Encrypt the base 64 encoding

This topic contains 4 replies, has 2 voices, and was last updated by Profile photo of open qwerty open qwerty 2 years, 3 months ago.

  • Author
    Posts
  • #18229
    Profile photo of open qwerty
    open qwerty
    Participant

    Hi,
    I made the base 64 encoding of a powershell script to run from the console remotely within a batch file.
    You can encrypt the base 64 encoding for not trace the structure of the code?
    Alternatively, there is a method to do this?
    Thanks

  • #18231
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    There's never going to be a 100% secure way to prevent people from reading your script code; it always has to be decrypted before it can be executed, and whoever is able to run the script is also able to decrypt it.

    That said, the "compile to exe" functionality of Sapien's PowerShell Studio product creates .NET executables which contain encrypted script code, and the process to decrypt that code is pretty well obfuscated. Like I said, it's not perfect, but it would discourage all but the most determined people. So far, that's the only product I've seen which doesn't make it completely trivial to extract the original PowerShell code.

  • #18236
    Profile photo of open qwerty
    open qwerty
    Participant

    Time ago I also tried the feature "compile to exe" but some antivirus (AVG, Avast, ...) detect infected .exe file.
    Something wrong?

  • #18238
    Profile photo of Dave Wyatt
    Dave Wyatt
    Moderator

    I don't know. Depends on which tool you used to compile the script to exe. If it was a malicious program, then maybe it produced infected executables of some sort. Or maybe it was a legitimate compiled EXE, but the executable triggered some heuristic analysis flag in the AV software.

  • #18241
    Profile photo of open qwerty
    open qwerty
    Participant

    I used a trial version of Sapien's PowerShell Studio .....
    Probably the executable triggered some heuristic analysis flag in the AV software.
    Thanks!

You must be logged in to reply to this topic.