本文为12月第二周网站忘记续费后从webcache里面找回的,丢失图片
这篇仍旧是漏洞排查系列过程之 nessus的安装部分,找到2篇教程,基本无坑,这里照抄了 
, 自己存档用,3周前的草稿了,今天补全:)
使用centos安装nessus 8.13,并解除IP限制
Nessus 8.11.1 最新版破解方法 无16IP限制
下载
https://www.tenable.com/downloads/nessus
我这边的平台是 CentOS7,就选它了
申请激活码
去nessus官方申请激活码,https://zh-cn.tenable.com/products/nessus/nessus-essentials
姓名随便填,邮箱必须正确,用来接收激活码。
另外左侧红框可以看到,默认最大16个ip地址。
邮箱收到如下邮件
Your Nessus Essentials License
开始安装
|
1 |
rpm -ivh Nessus-8.13.1-es7.x86_64.rpm</code> 启动 |
|
1 |
service nessusd start</code> 开始配置 |
https://centos的ip:8834
在打开的页面中选择“Managed Scanner”,并点击continue。
如下页面中选择Tenable.sc,并continue。这里下拉框要看清,别选错了。
设置用户名,密码,并提交submit。
进入nessus设置about页面。这个时候,nessus是没有scan功能的。
离线激活
1)获得挑战码(challenge code)
[[email protected] ~]# /opt/nessus/sbin/nessuscli fetch --challenge
2)获取离线插件包地址及激活证书。
浏览器打开网页 https://plugins.nessus.org/v2/offline.php ,输入第二步邮箱中申请的激活码,以及上一步得到的挑战码。
得到更新插件地址,及license证书。
下载更新包,下载证书nessus.license。
更新包及license传到centos7。
安装插件包
|
1 |
<span class="token punctuation">[</span>root@10-23-2-20 ~<span class="token punctuation">]</span># <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>sbin<span class="token operator">/</span>nessuscli update <span class="token punctuation">.</span><span class="token operator">/</span>all<span class="token operator">-</span><span class="token number">2.0</span><span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz |
离线激活nessus。
|
1 2 |
<span class="token punctuation">[</span>root@10-23-2-20 ~<span class="token punctuation">]</span># <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>sbin<span class="token operator">/</span>nessuscli fetch <span class="token operator">--</span>register<span class="token operator">-</span>offline <span class="token punctuation">.</span><span class="token operator">/</span>nessus<span class="token punctuation">.</span>license |
此时强烈建议备份/opt/nessus/lib/nessus/plugins/
|
1 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># cp <span class="token operator">-</span>r <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span> <span class="token punctuation">.</span><span class="token operator">/</span></code> 重启nessus |
|
1 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd restart |
打开浏览器访问nessus。会初始化插件。时间很长,静待。
完成后进入nessus系统。显示激活成功,具有了scan功能。但显示仅允许扫描16个IP。
解除IP限制
获取当前plugins的版本。
打开如下的页面,并记录下版本号。
https://plugins.nessus.org/v2/plugins.php
停止nessus服务
创建 plugin_feed_info.inc
|
1 2 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim plugin_feed_info<span class="token punctuation">.</span>inc |
内容如下,并将刚刚获取到的版本号替换如下内容中的数字串。
|
1 2 3 4 |
PLUGIN_SET = "202103010119"; PLUGIN_FEED = "ProfessionalFeed (Direct)"; PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning"; |
将plugin_feed_info.inc替换到 /opt/nessus/var/nessus/plugin_feed_info.inc
|
1 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span> |
将 /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc 文件删除。
|
1 2 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc |
启动nessus服务
|
1 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd start |
打开浏览器,访问nessus,会看到nessus初始化插件,完成后,看设置页面显示 unlimited。表示解除IP限制成功。
. 后续
由于Nessus服务每次重启后,都会重置plugin_feed_info.inc,这将会使nessus/plugins目录下所有的插件都被删除,无法扫描。因此要将nessus服务设置为手动,并且先停止nessus服务。
|
1 2 3 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># systemctl disable nessusd <span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd stop |
以后每次使用nessus就重复第6步的操作。
故可以写成批处理。
|
1 2 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim crack_nessus<span class="token punctuation">.</span>sh |
内容如下:
|
1 2 3 4 5 |
service nessusd stop<span class="token punctuation">;</span> cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token punctuation">;</span> rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc<span class="token punctuation">;</span> service nessusd start<span class="token punctuation">;</span> |
将crack_nessus.sh写到系统启动的脚本里。这样每次重启CentOS,会自动执行解除IP限制程序。
|
1 2 3 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># chmod <span class="token operator">+</span>x <span class="token operator">/</span>etc<span class="token operator">/</span>rc<span class="token punctuation">.</span>d<span class="token operator">/</span>rc<span class="token punctuation">.</span>local <span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim <span class="token operator">/</span>etc<span class="token operator">/</span>rc<span class="token punctuation">.</span>d<span class="token operator">/</span>rc<span class="token punctuation">.</span>local |
添加如下内容到rc.local
|
1 2 |
/bin/bash /root/crack_nessus.sh |
至此,nessus完全解除IP限制完成。
可能遇到的坑及相应的解决办法
在解除ip限制的过程中,如果已经解除成功,但是新建扫描项目时,发现很快就结束,无扫描结果。此时查看plugins目录内容是否被删除。
|
1 2 |
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># du <span class="token operator">-</span>h <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins |
正常情况下,该目录应该在1.2G左右。如远远低于此数值。请按如下步骤操作(前提是备份好了plugins目录):
|
1 2 3 4 5 6 |
service nessusd stop<span class="token punctuation">;</span> rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins cp <span class="token operator">-</span>r <span class="token punctuation">.</span><span class="token operator">/</span>plugins <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span> cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token punctuation">;</span> rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc<span class="token punctuation">;</span> service nessusd start<span class="token punctuation">;</span> |
然后打开浏览器,正常访问nessus。(https://centos的ip:8843)
静待plugins更新完成。
文章评论