Skip to content

Instantly share code, notes, and snippets.

@apolloclark
Last active October 29, 2021 17:57
Show Gist options
  • Save apolloclark/beed65d616287b4188f5244f92d48b9e to your computer and use it in GitHub Desktop.
Save apolloclark/beed65d616287b4188f5244f92d48b9e to your computer and use it in GitHub Desktop.
Audit Debian and Ubuntu servers
#!/usr/bin/env bash
# Script to reverse engineer the build of a given Debian / Ubuntu server
# I do this all the time: take an existing server, create a Bash / Ansible / Puppet / Chef
# built script, to allow Continuous Depoyment.
# It's tedious, but this script will give you the basics to get started.
# Make sure you have "sudo" access to get all the details.
# setup folders
mkdir -p /tmp/server-build
cd /tmp/server-build
# history
history > 01.history.txt
# system
uname -a > 02.os.txt
echo "" >> 02.os.txt
cat /etc/os-release >> 02.os.txt
echo "" >> 02.os.txt
hostnamectl >> 02.os.txt
# system users
cat /etc/passwd > 03.users.txt
# system users
cat /etc/group > 04.groups.txt
# ssh keys
cat ~/.ssh/* > 05.ssh.txt
echo "" >> 05.ssh.txt
cat /home/*/.ssh/* >> 05.ssh.txt
# file system
lsblk > 06.filesystem.txt
echo "" >> 06.filesystem.txt
df -h >> 06.filesystem.txt
# network hosts
cat /etc/hosts > 07.hosts.txt
# network services
netstat -tunlp > 08.network.txt
# firewall rules
iptables -L > 09.firewall.txt
# processes
ps auxww > 10.processes.txt
# system services
service --status-all > 11.services.txt
# apt packages
apt list --installed > 12.packages.txt
yum list installed >> 12.packages.txt
# apt repos
cat /etc/apt/sources.list > 13.apt-sources.txt
yum -v repolist > 13.yum-sources.txt
# PHP info
php -i > 14.php.txt
# PHP extensions, and versions
php -r 'foreach (get_loaded_extensions() as $extension) echo "$extension: " . phpversion($extension) . "\n";' \
| sort > 15.php-modules.txt
# Python modules, and versions
pip freeze > 16.python-modules.txt
# zip it up, delete files
cd /tmp
tar -cvf server-build-$(date '+%d-%m-%Y_%H-%M-%S').tar ./server-build
rm -rf /tmp/server-build/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment