Nessus 8.12.1 installation tutorial
download link
https://www.tenable.com/downloads/nessus?loginAttempted=true
Installation tutorial
Download the corresponding Nessus deb installation package (mine is a 64-bit kali)
Once you have downloaded, copied to kali linux, use the dpkg
command to install
dpkg -i Nessus-8.12.1-debian6_amd64.deb
Start nessus and check the status, the prompt running
indicates that the startup is successful
service nessusd start
service nessusd status
Visit nessus https://localhost:8834/
Select Managed Scanner
and clickContinue
Choose Tenable.sc
, continue to the next step
Enter your Nessus account password
Waiting for installation
The installation was successful, but scan was not found
Crack
First go to the following link to register to get an activation code, if you don’t want to use your own email, you can use a temporary email
https://zh-cn.tenable.com/products/nessus/nessus-essentials
Check your email to get your activation code
Enter the nessus directory and get Challenge code
cd /opt/nessus/sbin/
./nessuscli fetch --challenge
Access https://plugins.nessus.org/v2/offline.php fill in Challenge Code
and activation code
download the all-2.0.tar.gz file.
Copy the downloaded file all-2.0.tar.gz
to the /opt/nessus/sbin
directory in kali and execute the update command
cp all-2.0.tar.gz /opt/nessus/sbin/
cd /opt/nessus/sbin/
./nessuscli update all-2.0.tar.gz
Copy the plugins
directory, this directory is the vulnerability plug-in directory of nessus
cp -r /opt/nessus/lib/nessus/plugins/ /opt/nessus/lib/nessus/plugins.bak/
Restart nessus
service nessusd restart
Waiting for the update (In the previous cracking tutorial, the plugin_feed_info.inc file will be modified before this step. You don’t need to try again. After I modify it, it will reset and cannot become the professional version, and the new vulnerability plug-in will be deleted. Off) After the
update is complete, no need to log in, modify the plugin_feed_info.inc file
vim /opt/nessus/var/nessus/plugin_feed_info.inc
vim /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
Both files add the following:
PLUGIN_SET = "202010191623";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
Restart nessus
service nessusd restart
Scan appeared after the update (this step cannot be considered as a complete crack, because plugins
the files in the directory have been deleted, and you can't scan it when you scan it. This step is just to make nessus a professional version)
After scan appears, replace the plugins directory we copied earlier
cd /opt/nessus/lib/nessus
rm -rf plugins
mv plugins.bak/ plugins
Restart kali
reboot
Open nessus after reboot
service nessusd start
Visit: https://localhost:8843
Continue to wait for the update, this time it will be a long time (because all plugins are being loaded)
Remember to take a snapshot after installation, because restart the nessus service again, nessus will still delete the plugins in the plugins directory
Check if you have updated to version 8.12.1
1. Check the plugins in the plugins directory, if it is 125792, the update is successful
ls -l /opt/nessus/lib/nessus/plugins/ | grep "^-" | wc -l
2. Log in to nessus, use the dynamic scan template on the nessus scanner, in the Dynamic Plugins
options, use the method of filtering Plugin ID to find whether Nessus has the latest plug-in ID
https://www.tenable.com/plugins/newest?type=&page=1
The latest plug-in id:
enter the dynamic scanning module:
Find 142559 plugin