- 1MySQL、Oracle、SQL Server数据库三者区别_oralce,mysql,sqlserve数据库
- 2分布式搜索引擎 ElasticSearch(ES)_es搜索引擎
- 3ELK 日志分析系统(一)
- 4带你了解树莓派
- 5java:模拟家庭买电视(调频道)_tv hometv void buytv(tv tv)
- 6【架构师】-- 浅淡架构的分类
- 7检索增强生成(RAG)_检索增强生成(rag)
- 8记一次 mysql curdate()函数/current_date()函数踩坑_mysql导入 curdate() 报错
- 9STM32 RS485串口DMA发送问题记录及调试解决_stm32 485收发数据
- 10[Linux][进程控制][进程程序替换]详细解读
CentOS Docker环境部署Nessus_nessus docker
赞
踩
CentOS Docker环境部署Nessus
操作系统版本:CentOS Linux release 7.9.2009 (Core)
Docker版本:Docker version 20.10.12, build e91ed57
Nessus版本: 8.12.1 (#253) LINUX
虚拟CPU:4 虚拟内存:5G 虚拟硬盘:50G
部署Nessus
搜索nessus相关镜像
sudo docker search nessus
- 1
pull nessus镜像
sudo docker pull heldocker233/nessus8:v2
- 1
启动docker镜像
sudo docker run -it -d -p8834:8834 --name nessus heldocker233/nessus8:v2
- 1
进入nessus容器
sudo docker exec -it nessus bash
- 1
启动nessus服务
service nessusd start
- 1
访问nessus界面
https://localhost:8834
- 1
用户名和口令内置
username:Nessus
password:Nessus
- 1
- 2
更新插件库
直接下载all-2.0.tar.gz,可直接从我发布的资源或其他CSDN资源下载
nessus-plugin-202101042100
nessus-plugin-202203281503
正常访问插件下载地址并获取激活码的方式详见“官方插件库和激活码”章节
从本地复制文件至Docker宿主机
scp C:\Users\Downloads\nessus-plugin-202101042100\all-2.0.tar.gz root@127.0.0.1:/usr/local
- 1
从Docker宿主机复制文件到Docker容器
sudo docker cp /usr/local/all-2.0.tar.gz nessus:/usr/local/
- 1
Docker容器中更新插件库
sudo docker exec -it nessus bash
- 1
cd /usr/local
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz
- 1
- 2
root@7ab1992f41aa:/usr/local# /opt/nessus/sbin/nessuscli update all-2.0.tar.gz
[Wed Apr 13 06:43:17 2022][142.1] Warning -- could not open /usr/share/zoneinfo. Set the NESSUS_TZ_DIR env. variable
[info] Copying templates version 202101042100 to /opt/nessus/var/nessus/templates/tmp
[info] Finished copying templates.
[info] Moved new templates with version 202101042100 from plugins dir.
* Update successful. The changes will be automatically processed by Nessus.
