- 漏洞扫描:Nessus可以对网络上的目标进行全面的漏洞扫描,检测可能存在的安全漏洞和弱点。
- 配置审计:除了漏洞扫描,Nessus还可以进行配置审计,检查系统和设备的配置是否符合最佳安全实践和合规标准。
- 广泛的漏洞库:Nessus拥有一个庞大的漏洞数据库,涵盖了各种操作系统、应用程序和网络设备的漏洞信息。
- 定制化扫描策略:管理员可以根据自己的需求和网络环境定制扫描策略,包括扫描目标、扫描时间和扫描深度等参数。
- 报告生成:Nessus能够生成详细的扫描报告,包括发现的漏洞、建议的修复措施和合规性评分等信息,帮助管理员理解网络安全风险并采取适当的措施。
- 漏洞管理:Nessus提供漏洞管理功能,帮助管理员跟踪漏洞修复的进度,并优先处理最重要的安全问题。
- 合规性扫描:Nessus可以进行合规性扫描,检查系统和应用程序是否符合特定的安全标准和合规性要求,如PCI DSS、HIPAA等。
下载对应版本的nessus框架安装包
链接:https://pan.baidu.com/s/1htisDKJg18jBFnIcMBLu4Q提取码:y94i
脚本如下
#!/bin/bashif [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fiecho //==============================================================echo Nessus 最新版本下载、安装和破解 -Zen 20230819echo 特别感谢 John Doe 在 Debian 上演示这一操作的有效性echo 感谢 369 提供关于 "latest" 的提示echo //==============================================================echo " + 增加了防滑附加功能,移除所有 chattr 设置 20231013"chattr -i -R /opt/nessusecho " + 确保我们有先决条件.."apt update &>/dev/nullapt -y install curl dpkg expect &>/dev/nullecho " + 停止旧的 nessusd 服务,以防存在一个!"/bin/systemctl stop nessusd.service &>/dev/nullecho " + 下载 Nessus.."curl -A Mozilla --request GET--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb'--output 'Nessus-latest-debian10_amd64.deb' &>/dev/null{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; thenecho " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"exit 0fi }echo " + 安装 Nessus.."dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null# 看,我试图只是进行更改和运行,但它不起作用。如果你能优化我的操作,让我知道。但对我来说,这是唯一需要运行的 :/echo " + 第一次初始化时启动服务(必须执行)"/bin/systemctl start nessusd.service &>/dev/nullecho " + 让 Nessus 初始化,等待大约 20 秒..."sleep 20echo " + 停止 nessus 服务.."/bin/systemctl stop nessusd.service &>/dev/nullecho " + 更改 nessus 设置为 Zen 偏好(自由战士模式)"echo " 监听端口: 11127"/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/nullecho " 主题: 暗色"/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/nullecho " 安全检查: 关闭"/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/nullecho " 日志: 性能"/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/nullecho " 更新: 关闭"/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/nullecho " 遥测: 关闭"/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/nullecho " + 添加一个用户,稍后可以更改(用户名:admin, 密码:ddosi)"cat > expect.tmp<<'EOF'spawn /opt/nessus/sbin/nessuscli adduser adminexpect "登录密码:"send "ddosir"expect "登录密码(再次输入):"send "ddosir"expect "*(可以上传插件等)? (y/n)*"send "yr"expect "*(用户可以有一个空的规则集)"send "r"expect "是否确定*"send "yr"expect eofEOFexpect -f expect.tmp &>/dev/nullrm -rf expect.tmp &>/dev/nullecho " + 下载新的插件.."curl -A Mozilla -o all-2.0.tar.gz--url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null{ if [ ! -f all-2.0.tar.gz ]; thenecho " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"exit 0fi }echo " + 安装插件.."/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/nullecho " + 获取版本号.."# 我曾经看到这个对于下载不正确。嗯,但对我来说它有效。vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)echo " + 构建插件 feed..."cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOFPLUGIN_SET = "${vernum}";PLUGIN_FEED = "ProfessionalFeed (Direct)";PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";EOFecho " + 保护文件.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullcp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullecho " + 设置所有文件为不可变..."chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/nullchattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/nullecho " + 但是取消关键文件的不可变性.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullchattr -i /opt/nessus/lib/nessus/plugins &>/dev/nullecho " + 启动服务.."/bin/systemctl start nessusd.service &>/dev/nullecho " + 再等待 20 秒以便服务器有足够的时间启动!"sleep 20echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"zen=0while [ $zen -ne 100 ]dostatline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`if [[ $statline != *"engine_status"* ]]; then echo -ne "n 问题:Nessus 服务器无法访问?再次尝试..n"; fiecho -ne "r $statline"if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fidoneecho -ne 'n o 完成!n'echoecho " 访问 Nessus: https://localhost:11127/ (或您的 VPS IP)"echo " 用户名: admin"echo " 密码: ddosi"echo " 随时可以更改"echoread -p "按 Enter 键继续"
授予执行权限
chmod +x nessus.sh
安装一键脚本
直接复制如下代码保存为nessus_ubuntu.sh
