Nessus_破解

#笔记 #Hacker

0x01 下载

Nessus官⽅下载地址: Download Nessus | Tenable®

下载相应的版本

版本 操作系统
Nessus-xxx-amznxxx.rpm Amazon Linux
Nessus-xxx-debianxxx.deb Debian / Kali Linux
Nessus-xxx-raspberrypios_armhf.deb Raspberry Pi OS (32-bit)
Nessus-xxx-ubuntuxxx.deb Ubuntu
Nessus-xxx-esxxx.rpm Red Hat / CentOS / Oracle Linux
Nessus-xxx-fcxxx.rpm Fedora
Nessus-xxx-susexxx.rpm SUSE
Nessus-xxx-fbsdxxx.txz FreeBSD
Nessus-xxx.msi Windows
Nessus-xxx.dmg macOS

0x02 安装

0x02.1 Kali Linux

dpkg -i Nessus-xxx-debianxxx.deb

0x02.2 Windows

无脑下一步下一步即可,若需要修改安装路径请将路径记录下来,默认路径(C:\Program Files\Tenable\Nessus\)

0x02.3 初始化

访问 : https://localhost:8834/

image-20220924102013779

image-20220924102054098

创建超管用户并设置密码 : root/root

image-20220924102115874

image-20220924102146066

安装完成后界⾯如下,尚未激活不能扫描,此时只有⼀个设置按钮,并⽆扫描按钮

image-20220924102224491

0x02.x Chrome 浏览器提示“您的连接不是私密连接”

image-20220924100724373

**解决:**就是在当前页面用键盘输入 thisisunsafe ,不是在地址栏输入,就直接敲键盘就行了,页面即会自动刷新进入网页。

**原因:**因为 Chrome 不信任这些自签名 ssl 证书,为了安全起见,直接禁止访问了,thisisunsafe 这个命令,说明你已经了解并确认这是个不安全的网站,你仍要访问就给你访问了。

0x03 破解

0x03.1 停止 Nessus 服务

sudo systemctl stop nessusd.service

管理员权限

net stop "Tenable Nessus"

0x03.2 修改文件

vim /opt/nessus/var/nessus/plugin_feed_info.inc

C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc
C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc

将文件内容修改为:

PLUGIN_SET = "202208261352";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

0x03.3 启动 Nessus 服务

sudo systemctl start nessusd.service

管理员权限

net start "Tenable Nessus"

再访问 https://localhost:8834/ 输⼊账号密码进⾏登录
出现Scans按钮则破解成功

image-20220924114936155

0x04 更新特征库

# # 停止 Nessus 服务
sudo systemctl stop nessusd.service

# 删除旧特征库
sudo rm -rf /opt/nessus/var/nessus/plugins-code.db* 2&>/dev/null
sudo rm -rf  /opt/nessus/var/nessus/plugins-desc.db* 2&>/dev/null
sudo rm -rf  /opt/nessus/var/nessus/plugins-attributes.db 2&>/dev/null
sudo rm -rf  /opt/nessus/var/nessus/services* 2&>/dev/null

# 更新特征库
sudo /opt/nessus/sbin/nessuscli update  all-2.0_202208261352.tar.gz

# 更新授权文件
sudo vim /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
# 修改内容
# PLUGIN_SET 需与 all-2.0.tar.gz 的版本值对应
PLUGIN_SET = "202208261352";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

sudo cp /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc /opt/nessus/var/nessus/

# 启动服务器
sudo systemctl start nessusd.service

管理员权限

# 停止 Nessus 服务
net stop "Tenable Nessus"

# 修改文件属性
attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins\*.*"
attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"

# 更新特征库
"C:\Program Files\Tenable\Nessus\nessuscli.exe" update "(Path For your File)\all-2.0_202208261352.tar.gz"

# 更新授权文件
notepad C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc
# 修改内容
# PLUGIN_SET 需与 all-2.0.tar.gz 的版本值对应
PLUGIN_SET = "202208261352";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

copy "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc" "C:\ProgramData\Tenable\Nessus\nessus\"

# 将文件属性修改回去
attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugins\*.*"
attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"
attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc"

# 启动服务器
net start "Tenable Nessus"