Last active
March 15, 2022 22:18
-
-
Save ssstonebraker/012b83716517c5e93e3641c8a2d2b059 to your computer and use it in GitHub Desktop.
write_temp_file_and_execute.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "[*] - Now writing file /tmp/check_ip.sh" | |
cat <<'EOF' > /tmp/check_ip.sh | |
#!/bin/bash | |
# Purpose: Return current external IP | |
CURRENTIP=$(curl --silent icanhazip.com) | |
echo "[*] - Current IP - ${CURRENTIP}" | |
EOF | |
chmod +x /tmp/check_ip.sh | |
echo "[*] - Executing /tmp/check_ip.sh" | |
/bin/bash /tmp/check_ip.sh | |
cat <<'EOF' > /tmp/solariburst.sh | |
#!/bin/bash | |
# Performs a nslookup on all Solariburst malicious domains | |
# Purpose: To test Endpoint Detection Response and Network Monitoring Software | |
DOMAINS=('avsvmcloud.com' 'digitalcollege.org' 'freescanonline.com' 'deftsecurity.com' 'thedoccloud.com' 'websitetheme.com' 'highdatabase.com' 'incomeupdate.com' 'databasegalore.com' 'panhardware.com' 'zupertech.com' 'seobundlekit.com' 'lcomputers.com' 'virtualdataserver.com' 'webcodez.com' 'infinitysoftwares.com' 'ervsystem.com') | |
for DOMAIN in "${DOMAINS[@]}" | |
do | |
nslookup "${DOMAIN}" | head -n 6 | tail -n 2 | |
done | |
EOF | |
echo "[*] - Executing solariburst test /tmp/solariburst.sh" | |
chmod +x /tmp/solariburst.sh | |
bash /tmp/solariburst.sh | |
CURR_HOST=$(hostname) | |
echo "[*] - Current Hostname - ${CURR_HOST}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment