Add files via upload

DeepBlue.ps1

@@ -405,13 +405,11 @@ function Check-Command($commandline,$minlength,$regexes,$whitelist,$servicecmd){
 
 function Check-Regex($string,$regexes,$type){
     $regextext="" # Local variable for return output 
-     
     if ($regex.Type -eq $type) { # Type is 0 for Commands, 1 for services. Set in regexes.csv
         if ($string -Match $regex.regex) {
            $regextext += "   - " + $regex.String + "`n"
         }
     }
-    }
     return $regextext
 }
 
@@ -427,6 +425,7 @@ function Check-Obfu($string){
     $noalphastring = $lowercasestring -replace "[a-z0-9/\;:|.]"
     $nobinarystring = $lowercasestring -replace "[01]" # To catch binary encoding
     # Calculate the percent alphanumeric/common symbols
+    if ($length -gt 0){
         $percent=(($length-$noalphastring.length)/$length)    
         if ($percent -lt $minpercent){
             $percent = "{0:P0}" -f $percent      # Convert to a percent
@@ -441,6 +440,7 @@ function Check-Obfu($string){
             $binarypercent = "{0:P0}" -f $binarypercent      # Convert to a percent
             $obfutext += "   - Possible command obfuscation: $binarypercent zeroes and ones (possible numeric or binary encoding)`n"
         }
+    }
     return $obfutext
 }