Tenable Nessus Installation (Expert version, Web Application Scanning, in Linux etc)

congcong • 2024-04-13 23:03 • 好物分享

Nessus Expert, an enhancement to the Tenable’s flagship vulnerability assessment tool Nessus and building upon Nessus Professional, is designed to address emerging cyberthreats across cloud infrastructure by applying a “smarter and simplified approach to DevSecOps,” according to Tenable.

The key capabilities of Nessus Expert are external attack surface discovery that allows IT and security professionals to discover internet-facing assets in domains and subdomains associated with an organization, the company says. In addition, Nessus Expert features IaC scanning that establishes guardrails in automated GitOps and CI/CD processes to ensure secure deployments with minimal effort with up to 500 pre-built policies.

Nessus Expert is essentially a more advanced version of Nessus Professional, offering external attack surface scanning, the ability to add domains and scan cloud infrastructure, all of which are not available with Nessus Professional.

Products

Nessus : Essentials & Professional (More features)

Tenable.sc : (on prem) sc & sc+ (Nessus Network Monitor -NNM, Asset Criticality Rating - ACR)

Tenable.io : (cloud)

Tenable.ad : active directory

Tenable.cs : Cloud security

Tenable.ot :

For Tenable Nessus, there are four versions::

Nessus Essentials
Nessus Professional — The de-facto industry standard vulnerability assessment solution for security practitioners.
Nessus Expert — The industry-leading vulnerability assessment solution for the modern attack surface.
Nessus Manager — The enterprise solution for managing Nessus Agents at scale.

Requirements

Hardware requirements

Hardware	Minimum Requirement
Processor	> 8 2GHz cores
RAM	> 8 GB Tenable recommends using 16 GB RAM for the best results.
Disk Space	> 40 GB, not including space used by the host operating system Your overall usage (scan results, plugin updates, logging) increase the amount of disk space needed over time.

Hardware

Minimum Requirement

Processor

> 8 2GHz cores

RAM

> 8 GB

Tenable recommends using 16 GB RAM for the best results.

Disk Space

> 40 GB, not including space used by the host operating system

Your overall usage (scan results, plugin updates, logging) increase the amount of disk space needed over time.

System requirements:

While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. To do this, your host must have Docker version 20.0.0 or later installed. The web application scanner cannot run if the host does not have Docker installed (all other Tenable Nessus functionality works as expected without Docker being installed).

Install Docker Desktop on Windows

WSL 2 Backend

1 Install WSL from Powershell command line (admin)

WSL --install

WSL --install -d Ubuntu

WSL --update

2 Install Docker Desktop

Download the installer using the download button at the top of the page, or from the release notes.
Double-click Docker Desktop Installer.exe to run the installer. By default, Docker Desktop is installed at C:/Program Files/Docker/Docker.
When prompted, ensure the Use WSL 2 instead of Hyper-V option on the Configuration page is selected or not depending on your choice of backend.

If your system only supports one of the two options, you will not be able to select which backend to use.
Follow the instructions on the installation wizard to authorize the installer and proceed with the install.
When the installation is successful, select Close to complete the installation process.

Note:

Use the WSL 2 based engine. WSL 2 provides better performance than the Hyper-V backend. For more information, see Docker Desktop WSL 2 backend.

Hyper-V backend and Windows containers

1 Install Hyper-V role and Container feature

2 Install Docker Desktop

Same steps as using WSL2 backend but no need to use WSL2 as backend.

Tenable Nessus Expert Instalaltion with Web Application Scanner

1. Install Hyper-V and Containers

Here is an example of Windows 10/11 to enable both features.

Download and install Docker Desktop:

