#!/bin/bash if [[ $(id -u) -ne 0 ]] ; then echo "请以超级管理员身份 root 运行" ; exit 1 ; fi echo //============================================================== echo Nessus 下载 安装 破解 一键运行脚本 echo 利刃信安修改脚本 echo 使用方法: echo sudo chmod +x ./Nessus_Pro_Debian.sh && sudo ./Nessus_Pro_Debian.sh echo //============================================================== echo " 1 确保准备就绪 ..." sudo apt-get update &>/dev/null sudo apt-get install curl dpkg expect -y &>/dev/null echo " 2 停止运行旧版本 ..." /bin/systemctl stop nessusd.service &>/dev/null echo " 3 下载最新版本 Nessus ..." curl -A Mozilla --request GET \ --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \ --output 'Nessus-10.5.2-debian10_amd64.deb' &>/dev/null echo " 4 安装 Nessus ..." chmod +x Nessus-10.5.2-debian10_amd64.deb &>/dev/null dpkg -i Nessus-10.5.2-debian10_amd64.deb &>/dev/null echo " 5 开启 Nessus 服务 ..." /bin/systemctl start nessusd.service &>/dev/null echo " 6 静待 20s ..." sleep 20 echo " 7 停止 Nessus 服务 ..." /bin/systemctl stop nessusd.service &>/dev/null echo " 8 修改 Nessus 配置信息 ..." echo " 监听端口: 8488" /opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=8488 &>/dev/null echo " 皮肤: 黑色" /opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null echo " 安全校验: 关闭" /opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null echo " 日志: performance" /opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null echo " 升级: 关闭" /opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null echo " 运维: 关闭" /opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null echo " 9 新增用户 (用户名:Mannix 口令:Mannix3389) ..." cat > expect.tmp<<'EOF' spawn /opt/nessus/sbin/nessuscli adduser Mannix expect "Login password:" send "Mannix3389\r" expect "Login password (again):" send "Mannix3389\r" expect "*(can upload plugins, etc.)? (y/n)*" send "y\r" expect "*(the user can have an empty rules set)" send "\r" expect "Is that ok*" send "y\r" expect eof EOF expect -f expect.tmp &>/dev/null rm -rf expect.tmp &>/dev/null echo " 10 下载最新插件 ..." curl -A Mozilla -o all-2.0.tar.gz \ --url 'https://xxx.xxx/nessus/all-2.0.tar.gz' &>/dev/null echo " 11 安装插件 ..." chmod +x all-2.0.tar.gz &>/dev/null /opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null echo " 12 开启服务 ..." rm -r all-2.0.tar.gz &>/dev/null /bin/systemctl start nessusd.service &>/dev/null echo " 13 静待 20s ..." sleep 20 echo " 14 监控 Nessus 状态 ..." M=0 while [ $M -ne 100 ] do statline=`curl -sL -k https://localhost:8488/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'` if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题: Nessus 服务不可达?再次重试...\n"; fi echo -ne "\r $statline" if [[ $statline == *"100"* ]]; then M=100; else sleep 10; fi done echo -ne ' 15 破解完成 ...' echo echo " 进入你的 Nessus: https://localhost:8488/(或者你的 VPS IP)" echo " 用户名: Mannix" echo " 口令: Mannix3389" echo " 你可以任意修改" echo read -p " 16 按任意键退出 ..."
原文始发于微信公众号(利刃信安攻防实验室):【一键安装】Nessus 一键下载 安装 破解脚本
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论