Nessus for Linux

Linux-nessus web漏洞扫描
Exploit
发布日期:   2025-09-04
文章字数:   2.6k
阅读时长:   14 分
阅读次数:  

Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】

notion image

notion image

安装脚本适用于debian系统,可在kali linux上成功安装。

适用于Ubuntu系统的可在文章末尾下载。

Nessus版本:10.6.4

插件版本:202401292356

安装方法

1.下载nessus.sh脚本。

下载地址:

nessus.sh

或直接复制如下代码保存为nessus.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi
echo //==============================================================
echo   Nessus 最新版本下载、安装和破解   -Zen 20230819
echo   特别感谢 John Doe 在 Debian 上演示这一操作的有效性
echo   感谢 369 提供关于 "latest" 的提示
echo //==============================================================
echo " + 增加了防滑附加功能,移除所有 chattr 设置 20231013"
chattr -i -R /opt/nessus
echo " + 确保我们有先决条件.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + 停止旧的 nessusd 服务,以防存在一个!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 下载 Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
  --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
  echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装 Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
# 看,我试图只是进行更改和运行,但它不起作用。如果你能优化我的操作,让我知道。但对我来说,这是唯一需要运行的 :/
echo " + 第一次初始化时启动服务(必须执行)"
/bin/systemctl start nessusd.service &>/dev/null
echo " + 让 Nessus 初始化,等待大约 20 秒..."
sleep 20
echo " + 停止 nessus 服务.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 更改 nessus 设置为 Zen 偏好(自由战士模式)"
echo "   监听端口: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   主题: 暗色"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   安全检查: 关闭"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   日志: 性能"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   更新: 关闭"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   遥测: 关闭"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + 添加一个用户,稍后可以更改(用户名:admin, 密码:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "登录密码:"
send "ddosi\r"
expect "登录密码(再次输入):"
send "ddosi\r"
expect "*(可以上传插件等)? (y/n)*"
send "y\r"
expect "*(用户可以有一个空的规则集)"
send "\r"
expect "是否确定*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + 下载新的插件.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装插件.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + 获取版本号.."
# 我曾经看到这个对于下载不正确。嗯,但对我来说它有效。
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + 构建插件 feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + 保护文件.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + 设置所有文件为不可变..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 但是取消关键文件的不可变性.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " + 启动服务.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + 再等待 20 秒以便服务器有足够的时间启动!"
sleep 20
echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题:Nessus 服务器无法访问?再次尝试..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o 完成!\n'
echo
echo "        访问 Nessus:  https://localhost:11127/ (或您的 VPS IP)"
echo "                             用户名: admin"
echo "                             密码: ddosi"
echo "                             随时可以更改"
echo
read -p "按 Enter 键继续"

2.授予执行权限

1
chmod +x nessus.sh

notion image

3.使用root账号执行nessus.sh(请耐心等待)大约10-15分钟。

1
./nessus.sh

4.安装完毕如图所示

notion image

5.打开如下网页即可访问Nessus。

https://127.0.0.1:11127/

https://localhost:11127/

6.使用账号密码登录

账号
密码
admin
ddosi

notion image

notion image

notion image

notion image

Nessus启动与停止命令

启动

1
sudo systemctl start nessusd && systemctl --no-pager status nessusd

或直接搜索Nessus,点击nessus start即可

notion image

停止

1
sudo systemctl stop nessusd && systemctl --no-pager status nessusd

或直接搜索Nessus,点击nessus stop即可.

插件数量

序号
插件名称
数量
1
AIX Local Security Checks
11551
2
Alma Linux Local Security Checks
1177
3
Amazon Linux Local Security Checks
4216
4
Backdoors
123
5
Brute force attacks
26
6
CentOS Local Security Checks
4414
7
CGI abuses
5671
8
CGI abuses : XSS
703
9
CISCO
2366
10
Databases
969
11
Debian Local Security Checks
9196
12
Default Unix Accounts
172
13
Denial of Service
110
14
DNS
231
15
F5 Networks Local Security Checks
1405
16
Fedora Local Security Checks
18304
17
Firewalls
414
18
FreeBSD Local Security Checks
5475
19
FTP
272
20
Gain a shell remotely
282
21
General
356
22
Gentoo Local Security Checks
3519
23
HP-UX Local Security Checks
1983
24
Huawei Local Security Checks
10698
25
Junos Local Security Checks
622
26
MacOS X Local Security Checks
2287
27
Mandriva Local Security Checks
3641
28
MarinerOS Local Security Checks
564
29
Misc.
3657
30
Netware
14
31
NewStart CGSL Local Security Checks
1430
32
Oracle Linux Local Security Checks
6514
33
OracleVM Local Security Checks
602
34
Palo Alto Local Security Checks
170
35
Peer-To-Peer File Sharing
105
36
PhotonOS Local Security Checks
1895
37
Policy Compliance
16
38
Red Hat Local Security Checks
11595
39
Rocky Linux Local Security Checks
1083
40
RPC
39
41
SCADA
64
42
Scientific Linux Local Security Checks
3291
43
Service detection
601
44
Settings
122
45
Slackware Local Security Checks
1525
46
SMTP problems
154
47
SNMP
34
48
Solaris Local Security Checks
3819
49
SuSE Local Security Checks
23108
50
Tenable.ot
1885
51
Ubuntu Local Security Checks
7670
52
Virtuozzo Local Security Checks
341
53
VMware ESX Local Security Checks
143
54
Web Servers
1690
55
Windows
6509
56
Windows : Microsoft Bulletins
3000
57
Windows : User management
29

卸载方法

1.停止Nessus服务。

1
sudo systemctl stop nessusd && systemctl --no-pager status nessusd

2.修改/opt/nessus/文件夹属性

1
chattr -i -R /opt/nessus/

3.卸载Nessus

1
apt remove nessus

注意事项

问题:在系统或Nessus重启后,扫描按钮可能出现暂时不能用的情况。

原因:Nessus在重新配置插件。

解决办法:耐心等待3~5分钟即可。

Nessus破解版【适用于Ubuntu系统】

操作方法和上面的一样。

下载地址:

nessus_ubuntu.sh

或直接复制如下代码保存为nessus_ubuntu.sh

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo   Nessus latest DOWNLOAD, INSTALL, and CRACK   -Zen 20230819
echo   special thanks to John Doe for showing this works on Debian
echo   THANKS 369 for tip about LATEST as a version number
echo //==============================================================
echo " o antiskid extra thing added removing all chattr 20231013"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
  --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
  echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
# look I tried to just make changes and run but it doesnt work. if you can optimize
# what im doing here, let me know.  but this was it for me, it had to be run once :/
echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to Zen preferences (freedom fighter mode)"
echo "   listen port: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   theme:       dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   logs:        performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   updates:     off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   telemetry:   off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "ddosi\r"
expect "Login password (again):"
send "ddosi\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download.  hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Done!\n'
echo
echo "        Access your Nessus:  https://localhost:11127/ (or your VPS IP)"
echo "                             username: admin"
echo "                             password: ddosi"
echo "                             you can change this any time"
echo
read -p "Press enter to continue"
文章作者: kukuqi666
文章链接: https://kukuqi666.github.io/2025/09/04/qi-ta/nessus-te-bie-ban-2024-cha-jian-10.6.4-for-linux-gua-yong-yu-debian-ubuntu-xi-tong/
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 kukuqi666 !
Linux-nessus web漏洞扫描
评论
  目录