Looking for a bash script to uninstall Rapid7 agent on Linux/Ubuntu … please :)
Uninstall Rapid7 Agent from Linux
Userlevel 5
+1
Hey there
You will need to add the agent_installer-x86_64.sh script as a payload. Rapid7 installer has an uninstaller switch. Worked well for us.
# Evaluation Code
#!/bin/sh
#evaluate the device to see if the Rapid7 service is running
#process running exit with a 0
#process not running exit with a 1
rapid7=$(ps -e | grep ir_agent)
if [ "$rapid7" ]
then
exit 1
else
exit 0
fi# Remediation Code
#!/bin/sh
#run installation
cp agent_installer-x86_64.sh /tmp/agent_installer-x86_64.sh
chmod u+x /tmp/agent_installer-x86_64.sh
sudo /tmp/agent_installer-x86_64.sh uninstall
Thanks heaps
Hello
And to install on linux does anyone have it?
Userlevel 5
+1
Hello
And to install on linux does anyone have it?
Similar process, upload the agent_installer-x86_64.sh file as a payload
Evaluation Code
#!/bin/sh
#evaluate the device to see if the Rapid7 service is running
#process running exit with a 0
#process not running exit with a 1
rapid7=$(ps -e | grep ir_agent)
if [ "$rapid7" ]
then
exit 0
else
exit 1
fiRemediation
#!/bin/sh
#run installation
cp agent_installer-x86_64.sh /tmp/agent_installer-x86_64.sh
chmod u+x /tmp/agent_installer-x86_64.sh
sudo /tmp/agent_installer-x86_64.sh install_start --token us:fd2d4a4f-ca65-494d-9548-66d36b080cc7
rapid7=$( ps -e | grep ir_agent)
if [ "$rapid7" ]
then
echo "installed succesfully"
exit 0
else
echo "failed to install"
exit 1
fi
Hello
First of all, I want to thank you for the help, it worked very well in our environment.
But if you can give us one more tip, in our environment we are using Rapid7 also for macbooks, would you know how to install the agent in this case?
The problem is that we have two types of agent for macbooks, one for macbooks with intel processors and the other for macbooks with arm processors (m2, m3...)
agent_installer-arm64.sh
agent_installer-x86_64.sh
Thank you very much
Userlevel 5
+1
Hi
#!/bin/bash
if [[ $(uname -m) == 'arm64' ]]; then
echo "Using ARM installer"
scp agent_installer-arm64.sh /tmp
chmod u+x /tmp/agent_installer-arm64.sh
sudo /tmp/agent_installer-arm64.sh install_start --token us:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null 2>&1
else
echo "Using Intel installer."
scp agent_installer-x86_64.sh /tmp
chmod u+x /tmp/agent_installer-x86_64.sh
sudo /tmp/agent_installer-x86_64.sh install_start --token us:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx > /dev/null 2>&1
fi
rapid7=$( ps -e | grep ir_agent)
if [ "$rapid7" ]
then
echo "Installed Successfully"
exit 0
else
echo "Failed to Install"
exit 1
fi
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.