Mark Minasi's Tech Forum
Register Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
JohnP

Still Checking the Forum Out
Registered:
Posts: 3
Reply with quote  #1 
Hello everyone, I saw the previous post Obfuscate email addresses with PowerShell and decided I'd play around with the concept.

The primary differences are:
-Windows Forms GUI with 2 textboxes, hash, dehash, copy, and generate buttons, and a complexity slider
-Different obfuscation method with support for special characters and spaces

Explanation of functions:

Top Textbox = InputBox
Bottom Textbox = OutputBox
Hash = Takes the value from InputBox and generates the obfuscated value into the OutputBox
Dehash = Takes the value from InputBox and generates the unobfuscated value into the OutputBox
Copy = Takes the value from OutputBox and copies it to your clipboard
Generate = Generates a password
Complexity Slider = Sets the level of complexity for obfuscation, unobfuscation, and password generation (Decides how many times to run the obfuscation/unobfuscation script, and selects the length and special character count for the Generate Passsword function)

Disclaimer:
This is not "pro-code", just a fun side project as a poc. I know that these values are not really "hashes", but who wants a button that says obfuscate and unobfuscate? My naming of variables probably needs to be more unique ie calling 4 things all $Button. Should probably do some comments in code. The obfuscation method is not mine, I found it somewhere but don't remember otherwise I'd gladly pay homage to the original creator.

Known Quirks:
This is a positive and a negative, in order to unobfuscate a value, you need to know the level of complexity it was generated with. For example if you press dehash and complexity is at level 2, and your value is a level 3 complexity hash, the return value will be your value in a level 1 hash.

I've thought about adding a prefix to the hash to show the level of complexity, and then stripping that off and reading that value when doing the dehash, so you don't have to worry about the complexity setting on dehash.

The second known quirk is that there is a max length that you can do each level of complexity, for instance if you attempt to hash a level 3 complexity at level 3 again, it will lose some of the characters or show a totally wrong value.

I've added some safety in the generate function to not allow too complex of a password or hash to be made. I've thought of trying to change the obfuscation method or adding some length requirements, also special characters seem to make the obufscated value much larger.



Obfuscator01.jpg 


Now with all that out of the way, here is the code:


Code:

$ErrorActionPreference= 'silentlycontinue'
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing")
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
$Form = New-Object System.Windows.Forms.Form
$Icon = [system.drawing.icon]::ExtractAssociatedIcon($PSHOME + "\powershell.exe")
$Form.Icon = $Icon
$Form.text = "Obfuscator"
$Form.BackColor = [System.Drawing.Color]::FromArgb(0,0,0,0)
$Form.Size = New-Object System.Drawing.Size(655,120)
function Get-ObfuscationCommand
{
    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true)]
        [System.String]
        $String,
        [Parameter(Position = 1)]
        [System.UInt32]
        $BytesPerCharacter = 1
    )
    if ($BytesPerCharacter -eq 0) { $BytesPerCharacter = 1 }
    $hexCharsPerCharacter = $BytesPerCharacter * 2
    $byteString = New-Object System.Text.StringBuilder
    foreach ($char in $String.GetEnumerator())
    {
        $null = $byteString.Append(([int][char]$char).ToString("X$hexCharsPerCharacter"))
    }
    $obfuscatedString = $byteString.ToString()
    $charCount = [int]($obfuscatedString.Length / $hexCharsPerCharacter)
    Write-Output $obfuscatedString
}
function hash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = Get-ObfuscationCommand $ToHash}
          ElseIf ($Slider.value -eq 2)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)}
          ElseIf ($Slider.value -eq 3)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash) )}
          Else
            {$Script = Get-ObfuscationCommand $ToHash};            
$OutputBox.text= $Script;
}

