Loading page
Review the challenge brief, files, and requirements.
A malicious PowerShell script uses multiple obfuscation layers. Deobfuscate it.
$a = [char]105 + [char]69 + [char]88 # Builds "iEX"
$b = 'JGM9W1N5c3RlbS5UZXh0LkVuY29kaW5nXTo6VVRGODo6R2V0U3RyaW5nKFtTeXN0ZW0uQ29udmVydF06OkZyb21CYXNlNjRTdHJpbmcoIlpteEFaM3RqYjI1allYUmZjM1J5YVc1bmZRPT0iKSk='
$d = [System.Text.Encoding]::UTF8::GetString([System.Convert]::FromBase64String($b))
& ([scriptblock]::Create("$a $d"))
Write code to strip away each obfuscation layer and reveal the final payload.
Sign in to attempt this challenge.
Use Proving Grounds to continue your challenge practice.
Open Proving Grounds