Tenable Nessus Auto Installation Special Scripts on Linux and How to Install on Windows

 This post summarizes some scripts to install Nessus into your OS. 

https://github.com/51sec/nessus-special

Feature Comparism among Nessus (Pro, Expert), TVM, TSC, Tenable One

For Debian

【1】Download nessus.sh script

Download Address： nessus.sh

Or copy following code and save it as nessus.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi
echo //==============================================================
echo   Nessus 最新版本下载、安装和破解   -Zen 20230819
echo   特别感谢 John Doe 在 Debian 上演示这一操作的有效性
echo   感谢 369 提供关于 "latest" 的提示
echo //==============================================================
echo " + 增加了防滑附加功能，移除所有 chattr 设置 20231013"
chattr -i -R /opt/nessus
echo " + 确保我们有先决条件.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + 停止旧的 nessusd 服务，以防存在一个！"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 下载 Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
  --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
  echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装 Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
# 看，我试图只是进行更改和运行，但它不起作用。如果你能优化我的操作，让我知道。但对我来说，这是唯一需要运行的 :/
echo " + 第一次初始化时启动服务（必须执行）"
/bin/systemctl start nessusd.service &>/dev/null
echo " + 让 Nessus 初始化，等待大约 20 秒..."
sleep 20
echo " + 停止 nessus 服务.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 更改 nessus 设置为 Zen 偏好（自由战士模式）"
echo "   监听端口: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   主题: 暗色"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   安全检查: 关闭"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   日志: 性能"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   更新: 关闭"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   遥测: 关闭"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + 添加一个用户，稍后可以更改（用户名:admin, 密码:ddosi）"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "登录密码:"
send "ddosi\r"
expect "登录密码（再次输入）:"
send "ddosi\r"
expect "*(可以上传插件等)？ (y/n)*"
send "y\r"
expect "*(用户可以有一个空的规则集)"
send "\r"
expect "是否确定*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + 下载新的插件.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装插件.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + 获取版本号.."
# 我曾经看到这个对于下载不正确。嗯，但对我来说它有效。
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + 构建插件 feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + 保护文件.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + 设置所有文件为不可变..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 但是取消关键文件的不可变性.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " + 启动服务.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + 再等待 20 秒以便服务器有足够的时间启动！"
sleep 20
echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题：Nessus 服务器无法访问？再次尝试..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o 完成!\n'
echo
echo "        访问 Nessus:  https://localhost:11127/ （或您的 VPS IP）"
echo "                             用户名: admin"
echo "                             密码: ddosi"
echo "                             随时可以更改"
echo
read -p "按 Enter 键继续"

Plain text

【2】Grant execute permission for this script

chmod +x nessus.sh

Plain text

【3】using root account to run nessus.sh.（Wait about 10-15 Mins)

./nessus.sh

Plain text

【4】Complete the installation.

【5】Open following URL to log into Nessus。

https://127.0.0.1:11127/ or https://localhost:11127/

【6】Log in with default username and password

账号	密码
admin	ddosi

Licensed host : unlimited.

Plugin set : latest date

Nessus stop and start commands

Start

sudo systemctl start nessusd && systemctl --no-pager status nessusd

Plain text

或直接搜索Nessus，点击nessus start即可

Stop

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

Plain text

or directly search Nessus file，then run nessus stop.

For Ubuntu

For Ubuntu:

Same steps as Debian

Download address：nessus_ubuntu.sh

Or directly copy following code then save it as nessus_ubuntu.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo   Nessus latest DOWNLOAD, INSTALL, and CRACK   -Zen 20230819
echo   special thanks to John Doe for showing this works on Debian
echo   THANKS 369 for tip about LATEST as a version number
echo //==============================================================
echo " o antiskid extra thing added removing all chattr 20231013"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
  --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
  echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
# look I tried to just make changes and run but it doesnt work. if you can optimize
# what im doing here, let me know.  but this was it for me, it had to be run once :/
echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to Zen preferences (freedom fighter mode)"
echo "   listen port: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   theme:       dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   logs:        performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   updates:     off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   telemetry:   off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "ddosi\r"
expect "Login password (again):"
send "ddosi\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download.  hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Done!\n'
echo
echo "        Access your Nessus:  https://localhost:11127/ (or your VPS IP)"
echo "                             username: admin"
echo "                             password: ddosi"
echo "                             you can change this any time"
echo
read -p "Press enter to continue"

Plain text

chmod +x nessus.sh

./nessus.sh

Wait until all installation completed. 

