当前位置：网站首页>Network security Kali penetration learning how to conduct Nessus vulnerability detection

Network security Kali penetration learning how to conduct Nessus vulnerability detection

2022-06-22 09:24:00 【InfoQ】

NESSUS brief introduction

1998 year ,Nessus The founder of Renaud Deraison A project called "Nessus" The plan for , The purpose of the plan is to provide a free network for the Internet community 、 Powerful 、 Frequently updated and easy to use remote system security scanner .2002 in ,Renaud And Ron Gula, Jack Huffard Founded a company called Tenable Network Security Institutions . In the Third Edition Nessus When released , The agency withdrew Nessus Copyright and program source code （ Originally open source ）, And registered nessus.org Become the agency's website . The agency is currently located in Columbia, Maryland .

This article teaches you how to NESSUS Vulnerability detection

There are video version and text version below

I don't know how to operate. Please see the text version , Detailed steps inside .

Attention to official account rogue Baron reply 【kali System 】

Video version ↓：

Network security /kali/ hackers /web Security / Penetration test /-3-5 Monthly network security course - Xiaobai beginner to master ！_ Bili, Bili _bilibili

Text version ↓：

At the end of the year, the owner used all my skills “ Practical projects done - Intranet actual shooting range environment - Penetration tools ” There are many penetrating thought maps ！

Experimental environment ： because NESSUS It takes up a lot of memory , To do this experiment, we need to Kali Memory tune to 6G or 8G.

Download address

https://www.tenable.com/downloads/nessus

Download the latest version of NESSUS Can .

NESSUS Installation configuration

Upload the installation package to Kali have access to rz Command upload .

┌──(rootxuegod53)-[~]

└─# dpkg -i Nessus-8.13.1-debian6_amd64.deb

└─# systemctl start nessusd

Other browsers may not be able to open this link , Use chrome The browser opens the link ： https://192.168.1.53:8834

the reason being that https agreement , There is a problem with the display certificate , Let's go straight to “ senior ”, Just keep going .

Choose the first free version

Apply for activation code ：

Don't go over the wall , Get activation code link https://www.tenable.com/products/nessus/nessus-essentials

Feel free to enter your name , The mailbox must be correct . Will send the activation code to your email .

notes ：8TGT-NVC6-NSXE-4A5S-KEA7 Don't use my activation code , Because the activation code can only be used once .

Click submit to generate the key , But let's take a step here , Because we are installing offline, we need to click the link below to download the plug-in , Just let it download all the time and install it after we activate it .

I have downloaded it in advance . The downloaded plug-in package is ： all-2.0.tar.gz

take all-2.0.tar.gz Upload to kali System /root Next .

Copy certificate information in browser , The contents of the red box , All have to be copied ：

Create administrator account and password

Start initializing ：

wait a moment .

Upload the plug-in we just downloaded to Kali And then use nessuscli Command to install

└─# /opt/nessus/sbin/nessuscli update /root/all-2.0.tar.gz

restart nessus service

└─# systemctl restart nessusd

Wait for the plug-in to compile .

Configure scan Windows host

Turn on one XP System ,IP yes ： 192.168.1.54

installation is complete , Students who do not understand English can use Google The Chinese function of the browser .

These plug-ins with upgrade marks need NESSUS Upgrade to a higher version before you can use , This does not refer to the software version , It means paying .

Let's add an advanced scan , To scan XP Loopholes in the system .

notes ： The goal is , If you write more than one here IP, Every IP Separated by commas .

I won't show you screenshots later , Configuration items are relatively simple to understand .

Click save

In fact, we haven't done too much configuration , You can change any configuration item according to your own needs , We just added one WindowsXP host .

Click... And we can see his process

Here's a scan of XP Yes MS08-067、MS09-001、MS17-010 Loophole , Whether these vulnerabilities exist still needs to be verified .

Configure scan Web service

New scan task

Go to the plug-in and finally find Web Application testing

The target can directly fill in the domain name , Multiple domain names are separated by English commas

We choose to scan all ports , Because the teacher's side web The environment is unconventional . Students, if you scan 80 port 443 You can choose a public port or the following custom , That is, custom ports .

launch

We can click the task to view the scanning status

Click in to see more details

You can see that it scanned us 14 An open Web port , And for our Web Directories are enumerated , Yes Web In terms of programs, enumerating directory information is easy to be used by hackers . But so far he hasn't finished scanning , We wait for the scan to finish and see more complete results .