Looking for a bash script to uninstall Rapid7 agent on Linux/Ubuntu … please :)
Userlevel 5
+1
Hey there
You will need to add the agent_installer-x86_64.sh script as a payload. Rapid7 installer has an uninstaller switch. Worked well for us.
# Evaluation Code
#!/bin/sh
#evaluate the device to see if the Rapid7 service is running
#process running exit with a 0
#process not running exit with a 1
rapid7=$(ps -e | grep ir_agent)
if [ "$rapid7" ]
then
exit 1
else
exit 0
fi# Remediation Code
#!/bin/sh
#run installation
cp agent_installer-x86_64.sh /tmp/agent_installer-x86_64.sh
chmod u+x /tmp/agent_installer-x86_64.sh
sudo /tmp/agent_installer-x86_64.sh uninstall
Thanks heaps
Hello
And to install on linux does anyone have it?
Userlevel 5
+1
Hello
And to install on linux does anyone have it?
Similar process, upload the agent_installer-x86_64.sh file as a payload
Evaluation Code
#!/bin/sh
#evaluate the device to see if the Rapid7 service is running
#process running exit with a 0
#process not running exit with a 1
rapid7=$(ps -e | grep ir_agent)
if [ "$rapid7" ]
then
exit 0
else
exit 1
fiRemediation
#!/bin/sh
#run installation
cp agent_installer-x86_64.sh /tmp/agent_installer-x86_64.sh
chmod u+x /tmp/agent_installer-x86_64.sh
sudo /tmp/agent_installer-x86_64.sh install_start --token us:fd2d4a4f-ca65-494d-9548-66d36b080cc7
rapid7=$( ps -e | grep ir_agent)
if [ "$rapid7" ]
then
echo "installed succesfully"
exit 0
else
echo "failed to install"
exit 1
fi
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.