#!/bin/bashif [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fiecho //==============================================================echo Nessus latest DOWNLOAD, INSTALL, and CRACK -Zen 20230819echo special thanks to John Doe for showing this works on Debianecho THANKS 369 for tip about LATEST as a version numberecho //==============================================================echo " o antiskid extra thing added removing all chattr 20231013"chattr -i -R /opt/nessusecho " o making sure we have prerequisites.."apt update &>/dev/nullapt -y install curl dpkg expect &>/dev/nullecho " o stopping old nessusd in case there is one!"/bin/systemctl stop nessusd.service &>/dev/nullecho " o downloading Nessus.."curl -A Mozilla --request GET--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb'--output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; thenecho " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"exit 0fi }echo " o installing Nessus.."dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/nullecho " o starting service once FIRST TIME INITIALIZATION (we have to do this)"/bin/systemctl start nessusd.service &>/dev/nullecho " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."sleep 20echo " o stopping the nessus service.."/bin/systemctl stop nessusd.service &>/dev/nullecho " o changing nessus settings to Zen preferences (freedom fighter mode)"echo " listen port: 11127"/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/nullecho " theme: dark"/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/nullecho " safe checks: off"/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/nullecho " logs: performance"/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/nullecho " updates: off"/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/nullecho " telemetry: off"/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/nullecho " o adding a user you can change this later (u:admin,p:ddosi)"cat > expect.tmp<<'EOF'spawn /opt/nessus/sbin/nessuscli adduser adminexpect "Login password:"send "ddosir"expect "Login password (again):"send "ddosir"expect "*(can upload plugins, etc.)? (y/n)*"send "yr"expect "*(the user can have an empty rules set)"send "r"expect "Is that ok*"send "yr"expect eofEOFexpect -f expect.tmp &>/dev/nullrm -rf expect.tmp &>/dev/nullecho " o downloading new plugins.."curl -A Mozilla -o all-2.0.tar.gz--url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null{ if [ ! -f all-2.0.tar.gz ]; thenecho " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"exit 0fi }echo " o installing plugins.."/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/nullecho " o fetching version number.."vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)echo " o building plugin feed..."cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOFPLUGIN_SET = "${vernum}";PLUGIN_FEED = "ProfessionalFeed (Direct)";PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";EOFecho " o protecting files.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullcp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullecho " o let's set everything immutable..."chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/nullchattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/nullecho " o but unsetting key files.."chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/nullchattr -i /opt/nessus/lib/nessus/plugins &>/dev/nullecho " o starting service.."/bin/systemctl start nessusd.service &>/dev/nullecho " o Let's sleep for another 20 seconds to let the server have time to start!"sleep 20echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"zen=0while [ $zen -ne 100 ]dostatline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`if [[ $statline != *"engine_status"* ]]; then echo -ne "n Problem: Nessus server unreachable? Trying again..n"; fiecho -ne "r $statline"if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fidoneecho -ne 'n o Done!n'echoecho " Access your Nessus: https://localhost:11127/ (or your VPS IP)"echo " username: admin"echo " password: ddosi"echo " you can change this any time"echoread -p "Press enter to continue"
https://www.ddosi.org/nessus2024/原文始发于微信公众号(安全帮):Nessus 破解+最新插件更新图文教程 百度网盘下载
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论