Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】
安装脚本适用于debian系统,可在kali linux上成功安装。
适用于Ubuntu系统的可在文章末尾下载。
Nessus版本:10.6.4
插件版本:202401292356
安装方法
1.下载nessus.sh脚本。
下载地址:
或直接复制如下代码保存为nessus.sh
#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi
echo //==============================================================
echo Nessus 最新版本下载、安装和破解 -Zen 20230819
echo 特别感谢 John Doe 在 Debian 上演示这一操作的有效性
echo 感谢 369 提供关于 "latest" 的提示
echo //==============================================================
echo " + 增加了防滑附加功能,移除所有 chattr 设置 20231013"
chattr -i -R /opt/nessus
echo " + 确保我们有先决条件.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + 停止旧的 nessusd 服务,以防存在一个!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 下载 Nessus.."
curl -A Mozilla --request GET \
--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
--output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
exit 0
fi }
echo " + 安装 Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
# 看,我试图只是进行更改和运行,但它不起作用。如果你能优化我的操作,让我知道。但对我来说,这是唯一需要运行的 :/
echo " + 第一次初始化时启动服务(必须执行)"
/bin/systemctl start nessusd.service &>/dev/null
echo " + 让 Nessus 初始化,等待大约 20 秒..."
sleep 20
echo " + 停止 nessus 服务.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 更改 nessus 设置为 Zen 偏好(自由战士模式)"
echo " 监听端口: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo " 主题: 暗色"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo " 安全检查: 关闭"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo " 日志: 性能"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo " 更新: 关闭"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo " 遥测: 关闭"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + 添加一个用户,稍后可以更改(用户名:admin, 密码:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "登录密码:"
send "ddosi\r"
expect "登录密码(再次输入):"
send "ddosi\r"
expect "*(可以上传插件等)? (y/n)*"
send "y\r"
expect "*(用户可以有一个空的规则集)"
send "\r"
expect "是否确定*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + 下载新的插件.."
curl -A Mozilla -o all-2.0.tar.gz \
--url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
exit 0
fi }
echo " + 安装插件.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + 获取版本号.."
# 我曾经看到这个对于下载不正确。嗯,但对我来说它有效。
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + 构建插件 feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + 保护文件.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + 设置所有文件为不可变..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 但是取消关键文件的不可变性.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 启动服务.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + 再等待 20 秒以便服务器有足够的时间启动!"
sleep 20
echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"
zen=0
while [ $zen -ne 100 ]
do
statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题:Nessus 服务器无法访问?再次尝试..\n"; fi
echo -ne "\r $statline"
if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n o 完成!\n'
echo
echo " 访问 Nessus: https://localhost:11127/ (或您的 VPS IP)"
echo " 用户名: admin"
echo " 密码: ddosi"
echo " 随时可以更改"
echo
read -p "按 Enter 键继续"2.授予执行权限
chmod +x nessus.sh
3.使用root账号执行nessus.sh(请耐心等待)大约10-15分钟。
./nessus.sh4.安装完毕如图所示
5.打开如下网页即可访问Nessus。
或
6.使用账号密码登录
账号 | 密码 |
admin | ddosi |
Nessus启动与停止命令
启动
sudo systemctl start nessusd && systemctl --no-pager status nessusd或直接搜索Nessus,点击nessus start即可
停止
sudo systemctl stop nessusd && systemctl --no-pager status nessusd或直接搜索Nessus,点击nessus stop即可.
插件数量
序号 | 插件名称 | 数量 |
1 | AIX Local Security Checks | 11551 |
2 | Alma Linux Local Security Checks | 1177 |
3 | Amazon Linux Local Security Checks | 4216 |
4 | Backdoors | 123 |
5 | Brute force attacks | 26 |
6 | CentOS Local Security Checks | 4414 |
7 | CGI abuses | 5671 |
8 | CGI abuses : XSS | 703 |
9 | CISCO | 2366 |
10 | Databases | 969 |
11 | Debian Local Security Checks | 9196 |
12 | Default Unix Accounts | 172 |
13 | Denial of Service | 110 |
14 | DNS | 231 |
15 | F5 Networks Local Security Checks | 1405 |
16 | Fedora Local Security Checks | 18304 |
17 | Firewalls | 414 |
18 | FreeBSD Local Security Checks | 5475 |
19 | FTP | 272 |
20 | Gain a shell remotely | 282 |
21 | General | 356 |
22 | Gentoo Local Security Checks | 3519 |
23 | HP-UX Local Security Checks | 1983 |
24 | Huawei Local Security Checks | 10698 |
25 | Junos Local Security Checks | 622 |
26 | MacOS X Local Security Checks | 2287 |
27 | Mandriva Local Security Checks | 3641 |
28 | MarinerOS Local Security Checks | 564 |
29 | Misc. | 3657 |
30 | Netware | 14 |
31 | NewStart CGSL Local Security Checks | 1430 |
32 | Oracle Linux Local Security Checks | 6514 |
33 | OracleVM Local Security Checks | 602 |
34 | Palo Alto Local Security Checks | 170 |
35 | Peer-To-Peer File Sharing | 105 |
36 | PhotonOS Local Security Checks | 1895 |
37 | Policy Compliance | 16 |
38 | Red Hat Local Security Checks | 11595 |
39 | Rocky Linux Local Security Checks | 1083 |
40 | RPC | 39 |
41 | SCADA | 64 |
42 | Scientific Linux Local Security Checks | 3291 |
43 | Service detection | 601 |
44 | Settings | 122 |
45 | Slackware Local Security Checks | 1525 |
46 | SMTP problems | 154 |
47 | SNMP | 34 |
48 | Solaris Local Security Checks | 3819 |
49 | SuSE Local Security Checks | 23108 |
50 | Tenable.ot | 1885 |
51 | Ubuntu Local Security Checks | 7670 |
52 | Virtuozzo Local Security Checks | 341 |
53 | VMware ESX Local Security Checks | 143 |
54 | Web Servers | 1690 |
55 | Windows | 6509 |
56 | Windows : Microsoft Bulletins | 3000 |
57 | Windows : User management | 29 |
卸载方法
1.停止Nessus服务。
sudo systemctl stop nessusd && systemctl --no-pager status nessusd2.修改/opt/nessus/文件夹属性
chattr -i -R /opt/nessus/3.卸载Nessus
apt remove nessus注意事项
问题:在系统或Nessus重启后,扫描按钮可能出现暂时不能用的情况。
原因:Nessus在重新配置插件。
解决办法:耐心等待3~5分钟即可。
Nessus破解版【适用于Ubuntu系统】
操作方法和上面的一样。
下载地址:
或直接复制如下代码保存为nessus_ubuntu.sh
#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo Nessus latest DOWNLOAD, INSTALL, and CRACK -Zen 20230819
echo special thanks to John Doe for showing this works on Debian
echo THANKS 369 for tip about LATEST as a version number
echo //==============================================================
echo " o antiskid extra thing added removing all chattr 20231013"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
--url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
--output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"
exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
# look I tried to just make changes and run but it doesnt work. if you can optimize
# what im doing here, let me know. but this was it for me, it had to be run once :/
echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to Zen preferences (freedom fighter mode)"
echo " listen port: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo " theme: dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo " safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo " logs: performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo " updates: off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo " telemetry: off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "ddosi\r"
expect "Login password (again):"
send "ddosi\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
--url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"
exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download. hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
echo -ne "\r $statline"
if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n o Done!\n'
echo
echo " Access your Nessus: https://localhost:11127/ (or your VPS IP)"
echo " username: admin"
echo " password: ddosi"
echo " you can change this any time"
echo
read -p "Press enter to continue"
