gquere/shitmantec.py

## shitmantec.py
#!/usr/bin/env python3
import sys
import re
import random
import base64

with open(sys.argv[1], "rb") as f:
    lines = f.readlines()

obfuscated_lines = b""
for line in lines:
    matches = re.findall(b'"[^"]*"', line)
    for match in matches:
        replace = b'$([Text.Encoding]::UTF8.GetString([Convert]::FromBase64String("' + base64.b64encode(match[1:-1]) + b'")))'
        line = line.replace(match, replace)
    obfuscated_lines += line

with open(sys.argv[1] + '.obfu', 'wb+') as f:
    f.write(obfuscated_lines)
	#!/usr/bin/env python3
	import sys
	import re
	import random
	import base64

	with open(sys.argv[1], "rb") as f:
	lines = f.readlines()

	obfuscated_lines = b""
	for line in lines:
	matches = re.findall(b'"[^"]*"', line)
	for match in matches:
	replace = b'$([Text.Encoding]::UTF8.GetString([Convert]::FromBase64String("' + base64.b64encode(match[1:-1]) + b'")))'
	line = line.replace(match, replace)
	obfuscated_lines += line

	with open(sys.argv[1] + '.obfu', 'wb+') as f:
	f.write(obfuscated_lines)