function dehash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = -join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})}
          ElseIf ($Slider.value -eq 2)
            {$Script = -join((-join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"}) ) -split '(?<=\G.{2})',26|%{[char][int]"0x$_"}) }
          ElseIf ($Slider.value -eq 3)
            {$Script = -join(-join(-join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})-split '(?<=\G.{2})',26|%{[char][int]"0x$_"})-split '(?<=\G.{2})',26|%{[char][int]"0x$_"})}
          Else
            {$Script = -join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})};            
$OutputBox.text= $Script;
}
function generate {
[Reflection.Assembly]::LoadWithPartialName("System.Web")
if ($Slider.value -eq 1)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,0))}
          ElseIf ($Slider.value -eq 2)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,2))}
          ElseIf ($Slider.value -eq 3)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,4))}
          Else
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,0))};            
$InputBox.text = $Script
}
function simplehash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = Get-ObfuscationCommand $ToHash
            $Slider.value = 1}
          ElseIf ($Slider.value -eq 2)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)
            $Slider.value = 2}
          ElseIf ($Slider.value -eq 3)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)
            $Slider.value = 2}
          Else
            {$Script = Get-ObfuscationCommand $ToHash};            
$OutputBox.text= $Script;
}
$InputBox = New-Object System.Windows.Forms.TextBox
$InputBox.Location = New-Object System.Drawing.Size(10,12)
$InputBox.Size = New-Object System.Drawing.Size(300,25)
$Form.Controls.Add($InputBox)
$OutputBox = New-Object System.Windows.Forms.TextBox
$OutputBox.Location = New-Object System.Drawing.Size(10,50)
$OutputBox.Size = New-Object System.Drawing.Size(300,25)
$Form.Controls.Add($OutputBox)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(350,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.Text = "Hash"
$Button.Add_Click({hash})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(450,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.Text = "Dehash"
$Button.Add_Click({dehash})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(550,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.Text = "Copy"
$Button.Add_Click({$OutputBox.text | Clip})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(550,50)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.Text = "Generate"
$Button.Add_Click({Generate | Simplehash})
$Form.Controls.Add($Button)
$SlideLabel = New-Object System.Windows.Forms.Label
$SlideLabel.Location = New-Object System.Drawing.Size(350,52)
$SlideLabel.Size = New-Object System.Drawing.Size(60,25)
$SlideLabel.Text = "Complexity"
$Form.Controls.Add($SlideLabel)
$SlideVal = New-Object System.Windows.Forms.TextBox
$SlideVal.Location = New-Object System.Drawing.Size(410,50)
$SlideVal.Size = New-Object System.Drawing.Size(20,25)
$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen
$Form.Controls.Add($SlideVal)
$Slider = New-Object Windows.Forms.TrackBar
$Slider.TabIndex = 1
$Slider.Minimum = 1
$Slider.Maximum = 3
$System_Drawing_Point = New-Object System.Drawing.Point 
$System_Drawing_Point.X = 430
$System_Drawing_Point.Y = 50 
$Slider.Location = $System_Drawing_Point 
$Slider.Name = "trackResize"
$Slider.add_ValueChanged({
if ($Slider.value -eq 1)
            {$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen}
          ElseIf ($Slider.value -eq 2)
            {$SlideVal.BackColor = [System.Drawing.Color]::Yellow}
          ElseIf ($Slider.value -eq 3)
            {$SlideVal.BackColor = [System.Drawing.Color]::Red}
          Else
            {$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen}; 
})
$Form.Controls.add($Slider)

$Form.Add_Shown({$Form.Activate()})
[void] $Form.ShowDialog()




Stealth Version:

I have 2 other versions as well, one I nicknamed Dark, and the Other Stealth. Below is the Stealth Version which is the same as Dark I just added the opacity and topmost on line 13 and 14.
I made this Stealth version so I can keep it on the corner of one of my screens, and the opacity helps to add privacy for when I'm working with sensitive information like passwords.

Obfuscator02.jpg 


Code:

$ErrorActionPreference= 'silentlycontinue'
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing")
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
$Form = New-Object System.Windows.Forms.Form
$Form.Size = New-Object System.Drawing.Size(655,120)
$Icon = [system.drawing.icon]::ExtractAssociatedIcon($PSHOME + "\powershell.exe")
$Form.Icon = $Icon
$Form.text = "Obfuscator"
$Form.BackColor = [System.Drawing.Color]::DimGray
$Form.StartPosition = 4
$Form.Topmost = $True
$Form.Opacity = 0.60

function Get-ObfuscationCommand
{
    [CmdletBinding()]
    param (
        [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true)]
        [System.String]
        $String,
        [Parameter(Position = 1)]
        [System.UInt32]
        $BytesPerCharacter = 1
    )
    if ($BytesPerCharacter -eq 0) { $BytesPerCharacter = 1 }
    $hexCharsPerCharacter = $BytesPerCharacter * 2
    $byteString = New-Object System.Text.StringBuilder
    foreach ($char in $String.GetEnumerator())
    {
        $null = $byteString.Append(([int][char]$char).ToString("X$hexCharsPerCharacter"))
    }
    $obfuscatedString = $byteString.ToString()
    $charCount = [int]($obfuscatedString.Length / $hexCharsPerCharacter)
    Write-Output $obfuscatedString
}
function hash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = Get-ObfuscationCommand $ToHash}
          ElseIf ($Slider.value -eq 2)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)}
          ElseIf ($Slider.value -eq 3)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash) )}
          Else
            {$Script = Get-ObfuscationCommand $ToHash};            
$OutputBox.text= $Script;
}

function dehash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = -join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})}
          ElseIf ($Slider.value -eq 2)
            {$Script = -join((-join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"}) ) -split '(?<=\G.{2})',26|%{[char][int]"0x$_"}) }
          ElseIf ($Slider.value -eq 3)
            {$Script = -join(-join(-join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})-split '(?<=\G.{2})',26|%{[char][int]"0x$_"})-split '(?<=\G.{2})',26|%{[char][int]"0x$_"})}
          Else
            {$Script = -join($ToHash -split '(?<=\G.{2})',26|%{[char][int]"0x$_"})};            
$OutputBox.text= $Script;
}
function generate {
[Reflection.Assembly]::LoadWithPartialName("System.Web")
if ($Slider.value -eq 1)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,0))}
          ElseIf ($Slider.value -eq 2)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,2))}
          ElseIf ($Slider.value -eq 3)
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,4))}
          Else
            {$Script = $([System.Web.Security.Membership]::GeneratePassword(8,0))};            
$InputBox.text = $Script
}
function simplehash {
$ToHash=$InputBox.text;
if ($Slider.value -eq 1)
            {$Script = Get-ObfuscationCommand $ToHash
            $Slider.value = 1}
          ElseIf ($Slider.value -eq 2)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)
            $Slider.value = 2}
          ElseIf ($Slider.value -eq 3)
            {$Script = Get-ObfuscationCommand (Get-ObfuscationCommand $ToHash)
            $Slider.value = 2}
          Else
            {$Script = Get-ObfuscationCommand $ToHash};            
$OutputBox.text= $Script;
}
$InputBox = New-Object System.Windows.Forms.TextBox
$InputBox.Location = New-Object System.Drawing.Size(10,12)
$InputBox.Size = New-Object System.Drawing.Size(300,25)
$InputBox.BackColor = [System.Drawing.Color]::Black
$InputBox.ForeColor = [System.Drawing.Color]::Goldenrod
$Form.Controls.Add($InputBox)
$OutputBox = New-Object System.Windows.Forms.TextBox
$OutputBox.Location = New-Object System.Drawing.Size(10,50)
$OutputBox.Size = New-Object System.Drawing.Size(300,25)
$OutputBox.BackColor = [System.Drawing.Color]::Black
$OutputBox.ForeColor = [System.Drawing.Color]::Goldenrod
$Form.Controls.Add($OutputBox)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(350,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.FlatStyle = 1
$Button.BackColor = [System.Drawing.Color]::Black
$Button.ForeColor = [System.Drawing.Color]::Goldenrod
$Button.Text = "Hash"
$Button.Add_Click({hash})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(450,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.FlatStyle = 1
$Button.BackColor = [System.Drawing.Color]::Black
$Button.ForeColor = [System.Drawing.Color]::Goldenrod
$Button.Text = "Dehash"
$Button.Add_Click({dehash})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(550,10)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.FlatStyle = 1
$Button.BackColor = [System.Drawing.Color]::Black
$Button.ForeColor = [System.Drawing.Color]::Goldenrod
$Button.Text = "Copy"
$Button.Add_Click({$OutputBox.text | Clip})
$Form.Controls.Add($Button)
$Button = New-Object System.Windows.Forms.Button
$Button.Location = New-Object System.Drawing.Size(550,50)
$Button.Size = New-Object System.Drawing.Size(75,25)
$Button.FlatStyle = 1
$Button.BackColor = [System.Drawing.Color]::Black
$Button.ForeColor = [System.Drawing.Color]::Goldenrod
$Button.Text = "Generate"
$Button.Add_Click({Generate | Simplehash})
$Form.Controls.Add($Button)
$SlideLabel = New-Object System.Windows.Forms.Label
$SlideLabel.Location = New-Object System.Drawing.Size(350,52)
$SlideLabel.Size = New-Object System.Drawing.Size(60,25)
$SlideLabel.ForeColor = [System.Drawing.Color]::White
$SlideLabel.Text = "Complexity"
$Form.Controls.Add($SlideLabel)
$SlideVal = New-Object System.Windows.Forms.TextBox
$SlideVal.Location = New-Object System.Drawing.Size(410,50)
$SlideVal.Size = New-Object System.Drawing.Size(20,25)
$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen
$Form.Controls.Add($SlideVal)
$Slider = New-Object Windows.Forms.TrackBar
$Slider.TabIndex = 1
$Slider.Minimum = 1
$Slider.Maximum = 3
$System_Drawing_Point = New-Object System.Drawing.Point 
$System_Drawing_Point.X = 430
$System_Drawing_Point.Y = 50 
$Slider.Location = $System_Drawing_Point 
$Slider.Name = "trackResize"
$Slider.add_ValueChanged({
if ($Slider.value -eq 1)
            {$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen}
          ElseIf ($Slider.value -eq 2)
            {$SlideVal.BackColor = [System.Drawing.Color]::Yellow}
          ElseIf ($Slider.value -eq 3)
            {$SlideVal.BackColor = [System.Drawing.Color]::Red}
          Else
            {$SlideVal.BackColor = [System.Drawing.Color]::SpringGreen}; 
})
$Form.Controls.add($Slider)

