#!/bin/bash

echo "[*] - Now writing file /tmp/check_ip.sh"

cat <<'EOF' > /tmp/check_ip.sh
#!/bin/bash
# Purpose: Return current external IP
CURRENTIP=$(curl --silent icanhazip.com)
echo "[*] - Current IP - ${CURRENTIP}"

EOF

chmod +x /tmp/check_ip.sh

echo "[*] - Executing /tmp/check_ip.sh"
/bin/bash /tmp/check_ip.sh

cat <<'EOF' > /tmp/solariburst.sh
#!/bin/bash

# Performs a nslookup on all Solariburst malicious domains
# Purpose: To test Endpoint Detection Response and Network Monitoring Software
DOMAINS=('avsvmcloud.com' 'digitalcollege.org' 'freescanonline.com' 'deftsecurity.com' 'thedoccloud.com' 'websitetheme.com' 'highdatabase.com' 'incomeupdate.com' 'databasegalore.com' 'panhardware.com' 'zupertech.com' 'seobundlekit.com' 'lcomputers.com' 'virtualdataserver.com' 'webcodez.com' 'infinitysoftwares.com' 'ervsystem.com')


for DOMAIN in "${DOMAINS[@]}"
   do
          nslookup "${DOMAIN}" | head -n 6 | tail -n 2
   done
EOF
echo "[*] - Executing solariburst test /tmp/solariburst.sh"

chmod +x /tmp/solariburst.sh
bash /tmp/solariburst.sh

CURR_HOST=$(hostname)
echo "[*] - Current Hostname - ${CURR_HOST}"