一个伪linux粉丝的blog

  1. 首页
  2. unix/linux
  3. 正文

nessus

3月 30, 2021 452点热度 0人点赞 0条评论

本文为12月第二周网站忘记续费后从webcache里面找回的,丢失图片

这篇仍旧是漏洞排查系列过程之    nessus的安装部分,找到2篇教程,基本无坑,这里照抄了 :eek: , 自己存档用,3周前的草稿了,今天补全:)

 

使用centos安装nessus 8.13,并解除IP限制
Nessus 8.11.1 最新版破解方法 无16IP限制

下载

https://www.tenable.com/downloads/nessus

我这边的平台是 CentOS7,就选它了

 

申请激活码

去nessus官方申请激活码,https://zh-cn.tenable.com/products/nessus/nessus-essentials

姓名随便填,邮箱必须正确,用来接收激活码。

另外左侧红框可以看到,默认最大16个ip地址。

邮箱收到如下邮件

Your Nessus Essentials License

开始安装

1
rpm -ivh Nessus-8.13.1-es7.x86_64.rpm</code> 启动

1
service nessusd start</code> 开始配置

https://centos的ip:8834

在打开的页面中选择“Managed Scanner”,并点击continue。

如下页面中选择Tenable.sc,并continue。这里下拉框要看清,别选错了。

 

设置用户名,密码,并提交submit。

进入nessus设置about页面。这个时候,nessus是没有scan功能的。

离线激活

1)获得挑战码(challenge code)

[[email protected] ~]# /opt/nessus/sbin/nessuscli fetch  --challenge

2)获取离线插件包地址及激活证书。

浏览器打开网页 https://plugins.nessus.org/v2/offline.php ,输入第二步邮箱中申请的激活码,以及上一步得到的挑战码。

得到更新插件地址,及license证书。

下载更新包,下载证书nessus.license。

更新包及license传到centos7。

安装插件包

1
<span class="token punctuation">[</span>root@10-23-2-20 ~<span class="token punctuation">]</span># <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>sbin<span class="token operator">/</span>nessuscli update <span class="token punctuation">.</span><span class="token operator">/</span>all<span class="token operator">-</span><span class="token number">2.0</span><span class="token punctuation">.</span>tar<span class="token punctuation">.</span>gz

离线激活nessus。

1
2
<span class="token punctuation">[</span>root@10-23-2-20 ~<span class="token punctuation">]</span># <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>sbin<span class="token operator">/</span>nessuscli fetch <span class="token operator">--</span>register<span class="token operator">-</span>offline <span class="token punctuation">.</span><span class="token operator">/</span>nessus<span class="token punctuation">.</span>license
 

此时强烈建议备份/opt/nessus/lib/nessus/plugins/

1
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># cp <span class="token operator">-</span>r <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span> <span class="token punctuation">.</span><span class="token operator">/</span></code> 重启nessus

1
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd restart

打开浏览器访问nessus。会初始化插件。时间很长,静待。

完成后进入nessus系统。显示激活成功,具有了scan功能。但显示仅允许扫描16个IP。

 解除IP限制

获取当前plugins的版本。

打开如下的页面,并记录下版本号。

https://plugins.nessus.org/v2/plugins.php

停止nessus服务

创建 plugin_feed_info.inc
1
2
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim plugin_feed_info<span class="token punctuation">.</span>inc
 

内容如下,并将刚刚获取到的版本号替换如下内容中的数字串。

1
2
3
4
PLUGIN_SET = "202103010119";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
 

将plugin_feed_info.inc替换到 /opt/nessus/var/nessus/plugin_feed_info.inc

1
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span>

将 /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc 文件删除。

1
2
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc
 
启动nessus服务
1
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd start

打开浏览器,访问nessus,会看到nessus初始化插件,完成后,看设置页面显示 unlimited。表示解除IP限制成功。

. 后续

由于Nessus服务每次重启后,都会重置plugin_feed_info.inc,这将会使nessus/plugins目录下所有的插件都被删除,无法扫描。因此要将nessus服务设置为手动,并且先停止nessus服务。
1
2
3
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># systemctl disable nessusd
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># service nessusd stop
 

