最近工作中,发现很多都是要做主机存活扫描,还有主机漏洞安全评估,就算比如说有了某盟或者某融信的主机安全扫描评估设备,但是发现还是不够,还是需要双套设备来验证,如果对于平常只是专注与漏洞挖掘的人来说nessus作用不大,但是对于安服来说就是对主机批量扫描,确认主机存活率,还有内网主机漏洞等,攻击来说nessus的作用也非常大,主要就是用来快速打点资产,快速定位主机漏洞等,所以经常有朋友问我nessus 收费的怎么办?所以我在网上找了一篇文章转载了一下,验证确认是可行的拿出来分享
nessus介绍
Nessus是一款知名的网络漏洞扫描器,由Tenable Network Security开发。它可以帮助管理员检测和识别网络上的漏洞,以及评估系统、设备和应用程序的安全性。以下是Nessus扫描器的一些主要特点和功能:
-
漏洞扫描:Nessus可以对网络上的目标进行全面的漏洞扫描,检测可能存在的安全漏洞和弱点。
-
配置审计:除了漏洞扫描,Nessus还可以进行配置审计,检查系统和设备的配置是否符合最佳安全实践和合规标准。
-
广泛的漏洞库:Nessus拥有一个庞大的漏洞数据库,涵盖了各种操作系统、应用程序和网络设备的漏洞信息。
-
定制化扫描策略:管理员可以根据自己的需求和网络环境定制扫描策略,包括扫描目标、扫描时间和扫描深度等参数。
-
报告生成:Nessus能够生成详细的扫描报告,包括发现的漏洞、建议的修复措施和合规性评分等信息,帮助管理员理解网络安全风险并采取适当的措施。
-
漏洞管理:Nessus提供漏洞管理功能,帮助管理员跟踪漏洞修复的进度,并优先处理最重要的安全问题。
-
合规性扫描:Nessus可以进行合规性扫描,检查系统和应用程序是否符合特定的安全标准和合规性要求,如PCI DSS、HIPAA等。
kali-Nessus下载与安装
Nessus是工业界使用较为广泛的产品。登录官网,下载对应版本的nessus框架安装包
https://www.tenable.com/downloads/nessus?loginAttempted=true
脚本如下
#!/bin/bashif[[ $(id -u) -ne0]] ; then echo"请使用 root 用户运行";exit1; fiecho//==============================================================echo Nessus 最新版本下载、安装和破解 -Zen20230819echo 特别感谢 John Doe 在 Debian 上演示这一操作的有效性echo 感谢369提供关于"latest"的提示echo//==============================================================echo" + 增加了防滑附加功能,移除所有 chattr 设置 20231013"chattr -i -R /opt/nessusecho" + 确保我们有先决条件.."apt update &>/dev/nullapt -y install curl dpkg expect &>/dev/nullecho" + 停止旧的 nessusd 服务,以防存在一个!"/bin/systemctl stop nessusd.service &>/dev/nullecho" + 下载 Nessus.."curl -A Mozilla --request GET--url'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb'--output'Nessus-latest-debian10_amd64.deb'&>/dev/null{if[ ! -f Nessus-latest-debian10_amd64.deb ]; thenecho" + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"exit0fi }echo" + 安装 Nessus.."dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null# 看,我试图只是进行更改和运行,但它不起作用。如果你能优化我的操作,让我知道。但对我来说,这是唯一需要运行的 :/echo" + 第一次初始化时启动服务(必须执行)"/bin/systemctl start nessusd.service &>/dev/nullecho" + 让 Nessus 初始化,等待大约 20 秒..."sleep20echo" + 停止 nessus 服务.."/bin/systemctl stop nessusd.service &>/dev/nullecho" + 更改 nessus 设置为 Zen 偏好(自由战士模式)"echo" 监听端口: 11127"/opt/nessus/sbin/nessuscli fix --setxmlrpc_listen_port=11127&>/dev/nullecho" 主题: 暗色"/opt/nessus/sbin/nessuscli fix --setui_theme=dark &>/dev/nullecho" 安全检查: 关闭"/opt/nessus/sbin/nessuscli fix --setsafe_checks=false&>/dev/nullecho" 日志: 性能"/opt/nessus/sbin/nessuscli fix --setbackend_log_level=performance &>/dev/nullecho" 更新: 关闭"/opt/nessus/sbin/nessuscli fix --setauto_update=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setauto_update_ui=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setdisable_core_updates=true&>/dev/nullecho" 遥测: 关闭"/opt/nessus/sbin/nessuscli fix --setreport_crashes=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setsend_telemetry=false&>/dev/nullecho" + 添加一个用户,稍后可以更改(用户名:admin, 密码:ddosi)"cat > expect.tmp<<'EOF'spawn /opt/nessus/sbin/nessuscli adduser adminexpect"登录密码:"send"ddosir"expect"登录密码(再次输入):"send"ddosir"expect"*(可以上传插件等)? (y/n)*"send"yr"expect"*(用户可以有一个空的规则集)"send"r"expect"是否确定*"send"yr"expect eofEOFexpect -f expect.tmp &>/dev/nullrm -rf expect.tmp &>/dev/nullecho" + 下载新的插件.."curl -A Mozilla -o all-2.0.tar.gz--url'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6'&>/dev/null{if[ ! -f all-2.0.tar.gz ]; thenecho" + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"exit0fi }echo" + 安装插件.."/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/nullecho" + 获取版本号.."# 我曾经看到这个对于下载不正确。嗯,但对我来说它有效。vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)echo" + 构建插件 feed..."cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOFPLUGIN_SET ="${vernum}";PLUGIN_FEED ="ProfessionalFeed (Direct)";PLUGIN_FEED_TRANSPORT ="Tenable Network Security Lightning";EOFecho" + 保护文件.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullcp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullecho" + 设置所有文件为不可变..."chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/nullchattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/nullecho" + 但是取消关键文件的不可变性.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullchattr -i /opt/nessus/lib/nessus/plugins &>/dev/nullecho" + 启动服务.."/bin/systemctl start nessusd.service &>/dev/nullecho" + 再等待 20 秒以便服务器有足够的时间启动!"sleep20echo" + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"zen=0while[ $zen -ne100]dostatline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`if[[ $statline != *"engine_status"* ]]; then echo -ne"n 问题:Nessus 服务器无法访问?再次尝试..n"; fiecho -ne"r $statline"if[[ $statline == *"100"* ]]; then zen=100;elsesleep10; fidoneecho -ne'n o 完成!n'echoecho" 访问 Nessus: https://localhost:11127/ (或您的 VPS IP)"echo" 用户名: admin"echo" 密码: ddosi"echo" 随时可以更改"echoread -p"按 Enter 键继续"
