安装
到官网下载所需版本https://www.tenable.com/downloads/nessus
CentOS下安装
npm -i Nessus-8.12.1-es7.x86_64.rpm
启动
systemctl start nessusd.service
启动后可访问url,CentOS需要先关闭防火墙
https://xxxx:8834/
按照提示初始化即可
更新插件库
下载最新nessus插件库
在Nessus官网注册后,可以免费获取插件库下载链接。
这里提供一个2021年3月6日的插件库:
https://file-wsg.oss-cn-shanghai.aliyuncs.com/others/nessus_plugin/all-2.0.tar.gz
更新
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz
破解
rm -rf /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cat>/opt/nessus/var/nessus/plugin_feed_info.inc<<EOF
PLUGIN_SET = "202112022000";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
重启
systemctl restart nessusd.service
更新插件库后初次启动需要编译,耗时较长
插件库所在目录为/opt/nessus/lib/nessus/plugins/
备份插件库(下次破解时直接恢复备份的插件库,节省编译时间)
cd /opt/nessus/lib/nessus/
tar -zcvf nessus.tar.gz plugins/
mkdir -p /opt/nessus/backup/
rm -rf /opt/nessus/backup/nessus.tar.gz
mv nessus.tar.gz /opt/nessus/backup/
如果没有出现扫描页面,重复步骤3、4
卸载
/sbin/service nessusd stop
rpm -qa | grep Nessus
rpm -e <Package Name>
rm -rf /opt/nessus
Reference
初始化:
https://www.hackliu.com/?p=600
更新插件库:
https://www.blueprintf.com/thread/4
https://sec.kim/2020/09/08/nessus-8-11-1-%E6%9C%80%E6%96%B0%E7%89%88%E7%A0%B4%E8%A7%A3%E6%96%B9%E6%B3%95-%E6%97%A016ip%E9%99%90%E5%88%B6
卸载:
https://docs.tenable.com/nessus/Content/RemoveNessusLinux.htm
发表评论