Address @jhart-r7's comments

Author: Meatballs1

lib/rex/exploitation/powershell/function.rb

@@ -6,6 +6,8 @@ module Exploitation
 module Powershell
 
   class Function
+    FUNCTION_REGEX = Regexp.new(/\[(\w+\[\])\]\$(\w+)\s?=|\[(\w+)\]\$(\w+)\s?=|\[(\w+\[\])\]\s+?\$(\w+)\s+=|\[(\w+)\]\s+\$(\w+)\s?=/i)
+    PARAMETER_REGEX = Regexp.new(/param\s+\(|param\(/im)
     attr_accessor :code, :name, :params
 
     include Output
@@ -32,15 +34,13 @@ def to_s
     #
     def populate_params
       @params = []
-      start = code.index(/param\s+\(|param\(/im)
+      start = code.index(PARAMETER_REGEX)
       return unless start
       # Get start of our block
       idx = scan_with_index('(',code[start..-1]).first.last + start
       pclause = block_extract(idx)
 
-      func_regex = /\[(\w+\[\])\]\$(\w+)\s?=|\[(\w+)\]\$(\w+)\s?=|\[(\w+\[\])\]\s+?\$(\w+)\s+=|\[(\w+)\]\s+\$(\w+)\s?=/i
-      #func_regex = /\[(\w+\[\])\]\.?\$(\w+)\s?=|\[(\w+)\]\s?\$(\w+)\s?=/i
-      matches = pclause.scan(func_regex)
+      matches = pclause.scan(FUNCTION_REGEX)
 
       # Ignore assignment, create params with class and variable names
       matches.each do |param|

lib/rex/exploitation/powershell/obfu.rb

@@ -8,16 +8,22 @@ module Exploitation
 module Powershell
 
   module Obfu
+    MULTI_LINE_COMMENTS_REGEX = Regexp.new(/<#(.*?)#>/m)
+    SINGLE_LINE_COMMENTS_REGEX = Regexp.new(/^\s*#(?!.*region)(.*$)/i)
+    WINDOWS_EOL_REGEX = Regexp.new(/[\r\n]+/)
+    UNIX_EOL_REGEX = Regexp.new(/[\n]+/)
+    WHITESPACE_REGEX = Regexp.new(/\s+/)
+    EMPTY_LINE_REGEX = Regexp.new(/^$|^\s+$/)
 
     #
     # Remove comments
     #
     # @return [String] code without comments
     def strip_comments
       # Multi line
-      code.gsub!(/<#(.*?)#>/m,'')
+      code.gsub!(MULTI_LINE_COMMENTS_REGEX,'')
       # Single line
-      code.gsub!(/^\s*#(?!.*region)(.*$)/i,'')
+      code.gsub!(SINGLE_LINE_COMMENTS_REGEX,'')
 
       code
     end
@@ -28,9 +34,9 @@ def strip_comments
     # @return [String] code without empty lines
     def strip_empty_lines
       # Windows EOL
-      code.gsub!(/[\r\n]+/,"\r\n")
+      code.gsub!(WINDOWS_EOL_REGEX,"\r\n")
       # UNIX EOL
-      code.gsub!(/[\n]+/,"\n")
+      code.gsub!(UNIX_EOL_REGEX,"\n")
 
       code
     end
@@ -41,7 +47,7 @@ def strip_empty_lines
     #
     # @return [String] code with whitespace stripped
     def strip_whitespace
-      code.gsub!(/\s+/,' ')
+      code.gsub!(WHITESPACE_REGEX,' ')
 
       code
     end
@@ -84,7 +90,7 @@ def standard_subs(subs = %w{strip_comments strip_whitespace sub_funcs sub_vars}
       subs.each do |modifier|
         self.send(modifier)
       end
-      code.gsub!(/^$|^\s+$/,'')
+      code.gsub!(EMPTY_LINE_REGEX,'')
 
       code
     end

lib/rex/exploitation/powershell/parser.rb

@@ -125,7 +125,7 @@ def match_start(char)
     end
 
     #
-    # Extract block of code between inside brackets/parens
+    # Extract block of code inside brackets/parenthesis
     #
     # Attempts to match the bracket at idx, handling nesting manually
     # Once the balanced matching bracket is found, all script content

lib/rex/exploitation/powershell/psh_methods.rb

@@ -18,9 +18,9 @@ module PshMethods
     # @param target [String] Location to save the file
     #
     # @return [String] Powershell code to download a file
-    def self.download(src,target=nil)
+    def self.download(src, target)
       target ||= '$pwd\\' << src.split('/').last
-      return %Q^(new-object System.Net.WebClient).Downloadfile("#{src}", "#{target}")^
+      return %Q^(new-object System.Net.WebClient).DownloadFile("#{src}", "#{target}")^
     end
 
     #
@@ -53,7 +53,7 @@ def self.secure_string(str)
     #
     # @return [String] Powershell code to identify the PID of a file
     #   lock owner
-    def self.who_locked_file?(filename)
+    def self.who_locked_file(filename)
       return %Q^ Get-Process | foreach{$processVar = $_;$_.Modules | foreach{if($_.FileName -eq "#{filename}"){$processVar.Name + " PID:" + $processVar.id}}}^
     end
 

spec/lib/rex/exploitation/powershell/psh_methods_spec.rb

@@ -7,7 +7,7 @@
 
   describe "::download" do
     it 'should return some powershell' do
-      script = Rex::Exploitation::Powershell::PshMethods.download('a')
+      script = Rex::Exploitation::Powershell::PshMethods.download('a','b')
       script.should be
       script.include?('WebClient').should be_true
     end
@@ -26,9 +26,9 @@
       script.include?('AsPlainText').should be_true
     end
   end
-  describe "::who_locked_file?" do
+  describe "::who_locked_file" do
     it 'should return some powershell' do
-      script = Rex::Exploitation::Powershell::PshMethods.who_locked_file?('a')
+      script = Rex::Exploitation::Powershell::PshMethods.who_locked_file('a')
       script.should be
       script.include?('Get-Process').should be_true
     end