- 1
- 2
- 3
- 4
- 5
- 6
- 7
重启Nessus服务
service nessusd restart
- 1
访问Nessus
https://localhost:8834
- 1
需要放置加载
静静等待后登录查看状态和插件库
备份plugins插件库
rm -rf /plugins
- 1
cp -r /opt/nessus/lib/nessus/plugins/ /
- 1
查看plugins插件库复制是否成功
du -h /plugins/
- 1
修改限制
nessus初始化完成后Hosts显示为"0 of 16 used”,修改其限制
docker exec -it nessus /bin/bash
- 1
查看plugins插件库复制是否成功,若不成功则重新复制
du -h /plugins/
- 1
备份plugins插件库
rm -rf /plugins
- 1
cp -r /opt/nessus/lib/nessus/plugins/ /
- 1
查看plugins插件库复制是否成功,若不成功则重新复制
du -h /plugins/
- 1
root@deb94ddc090c:~# du -h /plugins/
1.2G /plugins/
- 1
- 2
查看plugin_feed_info.inc原内容
find / -name "plugin_feed_info.inc"
- 1
root@deb94ddc090c:~# find / -name "plugin_feed_info.inc"
/opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
/opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
root@deb94ddc090c:~# more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
PLUGIN_SET = "202101080839";
PLUGIN_FEED = "HomeFeed (Non-commercial use only)";
root@deb94ddc090c:~# more /opt/nessus/var/nessus/plugin_feed_info.inc
PLUGIN_SET = "202101080839";
PLUGIN_FEED = "HomeFeed (Non-commercial use only)";
- 1
- 2
- 3
- 4
- 5
- 6
备份plugin_feed_info.inc
mkdir /pluginsinc
- 1
cp /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.libinc
cp /opt/nessus/var/nessus/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.varinc
- 1
- 2
将plugin_feed_info.inc内容修改为专业版,PLUGIN_SET序号号为Policy Template Version=202101042100或其后序号
vi /pluginsinc/plugin_feed_info.inc
- 1
PLUGIN_SET = "202101080839";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
- 1
- 2
- 3
service nessusd stop
- 1
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
重启Nessus服务
service nessusd start
- 1
查看状态
du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
访问Nessus并更新规则库,此过程特慢需放置等待
https://localhost:8834
- 1
Hosts位置由0~16变为Unlimited,且保留插件库
尝试扫描预置漏洞主机分析是否能够正常扫描漏洞
查看状态
du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
若状态异常则执行以下操作
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
service nessusd stop
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
service nessusd start
- 1
- 2
- 3
- 4
- 5
- 6
启动重置
因服务重启时unlimited失效,根据状态异常操作步骤重新操作,编写nessus_start.sh代替service nessusd start,因为命令执行过程较长且Nessus需要重新加载插件,启动过程慢是正常现象
vi /root/nessus_start.sh
- 1
#!/bin/bash
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
service nessusd stop
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
service nessusd start
- 1
- 2
- 3
- 4
- 5
- 6
- 7
chmod +x /root/nessus_start.sh
- 1
手动执行脚本
/root/nessus_start.sh
- 1
CentOS Docker环境部署Nessus
操作系统版本:CentOS Linux release 7.9.2009 (Core)
Docker版本:Docker version 20.10.12, build e91ed57
Nessus版本: 10.1.0 (#54) LINUX
虚拟CPU:4 虚拟内存:5G 虚拟硬盘:50G
部署Nessus
搜索nessus相关镜像
sudo docker search nessus
- 1
pull nessus镜像
sudo docker pull tenableofficial/nessus
- 1
启动docker镜像,同时配置用户名和口令、不启动自动更新
sudo docker run -it -d -p8834:8834 --name nessus -e USERNAME=Nessus -e AUTO_UPDATE=no -e PASSWORD=Kf3kAXA7xNtmAF4 tenableofficial/nessus