授予执行权限
chmod +x nessus.sh
执行脚本
安装时间比较慢所以需要等待一段时间
完成安装
扫描测试
功能展示
本机测试扫描
Nessus破解版【适用于Ubuntu系统】
安装一键脚本
直接复制如下代码保存为nessus_ubuntu.sh
#!/bin/bashif[[ $(id -u) -ne0]] ; then echo"Please run as root";exit1; fiecho//==============================================================echo Nessus latest DOWNLOAD, INSTALL,andCRACK -Zen20230819echo special thanks to John Doeforshowingthisworks on Debianecho THANKS369fortip about LATEST as a version numberecho//==============================================================echo" o antiskid extra thing added removing all chattr 20231013"chattr -i -R /opt/nessusecho" o making sure we have prerequisites.."apt update &>/dev/nullapt -y install curl dpkg expect &>/dev/nullecho" o stopping old nessusd in case there is one!"/bin/systemctl stop nessusd.service &>/dev/nullecho" o downloading Nessus.."curl -A Mozilla --request GET--url'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb'--output'Nessus-latest-ubuntu1404_amd64.deb'&>/dev/null{if[ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; thenecho" o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"exit0fi }echo" o installing Nessus.."dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/nullecho" o starting service once FIRST TIME INITIALIZATION (we have to do this)"/bin/systemctl start nessusd.service &>/dev/nullecho" o let's allow Nessus time to initalize - we'll give it like 20 seconds..."sleep20echo" o stopping the nessus service.."/bin/systemctl stop nessusd.service &>/dev/nullecho" o changing nessus settings to Zen preferences (freedom fighter mode)"echo" listen port: 11127"/opt/nessus/sbin/nessuscli fix --setxmlrpc_listen_port=11127&>/dev/nullecho" theme: dark"/opt/nessus/sbin/nessuscli fix --setui_theme=dark &>/dev/nullecho" safe checks: off"/opt/nessus/sbin/nessuscli fix --setsafe_checks=false&>/dev/nullecho" logs: performance"/opt/nessus/sbin/nessuscli fix --setbackend_log_level=performance &>/dev/nullecho" updates: off"/opt/nessus/sbin/nessuscli fix --setauto_update=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setauto_update_ui=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setdisable_core_updates=true&>/dev/nullecho" telemetry: off"/opt/nessus/sbin/nessuscli fix --setreport_crashes=false&>/dev/null/opt/nessus/sbin/nessuscli fix --setsend_telemetry=false&>/dev/nullecho" o adding a user you can change this later (u:admin,p:ddosi)"cat > expect.tmp<<'EOF'spawn /opt/nessus/sbin/nessuscli adduser adminexpect"Login password:"send"ddosir"expect"Login password (again):"send"ddosir"expect"*(can upload plugins, etc.)? (y/n)*"send"yr"expect"*(the user can have an empty rules set)"send"r"expect"Is that ok*"send"yr"expect eofEOFexpect -f expect.tmp &>/dev/nullrm -rf expect.tmp &>/dev/nullecho" o downloading new plugins.."curl -A Mozilla -o all-2.0.tar.gz--url'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6'&>/dev/null{if[ ! -f all-2.0.tar.gz ]; thenecho" o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"exit0fi }echo" o installing plugins.."/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/nullecho" o fetching version number.."vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)echo" o building plugin feed..."cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOFPLUGIN_SET ="${vernum}";PLUGIN_FEED ="ProfessionalFeed (Direct)";PLUGIN_FEED_TRANSPORT ="Tenable Network Security Lightning";EOFecho" o protecting files.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullcp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullecho" o let's set everything immutable..."chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/nullchattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/nullecho" o but unsetting key files.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullchattr -i /opt/nessus/lib/nessus/plugins &>/dev/nullecho" o starting service.."/bin/systemctl start nessusd.service &>/dev/nullecho" o Let's sleep for another 20 seconds to let the server have time to start!"sleep20echo" o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"zen=0while[ $zen -ne100]dostatline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`if[[ $statline != *"engine_status"* ]]; then echo -ne"n Problem: Nessus server unreachable? Trying again..n"; fiecho -ne"r $statline"if[[ $statline == *"100"* ]]; then zen=100;elsesleep10; fidoneecho -ne'n o Done!n'echoecho" Access your Nessus: https://localhost:11127/ (or your VPS IP)"echo" username: admin"echo" password: ddosi"echo" you can change this any time"echoread -p"Press enter to continue"
步骤如上
文中内容转载自
https://www.ddosi.org/nessus2024/原文始发于微信公众号(安全帮):Nessus 破解+最新插件更新图文教程 for linux
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论