Use browser to access https://<IP>:11127

Uninstall:

【1】stop Nessus service。

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

Plain text

【2】change /opt/nessus/ folder's permission

chattr -i -R /opt/nessus/

Plain text

【3】remove Nessus

apt remove nessus

Plain text

Notes:

Issue ：After system or Nessus restarted，scan button might not enable yet to use。
Cause：Nessus is updating / re-compileing the plug-ins.
Solution：Wait for 3~5 minutes.

使用说明

• 每次系统初次启动时开启Nessus会对插件进行编译安装，编译时间根据系统的CPU资源决定！编译过程时CPU资源会占用到98%+！
• 不推荐让Nessus进行开机自启！

• 关闭Nessus开机自动启动

systemctl disable nessusd 

• 停止Nessus服务

systemctl stop nessusd 

• 开启Nessus服务

systemctl start nessusd 

NetSec Version for Scripts

Debian Version:

vi debian.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please use root account to run this script" ; exit 1 ; fi
echo //==============================================================
echo   Nessus Latest Version download and installation script
echo //==============================================================
echo " + continue"
chattr -i -R /opt/nessus
echo " + make sure we meet all pre-requisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + stop existing nessusd service, just in case there is one already installed !"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
  --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
  echo " + Nessus downloading failed :/ Quit from installation. Download offline package from Nessus"
  exit 0
fi }
echo " + installing Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
echo " + First time to initial and start service"
/bin/systemctl start nessusd.service &>/dev/null
echo " + Nessus is initializing, lets wait about 20 seconds..."
sleep 20
echo " + stop nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + change nessus configuration to customized settings"
echo "   set nessus web gui port: 12345"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=12345 &>/dev/null
echo "   set theme: dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   set safe_checks: false"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   set backend_log_level: performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   set all auto_update: false"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   set report & telemetry: false"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + create admin user. It can be changed later after logged in（username:admin, password:netsec）"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "password:"
send "netsec\r"
expect "password (enter again):"
send "netsec\r"
expect "*(uploading plugins)？ (y/n)*"
send "y\r"
expect "*(user can have a empty ruleset)"
send "\r"
expect "are you sure*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + download latest plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " + plugin all-2.0.tar.gz download failed :/ Quit from installation. Download offline package from Nessus"
  exit 0
fi }
echo " + installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + get the version number.."
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + creating feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + set all files as immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + remove immutable for those core files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " + start service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + wait 20 more seconds to make sure server has enough time to start service"
sleep 20
echo " + Monitoring Nessus process. Following line will be updated every 10 seconds until it completed process 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Issue：Nessus server not accessable？try it again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Completed!\n'
echo
echo "        Access Nessus:  https://localhost:11127/ （or your VPS IP）"
echo "                             Username: admin"
echo "                             Password: netsec"
echo "                             Can be changed anytime"
echo
read -p "Press enter to continue"

chmod +x debian.sh
./debian.sh

https://<Public IP>:12345

Ubuntu Version:

vi ubuntu.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo   Nessus latest DOWNLOAD, INSTALL, and Config
echo //==============================================================
echo " o antiskid extra thing added removing all chattr"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
  --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
  echo " o nessus download failed :/ exiting. get copy of it from local downloading or searching 51sec.org"
  exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
echo " o starting service once FIRST TIME INITIALIZATION"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to NETSEC preferences"
echo "   listen port: 12345"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=12345 &>/dev/null
echo "   theme:       dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   logs:        performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   updates:     off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   telemetry:   off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "netsec\r"
expect "Login password (again):"
send "netsec\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from local downloading or searching in 51sec.org"
  exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download.  hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:12345/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Done!\n'
echo
echo "        Access your Nessus:  https://localhost:12345/ (or your VPS IP)"
echo "                             username: admin"
echo "                             password: netsec"
echo "                             you can change this any time"
echo
read -p "Press enter to continue"

root@nessus-instance1:~# 

• curl https://raw.githubusercontent.com/51sec/nessus-special/main/ubuntu.sh -o ubuntu.sh
• chmod +x ubuntu.sh
• ./ubuntu.sh

