当前位置:网站首页>[kali-vulnerability scanning] (2.1) Nessus lifts IP restrictions, scans quickly without results, and plugins are deleted (middle)

[kali-vulnerability scanning] (2.1) Nessus lifts IP restrictions, scans quickly without results, and plugins are deleted (middle)

2022-08-03 21:13:00 The Black Zone (Rise)

目录

一、解除IP限制

1.1、识别版本号

1.2、修改配置文件

1.3、重启服务

1.4、访问

二、Resolve plugin was removed

2.1、分析

 2.2、方法一:

2.3、方法二:

三、Scanning is fast with no results

3.1、分析

3.2、恢复

一、解除IP限制

1.1、识别版本号

在浏览器中输入

 https://plugins.nessus.org/v2/plugins.php

1.2、修改配置文件

修改 plugin_feed_info.inc 文件

sudo find /opt -name plugin_feed_info.inc 

看不见,就用root打开

If it doesn't exist, create a new oneplugin_feed_info.inc

并将内容改为

(Replace the original file if any/opt/nessus/lib/nessus/plugin_feed_info.inc)

PLUGIN_SET = "202208020542";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

将 /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc 文件删除

(Or replace this one too)

rm -rf /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc

1.3、重启服务

重启nessus服务

sudo service nessusd restart

1.4、访问

浏览器访问nessus(https://localhost:8843)

等待nessus初始化插件

设置页面显示 unlimited,则解除IP限制

二、Resolve plugin was removed

2.1、分析

Nessus服务每次重启后,都会重置plugin_feed_info.inc,会使nessus/plugins目录下所有的插件都被删除,无法扫描

 2.2、方法一:

Manually update the plugin package every time

pluginsThe content of the file can be obtained by updating the plugin again(Take advantage of that plugin package we got)

2.3、方法二:

先停止nessus服务,将nessus服务设置为手动

sudo systemctl disable nessusd

sudo service nessusd stop

It's the same operation after every reset,重新配置

Can be written as batch processing

sudo vim crack_nessus.sh
service nessusd stop;
cp /root/plugin_feed_info.inc /opt/nessus/var/nessus/;
rm -rf /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc;
service nessusd start;

将crack_nessus.shWritten in the system startup script

每次重启,Release will be performed automaticallyIP限制

sudo chmod +x /etc/rc.d/rc.local
sudo vim /etc/rc.d/rc.local

添加如下内容到rc.local

/bin/bash /root/crack_nessus.sh

nessus解除IP限制

三、Scanning is fast with no results

3.1、分析

When creating a new scan item,很快就结束,无扫描结果

查看plugins目录内容是否被删除

sudo du -h /opt/nessus/lib/nessus/plugins

Generally check the file size

3.2、恢复

使用备份(The premise is that it is backed upplugins目录)

service nessusd stop;
rm -rf /opt/nessus/lib/nessus/plugins
cp -r ./plugins /opt/nessus/lib/nessus/
cp /root/plugin_feed_info.inc /opt/nessus/var/nessus/;
rm -rf /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc;
service nessusd start;

然后打开浏览器,访问nessus(https://localhost:8843)
等待更新完成

原网站

版权声明
本文为[The Black Zone (Rise)]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/215/202208032058260089.html

边栏推荐

猜你喜欢

随机推荐