又又又装了个Nessus,这次的版本是Nessus-10.5.0 Linux-Debian-amd64
Kali的版本是kali-linux-2023.1-vmware-amd64.7z
VMware Workstation 16 Pro 16.2.3
1,安装VMware
2,在VMware中安装Kali
(1)下载Kali Get Kali | Kali Linux
(2)下载到的文件为kali-linux-2023.1-vmware-amd64.7z,将它解压缩
(3)在VMware中打开解压缩目录下的kali-linux-2023.1-vmware-amd64.vmx,就安装完成Kali了,进入Kali之后,默认的用户名和密码都是kali,切换到root用户的密码也是kali。
3,在Kali中安装Nessus
(1)下载Nessus 网址:Download Nessus | Tenable®
如果可以在Kali中下载就直接下载在虚拟机中,如果不行就下载在本地,再拖到虚拟机中。
(2)在Kali中选择Nessus的安装包,右键,选择 ‘在这里打开终端’
(3)输入'ls' 查看安装包具体名称
(4)在终端输入'dpkg -i Nessus-10.5.0-debian10_amd64.deb'
(5)安装好后启动Nessus,在终端输入 '/bin/systemctl start nessusd.service' 或者'sudo service nessusd start'
(6)用浏览器打开https://kali:8834/ 页面,点击Continue
然后选择Register for Nessus Essentials, 点击Continue
注册,点击Register,获得激活码
点击Continue
输入用户名,密码,点击Submit
稍等一会
登陆后查看Settings,此时只有16个Licensed hosts,需要解除限制
4,破解Nessus
(1)新建一个文件,名称为:plugin_feed_info.inc,内容为:
PLUGIN_SET = "202303071847";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
其中PLUGIN_SET 换成你自己的Policy Template Version,用cat 命令查看
(2)查找plugin_feed_info.inc
# sudo find /opt -name plugin_feed_info.inc
(3)停用nessus
# sudo service nessusd stop
(4)备份插件目录/opt/nessus/lib/nessus/plugins/,/opt/nessus/var/nessus/
新版本的Nessus会对plugin_feed_info.inc的信息进行对比,发现plugin_feed_info.inc信息不一致时,会删除/opt/nessus/lib/nessus/plugins/下的插件。
# cp -r /opt/nessus/lib/nessus/plugins /opt/nessus/lib/nessus/plugins.bak
# cp -r /opt/nessus/var/nessus /opt/nessus/var/nessus.bak
(5)用新建的plugin_feed_info.inc 换 /opt/nessus/var/nessus/plugin_feed_info.inc、/opt/nessus/lib/nessus/plugins/plugin_feed_info.inc两个文件。
#sudo cp plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/
#sudo cp plugin_feed_info.inc /opt/nessus/var/nessus/
(6)启动nessus
#sudo service nessusd start
用浏览器打开https://kali:8834/ 页面,发现设置页面没有变化,但/opt/nessus/lib/nessus/plugins/目录下的插件不见了
(7) 停用nessus
# sudo service nessusd stop
将备份插件目录/opt/nessus/lib/nessus/plugins/,/opt/nessus/var/nessus/还原
#sudo cp -r /opt/nessus/lib/nessus/plugins.bak /opt/nessus/lib/nessus/plugins
#sudo cp -r /opt/nessus/var/nessus.bak /opt/nessus/var/nessus
(8)再次操作第(5)(6)步,发现Licensed hosts 是Unlimited,成功解除限制。
可以愉快的开始扫描了