obfuscation_handler.py

Defines ObufscationHandler, which manages the obfuscation process.

class bashfuscator.core.engine.obfuscation_handler.ObfuscationHandler(cmdObfuscators=None, strObfuscators=None, tokObfuscators=None, encoders=None, compressors=None, args=None)[source]

Manages command and script obfuscation, taking into account all user options and preferences. This class is the heart of the framework.

Parameters:
  • cmdObfuscators (list of bashfuscator.lib.command_mutators.CommandObfuscator) – CommandObfuscators useable during execution
  • strObfuscators (list of bashfuscator.lib.string_mutators.StringObfuscator) – StringObfuscators useable during execution
  • tokObfuscators (list of bashfuscator.lib.token_mutators.TokenObfuscator) – TokenObfuscators useable during execution
  • encoders (list of bashfuscator.lib.encoders.Encoder) – Encoders useable during execution
  • compressors (list of bashfuscator.lib.compressors.Compressor) – Compressors useable during execution
  • args (arguments parsed from argparse.ArgumentParser.parse_args() in bashfuscator.bin.bashfuscator) – arguments specified on the command line. If this parameter is not supplied, default values will be set for ObfuscationHandler’s attributes.

Note

If not set, the cmdObfuscators, cmdObfuscators, tokObfuscators, encoders, and compressors arguments will default to all of the respective Mutator Types contained by the framework.

generatePayload()[source]

Generate the final payload. Obfuscates the original input by feeding it into Mutators a number of times as specified by the ‘–layers’ option.

Returns:a str containing the final obfuscated payload
genObfuscationLayer(payload, userMutator=None, userStub=None, sizePref=None, timePref=None, binaryPref=None, filePref=None, writeDir=None, enableMangling=None, mangleBinaries=None, binaryManglePercent=None, randWhitespace=None, randWhitespaceRange=None, insertChars=None, insertCharsRange=None, misleadingCmds=None, misleadingCmdsRange=None, mangleIntegers=None, expandIntegers=None, randomizeIntegerBases=None, integerExpansionDepth=None, randomizeTerminators=None, debug=None)[source]

Generate one layer of obfuscation. If called with the userMutator or userStub parameters, the Mutator and/or Stub specified by userMutator and/or userStub will be used to mutate the payload. If those parameters are not used, a Mutator and Stub (if appropriate) will be chosen automatically.

Note

If not set, the sizePref, timePref, binaryPref, filePref, and writeDir parameters will be set to the coresponding attributes of the ObfuscationHandler object being called from.

Parameters:
  • payload (str) – input command(s) to obfuscate
  • userMutator (lowercase str) – the longName attribute of a bashfuscator.common.objects.Mutator
  • userStub (lowercase str) – the longName attribute of a bashfuscator.common.objects.Stub
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
  • binaryPref (tuple containing a list of strs, and a bool) – list of binaries that the chosen Mutator should or should not use
  • filePref (bool) – file write user preference
Returns:

a str containing the ‘payload’ argument obfuscated by a single Mutator
evalWrap(payload, selMutator)[source]

Wrap the payload in an execution stub, to allow bash to execute the string produced by the payload. Will not wrap the payload if certain Mutators were used to generate the most recent layer of the payload.

Parameters:
  • payload (str) – input command(s) to wrap
  • selMutator (bashfuscator.common.objects.Mutator) – Mutator used by genObfuscationLayer() to generate the most recent layer of obfuscation
Returns:

a str containing the wrapped payload, if appropriate
choosePrefMutator(mutators, sizePref=None, timePref=None, binaryPref=None, filePref=None, prevCmdOb=None, userMutator=None, userStub=None)[source]

Chooses a Mutator from a list of mutators which is of the desired preferences, with a stub that uses desired binaries if appropriate. If called with the userMutator or userStub parameters, the Mutator and/or Stub specified by userMutator and/or userStub will be chosen. If those parameters are not used, a Mutator and Stub (if appropriate) will be chosen automatically based off of the values of the other parameters.

Parameters:
  • mutators – list of Mutators to choose a Mutator from
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
  • binaryPref (tuple containing a list of strs, and a bool) – list of binaries that the chosen Mutator should or should not use
  • filePref (bool) – file write user preference
  • prevCmdOb (bashfuscator.lib.command_mutators.CommandObfuscator) – the previous CommandObfuscator used. Should only be passed if a CommandObfuscator was used to generate the most recent obfuscation layer
  • userMutator (lowercase str) – the specific Mutator the user chose to use
  • userStub (lowercase str) – the specific Stub the user chose to use
Returns:

a bashfuscator.common.objects.Mutator object
getPrefMutators(mutators, sizePref, timePref, binaryPref=None, filePref=None, prevCmdOb=None)[source]

Get Mutators from a sequence which are suitable to use based off the user’s preferences.

Parameters:
  • seq (list) – list of Mutators of Stubs
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
  • binaryPref (tuple containing a list of strs, and a bool) – list of binaries that the chosen Mutator should or should not use
  • filePref (bool) – file write user preference
  • prevCmdOb (bashfuscator.lib.command_mutators.CommandObfuscator) – the previous CommandObfuscator used. Should only be passed if a CommandObfuscator was used to generate the most recent obfuscation layer
Returns:

list of bashfuscator.common.objects.Mutator objects, or None if there are no preferable Mutators in the ‘mutators’ argument
choosePrefStub(stubs, sizePref, timePref, binaryPref, filePref, userStub=None)[source]

Choose a stub which is of the desired sizeRating, timeRating, and uses desired binaries. If the userStub parameter is passed, the specific stub defined by userStub is searched for and is checked to make sure it aligns with the users preferences for used binaries.

Parameters:
  • stubs – list of Stubs to choose from
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
  • binaryPref (tuple containing a list of strs, and a bool) – list of binaries that the chosen Mutator should or should not use
  • userStub (lowercase str) – the specific Stub the user chose to use
Returns:

a bashfuscator.common.objects.Stub object
getPrefStubs(stubs, sizePref, timePref, binaryPref, filePref)[source]

Get Stubs from a sequence which are suitable to use based off the user’s preferences.

Parameters:
  • seq (list) – list of Mutators of Stubs
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
  • binaryPref (tuple containing a list of strs, and a bool) – list of binaries that the chosen Mutator should or should not use
Returns:

list of bashfuscator.common.objects.Stub objects, or None if there are no preferable Stubs in the ‘stubs’ argument
getPrefItems(seq, sizePref, timePref)[source]

Get Mutators or Stubs from a sequence which sizeRatings and timeRatings.

Parameters:
  • seq (list) – list of Mutators of Stubs
  • sizePref (int) – payload size user preference
  • timePref (int) – execution time user preference
Returns:

a list of Mutators or Stubs
getPrefRange(pref)[source]

Get the minimum and maximum sizeRatings or timeRatings that should be used to select obfuscator and stubs

Parameters:pref – sizePref or timePref options
Returns:tuple of minimum and maximum ratings