总字符数: 7.01K

代码: 1.88K, 文本: 0.75K

预计阅读时间: 11 分钟

Nessus

Nessus安装

https://www.tenable.com/downloads/nessus?loginAttempted=true
https://www.tenable.com/downloads/nessus?loginAttempted=true

将下面代码中的PACKAGE_NAME改成从官网获取的文件名

nessus.sh
1
PACKAGE_NAME=Nessus-10.6.4-es7.x86_64.rpm

使用root账号执行nessus.sh

1
2
3
4
cd /opt
wget https://security-1258894728.cos.ap-beijing.myqcloud.com/TOP10/nessus.sh
chmod +x nessus.sh
./nessus.sh

Nessus启动与停止命令

1
2
3
4
5
6
7
8
9
10
11
12
# 启动
sudo systemctl start nessusd
# 开机自启
sudo systemctl enable nessusd
# 停止
sudo systemctl stop nessusd
# 查看状态
sudo systemctl status nessusd
# 放行防火墙
firewall-cmd --zone=public --add-port=11127/tcp --permanent
# 重新载入
firewall-cmd --reload
插件数量
序号插件名称数量
1AIX Local Security Checks11551
2Alma Linux Local Security Checks1177
3Amazon Linux Local Security Checks4216
4Backdoors123
5Brute force attacks26
6CentOS Local Security Checks4414
7CGI abuses5671
8CGI abuses : XSS703
9CISCO2366
10Databases969
11Debian Local Security Checks9196
12Default Unix Accounts172
13Denial of Service110
14DNS231
15F5 Networks Local Security Checks1405
16Fedora Local Security Checks18304
17Firewalls414
18FreeBSD Local Security Checks5475
19FTP272
20Gain a shell remotely282
21General356
22Gentoo Local Security Checks3519
23HP-UX Local Security Checks1983
24Huawei Local Security Checks10698
25Junos Local Security Checks622
26MacOS X Local Security Checks2287
27Mandriva Local Security Checks3641
28MarinerOS Local Security Checks564
29Misc.3657
30Netware14
31NewStart CGSL Local Security Checks1430
32Oracle Linux Local Security Checks6514
33OracleVM Local Security Checks602
34Palo Alto Local Security Checks170
35Peer-To-Peer File Sharing105
36PhotonOS Local Security Checks1895
37Policy Compliance16
38Red Hat Local Security Checks11595
39Rocky Linux Local Security Checks1083
40RPC39
41SCADA64
42Scientific Linux Local Security Checks3291
43Service detection601
44Settings122
45Slackware Local Security Checks1525
46SMTP problems154
47SNMP34
48Solaris Local Security Checks3819
49SuSE Local Security Checks23108
50Tenable.ot1885
51Ubuntu Local Security Checks7670
52Virtuozzo Local Security Checks341
53VMware ESX Local Security Checks143
54Web Servers1690
55Windows6509
56Windows : Microsoft Bulletins3000
57Windows : User management29

卸载方法

  1. 停止Nessus服务

    1
    sudo systemctl stop nessusd && systemctl --no-pager status nessusd

  2. 修改/opt/nessus/文件夹属性

    1
    chattr -i -R /opt/nessus/

  3. 卸载Nessus

    1
    2
    3
    4
    # Debian
    apt remove nessus
    # Centos
    yum remove nessus

注意事项

在系统或Nessus重启后,扫描按钮可能出现暂时不能用的情况

原因:Nessus在重新配置插件

解决办法:耐心等待3~5分钟即可.

AWVS

安装AWVS

https://security-1258894728.cos.ap-beijing.myqcloud.com/TOP10/acunetix_23.7_linux.ziphttps://security-1258894728.cos.ap-beijing.myqcloud.com/TOP10/acunetix_23.7_linux.zip
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# 安装依赖
sudo yum install -y at-spi2-atk libXdamage pango libXrandr libXfixes atk libXcomposite cups-libs libXext cairo libX11 at-spi2-core mesa-libgbm libxcb libxkbcommon bzip2 gcc
# 下载glibc-2.18
curl -O http://ftp.gnu.org/gnu/glibc/glibc-2.18.tar.gz
tar zxf glibc-2.18.tar.gz 
cd glibc-2.18/
mkdir build
cd build/
# 检查依赖库
../configure --prefix=/usr
# 安装glibc
make -j2 && make install
# 上传 AWVS 程序包,并解压 
wget https://security-1258894728.cos.ap-beijing.myqcloud.com/TOP10/acunetix_23.7_linux.zip
# 解压
unzip acunetix_23.7_linux.zip
# 切换到解压后的目录,给安装脚本加执行权限
chmod +x acunetix_23.7.230728157_x64.sh
# 执行安装脚本
./acunetix_23.7.230728157_x64.sh

显示软件协议

回车显示安装协议,先按 q退出阅读;再输入YES同意安装许可

输入主机名,默认为你的系统名,回车

输入登录邮箱和密码.并回车

推荐的邮箱和密码

安装成功后.先不要访问!!!

激活AWVS

  1. 将破解补丁license_info.json wa_data.dat覆盖到下面目录

    1
    2
    cp license_info.json /home/acunetix/.acunetix/data/license/
    cp -v wa_data.dat /home/acunetix/.acunetix/data/license/

  2. 复制替换wvsc到下面目录 

    1
    cp -v wvsc /home/acunetix/.acunetix/v_230728157/scanner/

  3. 善后

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    # 设置激活文件只读权限
    chmod 444 /home/acunetix/.acunetix/data/license/license_info.json

    # 保护许可证激活文件
    chmod 444 /home/acunetix/.acunetix/data/license/wa_data.dat

    # 切换用户
    su acunetix
    # 重启 AWVS 服务
    systemctl restart acunetix.service
    # 查看状态
    systemctl status acunetix.service

    # 放行防火墙
    firewall-cmd --zone=public --add-port=3443/tcp --permanent
    # 重新载入
    firewall-cmd --reload

  4. 访问AWVS的管理界面 :https://10.10.20.6:3443/

  5. 验证激活

许可协议

本文由 kill3r 原创,采用 署名-非商业性使用-相同方式共享 4.0 国际 许可协议,转载请注明出处。

分享文章

快来参与讨论吧~