- 1
进入nessus容器
sudo docker exec -it nessus bash
- 1
启动nessus服务
/opt/scripts/configure_scanner.py
- 1
访问nessus界面
https://localhost:8834
- 1
用户名和口令为创建nessus容器时配置的用户名和口令
username:Nessus
password:Kf3kAXA7xNtmAF4
- 1
- 2
官方注册插件库和激活码
获取官方插件库和激活码
该子章节获取官方插件库和激活码可跳转,直接从子章节更新插件库开始
https://plugins.nessus.org/v2/offline.php
获取第一个值Challenge code
sudo docker exec -it nessus bash
- 1
/opt/nessus/sbin/nessuscli fetch --challenge
- 1
Challenge code: 3d88e6e1b11c0d9323f1bf897634944a20b825d4
root@deb94ddc090c:~# /opt/nessus/sbin/nessuscli fetch --challenge
[Wed Apr 13 06:10:19 2022][18.1] Warning -- could not open /usr/share/zoneinfo. Set the NESSUS_TZ_DIR env. variable
Challenge code: 3d88e6e1b11c0d9323f1bf897634944a20b825d4
You can copy the challenge code above and paste it alongside your
Activation Code at:
https://plugins.nessus.org/v2/offline.php
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
获取第二个值Activation Code
https://zh-cn.tenable.com/products/nessus/nessus-essentials?tns_redirect=true
填写邮箱接收邮件
Your activation code for Nessus Essentials is:TDH9-S7LD-493G-59VM-FB87
填写第一个值Challenge code和第二个值Activation Code
获取插件下载地址和证书内容
从官方下载插件库
https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=b7c8fd8c693142a5fea4c400762589d8&p=00f458bcdc35499653758b1bf24f5bc2
更新插件库
从本地复制文件至Docker宿主机
scp C:\Users\Downloads\nessus-plugin-202203281503\all-2.0.tar.gz root@127.0.0.1:/usr/local
- 1
从Docker宿主机复制文件到Docker容器
sudo docker cp /usr/local/all-2.0.tar.gz nessus:/usr/local/
- 1
Docker容器中更新插件库
sudo docker exec -it nessus /bin/bash
- 1
cd /usr/local
- 1
更新插件库
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz
- 1
激活
sudo docker exec -it nessus /bin/bash
- 1
cd /usr/local
- 1
vi nessus.license
- 1
-----BEGIN TENABLE LICENSE----- VUx1NnVIdGlyVnZmQllPazIvR1owT1lJanE5LzhQL3BEZW1mSTI5LzlOT3dDeUJTdU9zNVVsQnNk RXpSSFFHT01JbVJLYlBJWDJpeEg0SlBFaUNLSXdQcGNOdkhNRlFYUWdIU215VFU0YmRLZVl5U0J2 b3Nxc2s4TTVSYjA3Q29BNGhCZTJHUjhjb2RUQjNyUVh6Q1ozeVlnZk1NcnNmWGNINUNMSXk2T1RB YnZvc0NVV1I5bUxuTWd0cHFETksxTWJ5Sk52T0lTYzNDOVEzRndlSkh1dURZV3VTSjJtRDN3Q3dT akVzMWpvbWNkSHdyMWcrU0tOWDNSQTRJa2RZeml6M1NqUjZtRXhOdGdHY00zeXgrbUIxM3VuQnR3 QkVoa0JmWXBwY0ZLc2tJYXRqcUVSbVpjRE9EMy9EQ0Ztb3JxMm4yam9QdjJiQ01UQjAwVWcrOWNv dmtEVEhTYlZWbVI3YVlWcTc5WndPeWZPUmp3dWpuUXZCZXpxdURYUjd0VUFYemd5K1hPbERIbFRL djgvUGNTS2NxN2p3b2ZLZlNlOVNUeTEvLzhqa3BjSVBBazVrYTJIU0EzeHlRQUV2TFdpT1pjQlpW Z1lhMVRaMnJIQ1BCUjg5RC9zSmFEaTNpQnY3eDNtTWZKaWRrTFVvc3FFYi9KbmRmaHNuajVHMWF0 MGZxb09FOGpjRm9PeWdDRTQxRkxzT2JzeEUvOEc2a0hJUDJiUmNpWVVoa28vNm0xR2JYVkFpSlBZ MzFoUFZXdERtbisrMzNSTHNETFpRbU11bGlQK2Z0ZHZMdHJ0QU9VaWE2emk3R2orbENtNGlLZW9U dkMxNU1Idlpsc0lxK0FDdUFlMHZRNGhVRlZ3MURIVXYvaFNsUExzM1RMdDRERFlsQzFYVGxjSHc9 DQp7ImFjdGl2YXRpb25fY29kZSI6IlRESDktUzdMRC00OTNHLTU5Vk0tRkI4NyIsInVwZGF0ZV9w YXNzd29yZCI6IjAwZjQ1OGJjZGMzNTQ5OTY1Mzc1OGIxYmYyNGY1YmMyIiwicGVuZG9fYXBpX2tl eSI6ImE3YzhkNWM0LWI2YWUtNDg2Ny03ZGFiLTY5YTkyYTA4NDdlMSIsIm5hbWUiOiJOZXNzdXMg SG9tZSIsInR5cGUiOiJob21lIiwiZXhwaXJhdGlvbl9kYXRlIjoxODA3NTEwNjc5LCJjdXN0b21l cl9pZCI6MCwiaXBzIjoxNiwidXBkYXRlX2xvZ2luIjoiYjdjOGZkOGM2OTMxNDJhNWZlYTRjNDAw NzYyNTg5ZDgiLCJkcm0iOiI2YzQ2ZDJmMTkwYmVkYTI2Njg3ZjJhMDk4NzhlNTllZCJ9 -----END TENABLE LICENSE-----
