Most of you have probably heard about the vulnerability in bash by now, which affects most Linux distributions and OS X. If not, check out the article from Red Hat’s security blog.

Most administrators will want to patch bash as soon as possible. When running a large VMware environment, first thing you probably want to do is do a quick inventory of the servers that might be vulnerable.

You can use the following PowerCLI one-liner to do so:

Get-VM | Where-Object { $_.PowerState -ne "PoweredOff" -and $_.Guest.GuestFamily -ne "WindowsGuest" } | Select-Object Name,PowerState,Guest

This will give you a list of all Virtual Machines that are powered on and that aren’t running Windows as a guest operating system.

You could pipe the output to Format-Table -autosize or Out-GridView for easier reading or a sortable graphical table.

I can also imagine you would like to have all IP-addresses of these virtual machines for quick patching. The following 2 lines of code will do this for you:

$VMs = Get-VM | Where-Object { $_.PowerState -ne "PoweredOff" -and $_.Guest.GuestFamily -ne "WindowsGuest" }

$VMs.guest | Select-Object VM,OSFullName,IPAddress | ft -AutoSize

Finally, if you want to test if your system is vulnerable, paste the following line on your linux machines using terminal or ssh:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the word vulnerable is returned by the prompt, your system is indeed vulnerable.

Leave a Reply

Your email address will not be published.