Cleaned up Encrypt-Script coment-based help

Encrypt-Script.ps1

@@ -1,56 +1,77 @@
 function Encrypt-Script {
 
 <#
-.Synopsis
+.SYNOPSIS
 
- PowerSploit Module - Encrypt-Script
+    PowerSploit Module - Encrypt-Script
- Author: Matthew Graeber (@mattifestation)
+    Author: Matthew Graeber (@mattifestation)
- License: BSD 3-Clause
+    License: BSD 3-Clause
  
-.Description
+.DESCRIPTION
 
- Encrypt-Script will encrypt a script (or any text file for that matter)
+    Encrypt-Script will encrypt a script (or any text file for that matter) and output the results to a minimally obfuscated script - evil.ps1.
- and output the results to a minimally obfuscated script - evil.ps1.
  
-.Parameter ScriptPath
+.PARAMETER ScriptPath
 
- Path to this script
+    Path to this script
  
-.Parameter Password
+.PARAMETER Password
 
- Password to encrypt/decrypt the script
+    Password to encrypt/decrypt the script
  
-.Parameter Salt
+.PARAMETER Salt
 
- Salt value for encryption/decryption. This can be any string value.
+    Salt value for encryption/decryption. This can be any string value.
  
+.EXAMPLE
+
+    C:\PS> Encrypt-Script .\Naughty-Script.ps1 password salty
+ 
+    Description
+    -----------
+    Encrypt the contents of this file with a password and salt. This will make analysis of the script impossible without the correct password and salt combination. This command will generate evil.ps1 that can dropped onto the victim machine. It only consists of a decryption function 'de' and the base64-encoded ciphertext.
+
 .Example
 
- PS> Encrypt-Script .\Naughty-Script.ps1 password salty
+    C:\PS> [String] $cmd = Get-Content .\evil.ps1
- 
+    C:\PS> Invoke-Expression $cmd
- Description
+    C:\PS> $decrypted = de password salt
- -----------
+    C:\PS> Invoke-Expression $decrypted
- Encrypt the contents of this file with a password and salt. This will make analysis of the
+    
- script impossible without the correct password and salt combination. This command will
+    Description
- generate evil.ps1 that can dropped onto the victim machine. It only consists of a
+    -----------
- decryption function 'de' and the base64-encoded ciphertext.
+    This series of instructions assumes you've already encrypted a script and named it evil.ps1. The contents are then decrypted and the unencrypted script is called via Invoke-Expression
 
- Note: This command can be used to encrypt any text-based file/script
+.NOTES
-.Example
- C:\PS>[String] $cmd = Get-Content .\evil.ps1
- C:\PS>Invoke-Expression $cmd
- C:\PS>$decrypted = de password salt
- C:\PS>Invoke-Expression $decrypted
- 
-.Link
 
- My blog: http://www.exploit-monday.com
+    This command can be used to encrypt any text-based file/script
+ 
+.LINK
+
+    http://www.exploit-monday.com
 #>
 
-Param (
+Param
-    [Parameter(Position = 0, Mandatory = $True)] [String] $ScriptPath,
+(
-    [Parameter(Position = 1, Mandatory = $True)] [String] $Password,
+    [Parameter(Position = 0, Mandatory = $True)]
-    [Parameter(Position = 2, Mandatory = $True)] [String] $Salt
+    [String]
+    $ScriptPath,
+    
+    [Parameter(Position = 1, Mandatory = $True)]
+    [String]
+    $Password,
+    
+    [Parameter(Position = 2, Mandatory = $True)]
+    [String]
+    $Salt,
+    
+    [Parameter(Position = 3)]
+    [String]
+    $InitializationVector = ( @( foreach ($i in 1..16) { [Char](Get-Random -Min 0x41 -Max 0x5B) } ) -join '' ), # Generate random 16 character IV
+    
+    [Parameter(Position = 4)]
+    [String]
+    $FilePath = '.\evil.ps1'
 )
 
 $AsciiEncoder = New-Object System.Text.ASCIIEncoding
@@ -98,8 +119,8 @@ return $encoding.GetString($h,0,$h.Length);
 }'
 
 # Output decrypt function and ciphertext to evil.ps1
-Out-File -InputObject $Output -Encoding ASCII .\evil.ps1
+Out-File -InputObject $Output -Encoding ASCII $FilePath
 
-Write-Host "Encrypted PS1 file saved to: $(Resolve-Path .\evil.ps1)"
+Write-Host "Encrypted PS1 file saved to: $(Resolve-Path $FilePath)"
 
 }