Open it with browser : https://<Public IP>:12345

GITHUB Repository: https://github.com/51sec/nessus-special

root@instance-20240529-180351:~# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root        29G   11G   19G  38% /
devtmpfs        473M     0  473M   0% /dev
tmpfs           477M     0  477M   0% /dev/shm
tmpfs            96M  1.1M   95M   2% /run
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           477M     0  477M   0% /sys/fs/cgroup
/dev/loop0       64M   64M     0 100% /snap/core20/2318
/dev/loop2       92M   92M     0 100% /snap/lxd/24061
/dev/loop1      354M  354M     0 100% /snap/google-cloud-cli/239
/dev/loop3       39M   39M     0 100% /snap/snapd/21465
/dev/sda15      105M  6.1M   99M   6% /boot/efi
/dev/loop4       39M   39M     0 100% /snap/snapd/21759
tmpfs            96M     0   96M   0% /run/user/1001
root@instance-20240529-180351:~# ls
Nessus-latest-ubuntu1404_amd64.deb  all-2.0.tar.gz  netsec.sh  snap  swap.sh
root@instance-20240529-180351:~# ls -l
total 577752
-rw-r--r-- 1 root root  69331230 May 29 18:11 Nessus-latest-ubuntu1404_amd64.deb
-rw-r--r-- 1 root root 522261756 May 29 18:12 all-2.0.tar.gz
-rwxr-xr-x 1 root root      5095 May 29 18:11 netsec.sh
drwx------ 3 root root      4096 May 29 18:07 snap
-rw-r--r-- 1 root root      2670 May 29 18:09 swap.sh
root@instance-20240529-180351:~# 

Nessus Windows Installation Method

 

For Windows:

1.1下载安装包后，自己安装。

1.2 浏览器访问 https://127.0.0.1:8834

重点：选择“Managed Scanner”, 再选择 “Tenable.sc”，最后一步设置账号密码，账号密码没要求。

Select Managed by tenable SC. 

第2步：获取插件包

 2.1在命令行模式下（管理员身份运行）,输入“net stop "Tenable Nessus"停止NESSUS的服务。

2.2.在命令行模式下，进入到安装目录（我的目录是D:\Software\NESSUS)下,执行以下命令，获得Challenge code值：（记得保存Challenge code值）

.\nessuscli.exe fetch --challenge 

2.3 注册NESSUS官网的账号密码，获得Activation Code 值

   注册地址：

• https://www.tenable.com/products/nessus/nessus-essentials
• https://zh-cn.tenable.com/products/nessus/nessus-essentials

  注册成功后，邮箱会收到一份邮件，邮件内容有Activation Code 值

2.4获得插件包

下载地址：https://plugins.nessus.org/v2/offline.php

依次填写2.2 、2.3获得的Challenge code 、Activation Code，随后得到插件包 all-2.0.tar.gz




2.5加载插件包

把插件包放到目录D:\Software\NESSUS\，随后执行下面的命令。第三个命令执行成功后会得到一串版本号（记得保存版本号XXX.XX.XXX）This is also will be used as the value of PLUGIN_SET in the file plugin_feed_info.inc.

attrib -s -r -h "D:\Software\NESSUS\nessus\plugins\*.*"
attrib -s -r -h "D:\Software\NESSUS\nessus\plugin_feed_info.inc"
.\nessuscli.exe update D:\Software\NESSUS\nessus\all-2.0.tar.gz

第3步:  破解

3.1打开D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc，将下面的代码覆盖文件内容。

其中的XXX.XX.X..是2.5中获得的版本号。

 
PLUGIN_SET = "XXX.XX.X...";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

3.2在管理员模式下执行如下命令：

copy "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc" "D:\Software\NESSUS\nessus\"
copy "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc" "D:\Software\NESSUS\nessus\.plugin_feed_info.inc"
attrib +s +r +h "D:\Software\NESSUS\nessus\plugins\*.*"
attrib +s +r +h "D:\Software\NESSUS\nessus\plugin_feed_info.inc"
attrib -s -r -h    "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc"
net start "Tenable Nessus"

