlDERs}.Item(${DeFaul
TFOLDErN
AME})