1. 简介
Nessus是漏洞扫描程序
- 洞察企业漏洞
- 揭示最重要的威胁
- 弥合知识缺口
2. 下载
Nessus下载地址:
https://www.tenable.com/downloads/nessus使用curl进行下载Nessus:
curl --request GET \
--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-10.8.3-debian10_amd64.deb' \
--output 'Nessus-10.8.3-debian10_amd64.deb'3. 安装
系统配置要求
建议6G或者8G以上,具体参考:https://docs.tenable.com/nessus/Content/HardwareRequirements.htm#Virtual_Machine安装
┌──(root㉿kali)-[/home/kali]
└─# dpkg -i Nessus-10.8.3-debian10_amd64.deb
Selecting previously unselected package nessus.
(Reading database ... 391226 files and directories currently installed.)
Preparing to unpack Nessus-10.8.3-debian10_amd64.deb ...
Unpacking nessus (10.8.3) ...
Setting up nessus (10.8.3) ...
HMAC : (Module_Integrity) : Pass
SHA1 : (KAT_Digest) : Pass
SHA2 : (KAT_Digest) : Pass
SHA3 : (KAT_Digest) : Pass
TDES : (KAT_Cipher) : Pass
AES_GCM : (KAT_Cipher) : Pass
AES_ECB_Decrypt : (KAT_Cipher) : Pass
RSA : (KAT_Signature) : RNG : (Continuous_RNG_Test) : Pass
Pass
ECDSA : (PCT_Signature) : Pass
ECDSA : (PCT_Signature) : Pass
DSA : (PCT_Signature) : Pass
TLS13_KDF_EXTRACT : (KAT_KDF) : Pass
TLS13_KDF_EXPAND : (KAT_KDF) : Pass
TLS12_PRF : (KAT_KDF) : Pass
PBKDF2 : (KAT_KDF) : Pass
SSHKDF : (KAT_KDF) : Pass
KBKDF : (KAT_KDF) : Pass
HKDF : (KAT_KDF) : Pass
SSKDF : (KAT_KDF) : Pass
X963KDF : (KAT_KDF) : Pass
X942KDF : (KAT_KDF) : Pass
HASH : (DRBG) : Pass
CTR : (DRBG) : Pass
HMAC : (DRBG) : Pass
DH : (KAT_KA) : Pass
ECDH : (KAT_KA) : Pass
RSA_Encrypt : (KAT_AsymmetricCipher) : Pass
RSA_Decrypt : (KAT_AsymmetricCipher) : Pass
RSA_Decrypt : (KAT_AsymmetricCipher) : Pass
INSTALL PASSED
Unpacking Nessus Scanner Core Components...
- You can start Nessus Scanner by typing /bin/systemctl start nessusd.service
- Then go to https://kali:8834/ to configure your scanner
4. 配置
启动
┌──(root㉿kali)-[/home/kali]
└─# /bin/systemctl start nessusd.service
┌──(root㉿kali)-[/home/kali]
└─# netstat -lntup | grep 8834
tcp 0 0 0.0.0.0:8834 0.0.0.0:* LISTEN 17872/nessusd
tcp6 0 0 :::8834 :::* LISTEN 17872/nessusd
┌──(root㉿kali)-[/home/kali]
└─#
访问
https://192.168.83.130:8834/ //选择[register offline]
安装选择[Nessus Manager]
**Nessus Expert**:The industry leading vulnerability assessment solution for the modern attack surface. //业界领先的现代攻击面漏洞评估解决方案。
**Nessus Professional**:The de-facto industry standard vulnerability assessment solution for security practitioners. //面向安全从业者的事实上的行业标准漏洞评估解决方案。
**Nessus Manager:**The enterprise solution for managing Nessus Agents at scale. //用于大规模管理Nessus代理的企业解决方案。
**Managed Scanner:**Link your scanner to another Tenable solution such as Tenable Vulnerability Management or Tenable Security Center. //将您的扫描仪链接到另一个Tenable解决方案,如Tenable漏洞管理或Tenable安全中心。License key注册获取
点击 Offline Registration,进入到https://plugins.nessus.org/v2/offline.php页面
根据提示在后台执行nessuscli fetch --challenge获取Challenge code
┌──(root㉿kali)-[/opt/nessus/bin]
└─# cd /opt/nessus/sbin
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ll
total 23364
-rwxr-xr-x 1 root root 39456 Sep 6 15:43 nessus-service
-rwxr-xr-x 1 root root 11648480 Sep 6 15:43 nessuscli
-rwxr-xr-x 1 root root 12230824 Sep 6 15:43 nessusd
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./ns./nessuscli fetch --challenge
Challenge code: 737d0a9efc6dfdd98a35f6f1a7ad77d3fd06f7a6
You can copy the challenge code above and paste it alongside your
Activation Code at:
https://plugins.nessus.org/v2/offline.php
┌──(root㉿kali)-[/opt/nessus/sbin]
└─#
点击 Tenable Community访问获取activation code
说明:默认链接可能因为网络问题,无法收到验证码,可以访问https://www.tenablecloud.cn/products/nessus/nessus-essentials
按要求填入要求的字段,姓名可随便填写,但是邮件必须是能收到邮件的,填写完成后会给填写的邮件发送激活码
将Challenge code和activation code填入https://plugins.nessus.org/v2/offline.php页面,则会获取到license 和插件all-2.0.tar.gz下载地址
将license复制到最开始的初始化界面
点击提交后创建账号密码,如admin/Nessus@123
此处添加的时候报错,Error: User could not be added. Please try again.