第4步:  关闭更新

    4.1 大家完成前三大步后，重新登录NESSUS页面，成功登录进去后，会出现一个Settings的页面，在更新的选择中，选择“disenable”,

    右上角有一个圈圈一直在转，表示它在加载资源，后面加载完后，全区圈圈会消失，大家耐性等待。

第5步：避坑指南

坑1：如果没有关闭更新，第二次启动时，NESSUS的操作界面会自动更新，导致破解失败。

        解决方法：在完成前三步后，成功登录NESSUS，记得永久关闭更新，选择“dienable”

坑2：如果出现功能不能正常使用的情况，可以重启服务或者重启电脑。

        具体情形：页面中没有出现“Scan”扫描功能，或者功能无法使用。

坑3：扫描结果报错：Network interface transient error The network interface

         具体报错：The network interface ‘\Device\NPF_{DF6D9295-830F-4A92-B0E4-D0C0C9188C87}’ was not always available for packet forgery, which may lead to incomplete results. This is likely to be a transient error due to a lack of resources on this host. To correct this error, reduce the number of scans and/or hosts scanned in parallel

        官方解决方法网址：Tenable Communityhttps://community.tenable.com/s/article/Resolving-the-network-interface-does-not-support-packet-forgery-error?language=en_US

    （1）安装Wincap、Npcap；

    （2）在电脑上的网卡中，选择你正在连接外网的那张网卡，在属性中不勾选IPV6。

==============================================================================

1设置(https://www.tenable.com/downloads/nessus?loginAttempted=true)

2安装nessus并打开web ui（localhost:8834）

3选择第4个选项（托管扫描仪），然后选择“tenable.sc”

4登录后完成所有步骤

5打开https://localhost:8834#/

6打开CMD，输入services.msc

7找到Tenable Nessus，停止此服务

8搜索此文件“plugin_feed_info.inc”的所有位置

文件位置：

C:\ProgramData\Tenable\Nessus\Nessus\plugin_feed_info.inc

C:\ProgramData\Tenable\Nessus\Nessus\plugins\plugin_feed_info.inc

9.利用提供的plugin_feed_info.inc，覆盖掉这两个目录下的配置文件

（覆盖比较方便，自己写入比较麻烦）

或者在里面写入：

PLUGIN_SET = "202208261352";

PLUGIN_FEED = "ProfessionalFeed (Direct)";

PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

没有的话直接加进去就行了. 上述 PLUGIN_SET 后的数字（日期）并没有严格要求，根据日期来写以便识别版本（安装插件时会显示版本号）。

10.打开CMD（以管理员身份运行）

（1）在任务栏搜索框（屏幕最下面自带的）里输入“cmd”，旁边有个选项：以管理员身份运行

（2）用在文件夹中cmder.exe，右键用管理员身份运行

11.更改文件属性命令

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins*.*"

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"

12.更新插件命令

"C:\Program Files\Tenable\Nessus\nessuscli.exe" update "文件路径\all-2.0_202208261352.tar.gz"

13.将文件复制到文件夹命令

copy "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc" "C:\ProgramData\Tenable\Nessus\nessus"

14.更改文件属性命令

attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugins*.*"

attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc"

15.启动Nessus服务命令

net start "Tenable Nessus"

//如果无效，请用第6步的方法打开Tenable Nessus，重启一次试试

16.打开 https://localhost:8834/#/，输入之前填写的账号密码

如果出现scans，就证明破解成功了

如果安装后插件全部消失，估计是plugin_feed_info.inc出问题了，打开看看是不是被重置了。如果是，就按照上面的步骤一步一步重新安装就一遍就行了，一步都不能落下，每一步都是有他的必要性的

Note: https://blog.csdn.net/weixin_42241613/article/details/135475110

• 根据任务管理器与服务，自行控制程序的自启与运行状态！

Check Settings

Even it is still compiling the plugins, you can log in to check the about settings, which shows unlimited notes, and latest policy template version. 

References

• https://cloud.tenable.com/
• https://partners.tenable.com/
• https://cloud.tenable.com/tio/app.html#/settings
• https://github.com/51sec/nessus-special