以后每次使用nessus就重复第6步的操作。

故可以写成批处理。

1
2
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim crack_nessus<span class="token punctuation">.</span>sh
 

内容如下:

1
2
3
4
5
service nessusd stop<span class="token punctuation">;</span>
cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token punctuation">;</span>
rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc<span class="token punctuation">;</span>
service nessusd start<span class="token punctuation">;</span>
 

将crack_nessus.sh写到系统启动的脚本里。这样每次重启CentOS,会自动执行解除IP限制程序。

1
2
3
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># chmod <span class="token operator">+</span>x  <span class="token operator">/</span>etc<span class="token operator">/</span>rc<span class="token punctuation">.</span>d<span class="token operator">/</span>rc<span class="token punctuation">.</span>local
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># vim  <span class="token operator">/</span>etc<span class="token operator">/</span>rc<span class="token punctuation">.</span>d<span class="token operator">/</span>rc<span class="token punctuation">.</span>local
 

添加如下内容到rc.local

1
2
/bin/bash /root/crack_nessus.sh
 

至此,nessus完全解除IP限制完成。

可能遇到的坑及相应的解决办法

在解除ip限制的过程中,如果已经解除成功,但是新建扫描项目时,发现很快就结束,无扫描结果。此时查看plugins目录内容是否被删除。

1
2
<span class="token punctuation">[root@10-23-2-20</span> <span class="token operator">~</span><span class="token punctuation">]</span># du <span class="token operator">-</span>h <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins
 

正常情况下,该目录应该在1.2G左右。如远远低于此数值。请按如下步骤操作(前提是备份好了plugins目录):

1
2
3
4
5
6
service nessusd stop<span class="token punctuation">;</span>
rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins
cp <span class="token operator">-</span>r <span class="token punctuation">.</span><span class="token operator">/</span>plugins <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>
cp <span class="token operator">/</span>root<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token keyword">var</span><span class="token operator">/</span>nessus<span class="token operator">/</span><span class="token punctuation">;</span>
rm <span class="token operator">-</span>rf <span class="token operator">/</span>opt<span class="token operator">/</span>nessus<span class="token operator">/</span>lib<span class="token operator">/</span>nessus<span class="token operator">/</span>plugins<span class="token operator">/</span>plugin_feed_info<span class="token punctuation">.</span>inc<span class="token punctuation">;</span>
service nessusd start<span class="token punctuation">;</span>

然后打开浏览器,正常访问nessus。(https://centos的ip:8843)
静待plugins更新完成。

扫描界面截图

相关文章:

  1. bwbar
  2. grep awk cut sort uniq sort
  3. Log4j2-RollingFileAppender
  4. Install a newer version of Git on CentOS 7
标签: 暂无
最后更新:12月 19, 2021

wanjie

这个人很懒,什么都没留下

点赞
< 上一篇
下一篇 >

文章评论

取消回复

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据。

归档
分类
  • network / 324篇
  • Uncategorized / 116篇
  • unix/linux / 114篇
  • 业界资讯 / 38篇
  • 公司杂事 / 11篇
  • 数码影像 / 12篇
  • 美剧 / 3篇
  • 美图共赏 / 20篇
  • 英语学习 / 3篇
标签聚合
邮件归档 Linux Opera Mini wget Google Adwords iMac Android Google Voice dreamhost空间 Google 中国电信 debian k8s VPS nexus kernel 刷机 jira 虚拟主机 网通 网站运营 docker dreamhost Ubuntu brew Nginx gitlab ldap 泰国 d90

COPYRIGHT © 2008-2022 wanjie.info. ALL RIGHTS RESERVED.

Theme Kratos Made By Seaton Jiang