因为是在后台先进行了如下的注册,所以此处失败。
点击Download nessus.license或者复制lincense文本文件到后台,并按提示内容执行
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./nessuscli fetch --register-offline nessus.license
Warning! Performing this action will delete plugins. Do you want to continue? (y/n) [n]: y
Your Activation Code has been registered properly - thank you.
Nessus is offline and cannot do software updates via the feed.
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# 改用后台进行添加账号密码,然后重启nessusd服务
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# pwd
/opt/nessus/sbin
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./nessuscli adduser admin
Login password:
Login password (again):
Do you want this user to be a Nessus 'system administrator' user (can upload plugins, etc.)? (y/n) [n]: y
User rules
----------
nessusd has a rules system which allows you to restrict the hosts
that admin has the right to test. For instance, you may want
him to be able to scan his own host only.
Please see the Nessus Command Line Reference for the rules syntax
Enter the rules for this user, and enter a BLANK LINE once you are done :
(the user can have an empty rules set)
Login : admin
Password : ***********
This user will have 'system administrator' privileges within the Nessus server
Is that ok? (y/n) [n]: y
User added
┌──(root㉿kali)-[/opt/nessus/sbin]
└─#
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# /bin/systemctl restart nessusd.service
Nessus密码忘记重置
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./nessuscli lsuser //查询系统账号
admin
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./nessuscli chpasswd admin //重置密码
New password:
New password (again):
Password changed for admin
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# 根据链接定制下载插件all-2.0.tar.gz:
https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=0...
后台下载
wget 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=0447e92e25aea8f8c5a582163359a687&p=56fddc655ef69f00efa9104fe967cd7a' -O 'all-2.0.tar.gz'更新插件:
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# wget 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=0447e92e25aea8f8c5a582163359a687&p=56fddc655ef69f00efa9104fe967cd7a' -O 'all-2.0.tar.gz'
--2024-10-20 00:59:42-- https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=0447e92e25aea8f8c5a582163359a687&p=56fddc655ef69f00efa9104fe967cd7a
Resolving plugins.nessus.org (plugins.nessus.org)... 172.64.150.5, 104.18.37.251, 2606:4700:4400::ac40:9605, ...
Connecting to plugins.nessus.org (plugins.nessus.org)|172.64.150.5|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 572509484 (546M) [application/octet-stream]
Saving to: 'all-2.0.tar.gz'
all-2.0.tar.gz 100%[=======================================>] 545.99M 17.8MB/s in 19s
2024-10-20 01:00:01 (29.1 MB/s) - 'all-2.0.tar.gz' saved [572509484/572509484]
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# pwd
/opt/nessus/sbin
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ll
total 582460
-rw-r--r-- 1 root root 572509484 Oct 20 01:00 all-2.0.tar.gz
-rwxr-xr-x 1 root root 39456 Sep 6 15:43 nessus-service
-rw-r--r-- 1 root root 1460 Oct 20 00:51 nessus.license
-rwxr-xr-x 1 root root 11648480 Sep 6 15:43 nessuscli
-rwxr-xr-x 1 root root 12230824 Sep 6 15:43 nessusd
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# ./nessuscli update all-2.0.tar.gz
[info] Copying templates version 202410181453 to /opt/nessus/var/nessus/templates/tmp
[info] Finished copying templates.
[info] Moved new templates with version 202410181453 from plugins dir.
[info] Moved new pendo client with version 2.169.1
from plugins dir.
* Update successful. The changes will be automatically processed by Nessus.
┌──(root㉿kali)-[/opt/nessus/sbin]
└─# 5. 示例
新建扫描任务
扫描结果查看
6. 参考
https://docs.tenable.com/nessus/Content/GettingStarted.htm?_gl=1b5ldrm_gaOTU0NTgzMDE1LjE3MjkzOTQyMTk._ga_HSJ1XWV6ND*MTcyOTQwMTU2NC4zLjEuMTcyOTQwMjAwOS42MC4wLjE3ODU1NDk3MDQ.
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。