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
激活
/opt/nessus/sbin/nessuscli fetch --register-offline nessus.license
- 1
重新启动nessus服务
/opt/scripts/configure_scanner.py
- 1
等待加载插件库后访问nessus界面
https://localhost:8834
- 1
用户名和口令为创建nessus容器时配置的用户名和口令
username:Nessus
password:Kf3kAXA7xNtmAF4
- 1
- 2
修改限制
nessus初始化完成后Hosts显示为"0 of 16 used”,修改其限制
docker exec -it nessus /bin/bash
- 1
查看plugins插件库复制是否成功,若不成功则重新复制
du -h /plugins/
- 1
备份plugins插件库
rm -rf /plugins
- 1
cp -r /opt/nessus/lib/nessus/plugins/ /
- 1
查看plugins插件库复制是否成功,若不成功则重新复制
du -h /plugins/
- 1
root@deb94ddc090c:~# du -h /plugins/
1.4G /plugins/
- 1
- 2
查看plugin_feed_info.inc原内容
find / -name "plugin_feed_info.inc"
- 1
root@deb94ddc090c:~# find / -name "plugin_feed_info.inc"
/opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
/opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
root@deb94ddc090c:~# more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
root@deb94ddc090c:~# more /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
备份plugin_feed_info.inc
mkdir /pluginsinc
- 1
cp /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.libinc
cp /opt/nessus/var/nessus/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.varinc
- 1
- 2
将plugin_feed_info.inc内容修改为专业版,PLUGIN_SET序号号为Policy Template Version=202101042100或其后序号
vi /pluginsinc/plugin_feed_info.inc
- 1
PLUGIN_SET = "202204192003";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
- 1
- 2
- 3
关闭Nessus服务
supervisorctl stop nessusd
- 1
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
重启Nessus服务
supervisorctl start nessusd
- 1
查看状态
du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
访问Nessus并更新规则库,此过程特慢需放置等待
https://localhost:8834
- 1
Hosts位置由0~16变为Unlimited,且保留插件库
尝试扫描预置漏洞主机分析是否能够正常扫描漏洞
查看状态
du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc
- 1
- 2
- 3
若状态异常则执行以下操作
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
supervisorctl stop nessusd
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
supervisorctl start nessusd
- 1
- 2
- 3
- 4
- 5
- 6
启动重置
因服务重启时unlimited失效,根据状态异常操作步骤重新操作,编写nessus_start.sh代替service nessusd start,因为命令执行过程较长且Nessus需要重新加载插件,启动过程慢是正常现象
vi /root/nessus_start.sh
- 1
#!/bin/bash
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
supervisorctl stop nessusd
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
supervisorctl start nessusd
- 1
- 2
- 3
- 4
- 5
- 6
- 7
chmod +x /root/nessus_start.sh
- 1
手动执行脚本
/root/nessus_start.sh
- 1
参考链接:
https://zhuanlan.zhihu.com/p/414526858
https://www.freebuf.com/articles/web/262914.html
http://luckyzmj.cn/posts/477c90d0.html
https://mp.weixin.qq.com/s/ecPLUbVGuaHMhPMPE6oWmA
https://blog.csdn.net/weixin_42315611/article/details/117536392