https://www.docker.com/products/docker-desktop/

2. Download and Install Tenable Nessus

https://www.tenable.com/downloads/nessus?loginAttempted=true

3. Enable WAS - Web Application Scanning

4. Web App Scanning

5. Settings,

Nessus Linux Installation Code

For Debian：

【1】Download nessus.sh script。

Download Address： nessus.sh

Or copy following code and save it as nessus.sh

#!/bin/bash if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi echo //============================================================== echo Nessus 最新版本下载、安装和破解 -Zen 20230819 echo 特别感谢 John Doe 在 Debian 上演示这一操作的有效性 echo 感谢 369 提供关于 "latest" 的提示 echo //============================================================== echo " + 增加了防滑附加功能，移除所有 chattr 设置 20231013" chattr -i -R /opt/nessus echo " + 确保我们有先决条件.." apt update &>/dev/null apt -y install curl dpkg expect &>/dev/null echo " + 停止旧的 nessusd 服务，以防存在一个！" /bin/systemctl stop nessusd.service &>/dev/null echo " + 下载 Nessus.." curl -A Mozilla --request GET / --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' / --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null { if [ ! -f Nessus-latest-debian10_amd64.deb ]; then echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝" exit 0 fi } echo " + 安装 Nessus.." dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null # 看，我试图只是进行更改和运行，但它不起作用。如果你能优化我的操作，让我知道。但对我来说，这是唯一需要运行的 :/ echo " + 第一次初始化时启动服务（必须执行）" /bin/systemctl start nessusd.service &>/dev/null echo " + 让 Nessus 初始化，等待大约 20 秒..." sleep 20 echo " + 停止 nessus 服务.." /bin/systemctl stop nessusd.service &>/dev/null echo " + 更改 nessus 设置为 Zen 偏好（自由战士模式）" echo " 监听端口: 11127" /opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null echo " 主题: 暗色" /opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null echo " 安全检查: 关闭" /opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null echo " 日志: 性能" /opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null echo " 更新: 关闭" /opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null echo " 遥测: 关闭" /opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null echo " + 添加一个用户，稍后可以更改（用户名:admin, 密码:ddosi）" cat > expect.tmp<<'EOF' spawn /opt/nessus/sbin/nessuscli adduser admin expect "登录密码:" send "ddosi/r" expect "登录密码（再次输入）:" send "ddosi/r" expect "*(可以上传插件等)？ (y/n)*" send "y/r" expect "*(用户可以有一个空的规则集)" send "/r" expect "是否确定*" send "y/r" expect eof EOF expect -f expect.tmp &>/dev/null rm -rf expect.tmp &>/dev/null echo " + 下载新的插件.." curl -A Mozilla -o all-2.0.tar.gz / --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null { if [ ! -f all-2.0.tar.gz ]; then echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝" exit 0 fi } echo " + 安装插件.." /opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null echo " + 获取版本号.." # 我曾经看到这个对于下载不正确。嗯，但对我来说它有效。 vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null) echo " + 构建插件 feed..." cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF PLUGIN_SET = "${vernum}"; PLUGIN_FEED = "ProfessionalFeed (Direct)"; PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning"; EOF echo " + 保护文件.." chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null echo " + 设置所有文件为不可变..." chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null echo " + 但是取消关键文件的不可变性.." chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null chattr -i /opt/nessus/lib/nessus/plugins &>/dev/null echo " + 启动服务.." /bin/systemctl start nessusd.service &>/dev/null echo " + 再等待 20 秒以便服务器有足够的时间启动！" sleep 20 echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%" zen=0 while [ $zen -ne 100 ] do statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'` if [[ $statline != *"engine_status"* ]]; then echo -ne "/n 问题：Nessus 服务器无法访问？再次尝试../n"; fi echo -ne "/r $statline" if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi done echo -ne '/n o 完成!/n' echo echo " 访问 Nessus: https://localhost:11127/ （或您的 VPS IP）" echo " 用户名: admin" echo " 密码: ddosi" echo " 随时可以更改" echo read -p "按 Enter 键继续"

【2】Grant execute permission for this script

chmod +x nessus.sh

【3】using root account to run nessus.sh.（Wait about 10-15 Mins)

./nessus.sh

【4】Complete the installation.

【5】Open following URL to log into Nessus。

https://127.0.0.1:11127/ or https://localhost:11127/

【6】Log in with default username and password

账号	密码
admin	ddosi

Nessus stop and start commands

Start

sudo systemctl start nessusd && systemctl --no-pager status nessusd

或直接搜索Nessus，点击nessus start即可

Stop

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

or directly search Nessus file，then run nessus stop.