$Form.Add_Shown({$Form.Activate()})
[void] $Form.ShowDialog()



Anyways, take a look, make a suggestion, feel free to use and modify as you see fit!

Thank you,
JohnP

0
jsclmedave

Administrator
Registered:
Posts: 459
Reply with quote  #2 
VERY COOL!

Welcome to the Forum John!!


I am passing this on to the Twitter'verse for comments and tips including Adam Driscoll‏ @adamdriscoll who posted this recently.  

https://www.powershellgallery.com/packages/PowerShellProTools/1.0.93  #PowerShell



Nice Work!



__________________
Tim Bolton @jsclmedave
Email: [string](0..20|%{[char][int](32+('527377347976847978324785847679797514357977').substring(($_*2),2))}) -replace ' '  

New to the forum? Please Read this
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #3 
Can responses be received using that method?  If not wouldn't using mailinator or any anon email instead so the same thing?
0
JohnP

Still Checking the Forum Out
Registered:
Posts: 3
Reply with quote  #4 
The response is sent to the OutputBox in the GUI, no email integration.

I'm sure you could add some sort of email integration, but that's not really the scope of the script.

The use case is to eliminate passwords stored or sent in clear text, without the use of encrypting or hashing with a key.

An individual might use this to obfuscate the credentials for a generic account, and then send the obfuscated value to someone else who also has the script, this way you are not transmitting credentials in clear text through what may be monitored channels.

An individual might also use this to store passwords in a file on his local PC or Shared Drive. A lot of people do this but in clear text, so if anyone gains access to that file, they would have all the credentials. Using this script someone can still use a text file of passwords, but anyone who sees that will not know what these values are.
0
Rmanola

Still Checking the Forum Out
Registered:
Posts: 1
Reply with quote  #5 
I found the original script for the obfuscation here (David Wyatt)
https://gallery.technet.microsoft.com/scriptcenter/Generate-obfuscated-string-6ec72ffe

I discovered also that there are other more advanced obfuscation techniques: 
https://github.com/danielbohannon/Invoke-Obfuscation

0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.