this tool is used to obfuscate bash commands. this tool will often produce commands that can be hundreds or even millions of characters in length. to avoid this, utilize the flags to produce shorter/simpler obfuscated cmds
#create an obfuscated payload
root@oco:~$ cd ./bashfuscator/bin/
root@oco:~$ ./bashfuscator -h
root@oco:~$ ./bashfuscator -c 'cat /etc/passwd' -s 1 -t 1 --no-mangling --layers 1
payload: eval "$(W0=(w \ t e c p s a \/ d);for Ll in 4 7 2 1 8 3 2 4 8 5 7 6 6 0 9;{ printf %s "${W0[$Ll]}";};)"
* -s means desired size of the payload. Default: 2
* -t means desired speed of the payload. Default: 2
* --no-mangling means don't preform binary mangling and don't insert random whitespace and characters
* --layer is the number of layers of obfuscation to apply. Default is 1; when --choose-mutators is used, otherwise: 2
#validate the obfuscated payload
root@oco:~$ bash -c 'eval "$(W0=(w \ t e c p s a \/ d);for Ll in 4 7 2 1 8 3 2 4 8 5 7 6 6 0 9;{ printf %s "${W0[$Ll]}";};)"'
WINDOWS: DOSFUSCATION
root@oco:~$ pwsh
* utilizing powershell core on Linux to create & validate the payload
PS > git clone https://github.com/danielbohannon/Invoke-DOSfuscation.git
PS > cd Invoke-DOSfuscation
PS > Import-Module .\Invoke-DOSfuscation.psd1
PS > Invoke-DOSfuscation
Invoke-DOSfuscation> help
#create the obfuscated payload
Invoke-DOSfuscation> SET COMMAND type C:\Users\htb-student\Desktop\flag.txt
Invoke-DOSfuscation> encoding
Invoke-DOSfuscation\Encoding> 1
typ%TEMP:~-3,-2% %CommonProgramFiles:~17,-11%:\Users\h%TMP:~-13,-12%b-stu%SystemRoot:~-4,-3%ent%TMP:~-19,-18%%ALLUSERSPROFILE:~-4,-3%esktop\flag.%TMP:~-13,-12%xt
#validate the obfuscated payload
PS > typ%TEMP:~-3,-2% %CommonProgramFiles:~17,-11%:\Users\h%TMP:~-13,-12%b-stu%SystemRoot:~-4,-3%ent%TMP:~-19,-18%%ALLUSERSPROFILE:~-4,-3%esktop\flag.%TMP:~-13,-12%xt
test_flag