For Ubuntu:

Same steps as Debian

Download address：nessus_ubuntu.sh

Or directly copy following code then save it as nessus_ubuntu.sh

#!/bin/bash if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi echo //============================================================== echo Nessus latest DOWNLOAD, INSTALL, and CRACK -Zen 20230819 echo special thanks to John Doe for showing this works on Debian echo THANKS 369 for tip about LATEST as a version number echo //============================================================== echo " o antiskid extra thing added removing all chattr 20231013" chattr -i -R /opt/nessus echo " o making sure we have prerequisites.." apt update &>/dev/null apt -y install curl dpkg expect &>/dev/null echo " o stopping old nessusd in case there is one!" /bin/systemctl stop nessusd.service &>/dev/null echo " o downloading Nessus.." curl -A Mozilla --request GET / --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' / --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null { if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs" exit 0 fi } echo " o installing Nessus.." dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null # look I tried to just make changes and run but it doesnt work. if you can optimize # what im doing here, let me know. but this was it for me, it had to be run once :/ echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)" /bin/systemctl start nessusd.service &>/dev/null echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..." sleep 20 echo " o stopping the nessus service.." /bin/systemctl stop nessusd.service &>/dev/null echo " o changing nessus settings to Zen preferences (freedom fighter mode)" echo " listen port: 11127" /opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null echo " theme: dark" /opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null echo " safe checks: off" /opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null echo " logs: performance" /opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null echo " updates: off" /opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null echo " telemetry: off" /opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null /opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null echo " o adding a user you can change this later (u:admin,p:ddosi)" cat > expect.tmp<<'EOF' spawn /opt/nessus/sbin/nessuscli adduser admin expect "Login password:" send "ddosi/r" expect "Login password (again):" send "ddosi/r" expect "*(can upload plugins, etc.)? (y/n)*" send "y/r" expect "*(the user can have an empty rules set)" send "/r" expect "Is that ok*" send "y/r" expect eof EOF expect -f expect.tmp &>/dev/null rm -rf expect.tmp &>/dev/null echo " o downloading new plugins.." curl -A Mozilla -o all-2.0.tar.gz / --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null { if [ ! -f all-2.0.tar.gz ]; then echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs" exit 0 fi } echo " o installing plugins.." /opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null echo " o fetching version number.." # i have seen this not be correct for the download. hrm. but, it works for me. vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null) echo " o building plugin feed..." cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF PLUGIN_SET = "${vernum}"; PLUGIN_FEED = "ProfessionalFeed (Direct)"; PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning"; EOF echo " o protecting files.." chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null echo " o let's set everything immutable..." chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null echo " o but unsetting key files.." chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null chattr -i /opt/nessus/lib/nessus/plugins &>/dev/null echo " o starting service.." /bin/systemctl start nessusd.service &>/dev/null echo " o Let's sleep for another 20 seconds to let the server have time to start!" sleep 20 echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%" zen=0 while [ $zen -ne 100 ] do statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'` if [[ $statline != *"engine_status"* ]]; then echo -ne "/n Problem: Nessus server unreachable? Trying again../n"; fi echo -ne "/r $statline" if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi done echo -ne '/n o Done!/n' echo echo " Access your Nessus: https://localhost:11127/ (or your VPS IP)" echo " username: admin" echo " password: ddosi" echo " you can change this any time" echo read -p "Press enter to continue"

Uninstall:

【1】stop Nessus service。

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

【2】change /opt/nessus/ folder's permission

chattr -i -R /opt/nessus/

【3】remove Nessus

apt remove nessus

Notes:

Issue ：After system or Nessus restarted，scan button might not enable yet to use。

Cause：Nessus is updating / re-compileing the plug-ins.

Solution：Wait for 3~5 minutes.

Videos

References

Get Started with Web Application Scanning in Tenable Nessus Expert
Install Docker Desktop on Windows : https://docs.docker.com/desktop/install/windows-install/
https://notes.51sec.org/article/7b572b9c-51d1-4c5b-a13c-eb74ab8a0697
Tenable.IO Vulnerability Management - Basic Usage with Sensor and Agent Installation
Tenable Vulnerability Management - Tenable.IO Tips and Tricks with Best Practices
Install/Register Free Nessus Scanner Essentials and Execute a Vulnerability Scan

版权声明：
作者：congcong
链接：https://www.techfm.club/p/122626.html
来源：TechFM
文章版权归作者所有，未经允许请勿转载。

THE END

二维码

生命的印记……

< <上一篇

赵先生语录

下一篇>>

搜索内容