Bash script to check if you have a SIP profile attached to a Virtual Server (CVE-2023-22842)

Mike_Dorado · ‎05-Sep-2023

Code is community submitted, community supported, and recognized as ‘Use At Your Own Risk’.

Short Description

Generate a CSV report to know which virtual servers have a SIP profile attached.

Problem solved by this Code Snippet

This is to shorten the time to investigate for CVE-2023-22842 for example.

How to use this Code Snippet

On bash prompt:
# vi sip_profile.sh
Paste the script (see and copy below)
Save the file :wq!
change permission
# chmod 777 sip_profile.sh
Run the script:
# ./sip_profile.sh
The output will be a CSV file under /var/tmp/sip-mapped-to-virtuals-output.csv

To check the output:

[admin@bigip:Active:Standalone] ~ # cat /var/tmp/sip-mapped-to-virtuals-output.csv
Virtual Server, SIP Profile
VS_SIP,sip
VS_MRP,sip_mrp

Code Snippet Meta Information

Full Code Snippet

#!/bin/bash
echo "Virtual Server, SIP Profile" > /var/tmp/sip_profile_map_to_virtual.csv
profile_names=`tmsh list ltm profile sip one-line | awk -F" " '{print $4}'`
for x in ${profile_names}
do
virtual_name=`tmsh list ltm virtual one-line | grep -w $x | awk -F" " '{print $3}'`
if [ "${virtual_name}" != "" ]
then
for y in ${virtual_name}
do
echo "$y,$x" >> /var/tmp/sip_profile_map_to_virtual.csv
done
fi
done

LiefZimmerman · ‎25-Sep-2023

Thanks @Mike_Dorado - I haven't heard that this got any love.
Pretty tidy little script.

DevCentral