Difficulty: Basic
Time: Approximately 5 minutes
In this exercise you will run existing scripts against remote nodes using Bolt.
Complete the following before you start this lesson:
Run the bashcheck script to check on ShellShock and related vulnerabilities.
Tip: You likely already have a set of scripts that you run to accomplish common systems administration tasks. Bolt makes it easy to reuse your scripts without modification and to run them quickly across a large number of nodes. Feel free to replace the bashcheck script in this exercise with one of your own. Just set the shebang line correctly and you can run scripts in Python, Ruby, Perl or another scripting language.
-
Download
bashcheckusingcurl, 'wget', or similar:curl -O https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck -
Run the script using the command
bolt script run <script-name> <script options>. This uploads the script to the nodes you have specified.bolt script run bashcheck --nodes node1The result:
Started on node1... Finished on node1: STDOUT: Testing /usr/bin/bash ... Bash version 4.2.46(2)-release Variable function parser pre/suffixed [(), redhat], bugs not exploitable Not vulnerable to CVE-2014-6271 (original shellshock) Not vulnerable to CVE-2014-7169 (taviso bug) Not vulnerable to CVE-2014-7186 (redir_stack bug) Test for CVE-2014-7187 not reliable without address sanitizer Not vulnerable to CVE-2014-6277 (lcamtuf bug #1) Not vulnerable to CVE-2014-6278 (lcamtuf bug #2) Successful on 1 node: node1 Ran on 1 node in 0.89 seconds
Create a simple PowerShell script to test connectivity to a known website.
Tip: You likely already have a set of scripts that you run to accomplish common systems administration tasks. Bolt makes it easy to reuse your scripts without modification and to run them quickly across a large number of nodes. Feel free to replace the script in this exercise with one of your own.
-
Save the following as
testconnection.ps1:Test-Connection -ComputerName "example.com" -Count 3 -Delay 2 -TTL 255 -BufferSize 256 -ThrottleLimit 32
-
Run the script using the command
bolt script run <script-name> <script options>. This uploads the script to the nodes you have specified, ensures its executable, runs it, and returns output to the console.bolt script run testconnection.ps1 -n $WINNODE --no-sslThe result:
Started on localhost... Finished on localhost: STDOUT: Source Destination IPV4Address IPV6Address Bytes Time(ms) ------ ----------- ----------- ----------- ----- -------- Nano example.com 256 4 Nano example.com 256 4 Nano example.com 256 5 Successful on 1 node: winrm://vagrant:vagrant@localhost:55985 Ran on 1 node in 8.55 seconds
Now that you know how to use Bolt to run existing scripts you can move on to: