部署环境

• 操作系统版本：CentOS Linux release 7.9.2009 (Core)
• Docker版本：Docker Server Version: 20.10.17
• Nessus版本： 10.3.0 （#80） Linux

部署Nessus

#搜索nessus相关镜像
docker search nessus
#pull nessus最新镜像
docker pull tenableofficial/nessus
#启动docker镜像，同时配置用户名和口令、不启动自动更新
docker run -it -d -p8834:8834 --name nessus -e USERNAME=Nessus -e AUTO_UPDATE=no -e PASSWORD=HDuUNO1XzDEq2Ls tenableofficial/nessus

#进入nessus容器
docker exec -it nessus bash
#启动nessus服务
/opt/scripts/configure_scanner.py

访问nessus界面

https://localhost:8834

用户名和口令为创建nessus容器时配置的用户名和口令

username:Nessus
password:HDuUNO1XzDEq2Ls

二、官方注册插件库和激活码

官网插件库地址：
https://plugins.nessus.org/v2/offline.php

获取第一个值Challenge code

#进入Nessus容器
docker exec -it nessus bash
#生成匹配Challenge code
/opt/nessus/sbin/nessuscli fetch --challenge

Challenge code: be86f8bde86494e544d6bad87c2ea9122f8b012d

获取第二个值激活码Activation Code

进入官网，邮箱注册获取激活码，填写邮箱接收邮件
https://zh-cn.tenable.com/products/nessus/nessus-essentials?tns_redirect=true

获取激活码

提交获取插件下载地址和证书内容

插件下载地址及激活码License

更新docker中nessus插件库

将下载的插件库上传至nessus容器中

#从Docker宿主机复制文件到Docker容器 all-2.0.tar.gz插件位置看个人上传宿主机目录
docker cp /data/middleware/nessus/all-2.0.tar.gz nessus:/usr/local/
#Docker容器中更新插件库
docker exec -it nessus /bin/bash
cd /usr/local
#更新插件库
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz

激活Nessus

#进入容器
docker exec -it nessus /bin/bash
cd /usr/local
#填写刚才所获得的激活码
vi nessus.license

-----BEGIN TENABLE LICENSE-----
aTJZK2tGL1NQY3Fad2UrR0pWeWRobFpxdjJiY1F3d0Q0cEk0OWJtR3FuYjhmOTduOUF1OUMrY0FF
SmRVTkNJUUp5dEN6WTFiY1UrTnlsMG02VEQ0eUZBNU0yVGNDNDA4MmRMZEYyZy9VelhacWYyY3JH
aXFkY29kdnRhUzJtNytBbnJpUnprU21URjQva21kT3VwRWNVYmlHb0QzaXFUekNtZnZITnJaVldx
Wmh1eEFxYU9Pb2cwQW5GZXVRTWFsS1ZOODRBaXBGbFNJWjRrUi9XUUtGYWZZTmY1RGplZjZWVE1F
aUgzUDJnRmxSazJ2WFI4ZVcyazBPVEQ4R3JuTlpIaUZnNVZKdkZqdHJLZ1lYNlBRcU4zTWhIdzZF
Z2ZlajZqaG5QeUpWSkhSVFlTaHcvdzB3OEZUVXRZNU1TZmttRWlpT1lEOHcxejM2STlha1BCSGFB
dERETmFxN3l6SXJ4QTQ3ekRlY3FiS0lLYUhwWUMyeFpPbGNoV3VXZloxNGRvSXRySnFGVXB6MXRP
TERDUkNGQ2lHSHIrYUtjMUM1SUpqWTZKcFRiSHIrZm5wU3k2VDMrY1NzeU1JV3VyUmw1cUNFVWVs
WkJudUxXNkg4R0pwd3gvZEdHYi9TUjNpVjV2dzFoQUpGWG91K2NqM04zTktKVE5VcUp2Zi9URUth
SHNKTy9uWW9ZeXpGck9IUGtzWmxpdVdnMzR6U3V1MGpEamZZYVFsK3Y2ZkRlUHp5dU4vZjhhREdw
MUpSQTN4NGYwUTl3dzg0aXdKd0Zyb0Z1L3ltZE9ValIrbGR2cWFpemp3b0k3cnVCckpiNXlJb0tw
bXR3NDF4OWx5aXFPczM5d056bEkrUlN1UlpRV1BJNDJjUStFN2dwOVA4dUhndzVuZmNXK2RySzA9
DQp7ImFjdGl2YXRpb25fY29kZSI6IkdSQTctMkxVRC1EUENOLTg1WEQtWE1CTSIsInVwZGF0ZV9w
YXNzd29yZCI6ImY4MjM0OTFlYzExYjIxMGI0ODczYTllM2YxMzVlMDE3IiwicGVuZG9fYXBpX2tl
eSI6ImE3YzhkNWM0LWI2YWUtNDg2Ny03ZGFiLTY5YTkyYTA4NDdlMSIsIm5hbWUiOiJOZXNzdXMg
SG9tZSIsInR5cGUiOiJob21lIiwiZXhwaXJhdGlvbl9kYXRlIjoxODE5NTkzMzkwLCJjdXN0b21l
cl9pZCI6MCwiaXBzIjoxNiwidXBkYXRlX2xvZ2luIjoiMDdhOGZhNGZkYmYzNGIxNzU5NGZhNGUw
YTc1NmM2ZTAiLCJkcm0iOiJjMDUyOGZkOWQyNGIyZGQ0MDExMmZjZTNlM2I2NzY1MiJ9
-----END TENABLE LICENSE-----

激活

/opt/nessus/sbin/nessuscli fetch --register-offline nessus.license
#重启nessus
/opt/scripts/configure_scanner.py

等待加载插件库后访问nessus界面

https://localhost:8834

username:Nessus
password:HDuUNO1XzDEq2Ls

插件正常加载

三、Nessus破解修改限制

#nessus初始化完成后Hosts显示为"0 of 16 used”，修改其限制
docker exec -it nessus /bin/bash
#复制插件到容器根目录
cp -r /opt/nessus/lib/nessus/plugins/ /
#查看plugins插件库复制是否成功，若不成功则重新复制
du -h /plugins/
#删除重新复制
rm -rf /plugins
cp -r /opt/nessus/lib/nessus/plugins/ /

• 查看plugin_feed_info.inc文件位置

[root@7b287c8f02b0 /]# find / -name "plugin_feed_info.inc"
/opt/nessus/var/nessus/plugin_feed_info.inc
/opt/nessus/lib/nessus/plugins/plugin_feed_info.inc

• 备份plugin_feed_info.inc

mkdir /pluginsinc
cp /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.libinc
cp /opt/nessus/var/nessus/plugin_feed_info.inc /pluginsinc/plugin_feed_info.inc.varinc

• 将plugin_feed_info.inc内容修改为专业版，PLUGIN_SET序号号为Policy Template Version=202208301606或其后序号

vi /pluginsinc/plugin_feed_info.inc
PLUGIN_SET = "202208301606";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

• 关闭Nessus服务

supervisorctl stop nessusd
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc

• 重启Nessus服务

supervisorctl start nessusd
du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc

• 访问Nessus并更新规则库，此过程特慢需放置等待

• 查看状态

du -h /opt/nessus/lib/nessus/plugins/
more /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
more /opt/nessus/var/nessus/plugin_feed_info.inc
#若状态异常，重新执行插件删除程序
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
supervisorctl stop nessusd
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
supervisorctl start nessusd

重置启动

因服务重启时unlimited失效，根据状态异常操作步骤重新操作，编写nessus_start.sh代替service nessusd start，因为命令执行过程较长且Nessus需要重新加载插件，启动过程慢是正常现象。

vi /root/nessus_start.sh

#!/bin/bash
rm -rf /opt/nessus/lib/nessus/plugins/
cp -r /plugins /opt/nessus/lib/nessus/
supervisorctl stop nessusd
rm -f /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc
cp /pluginsinc/plugin_feed_info.inc /opt/nessus/var/nessus/plugin_feed_info.inc
supervisorctl start nessusd

chmod +x /root/nessus_start.sh

手动执行脚本

/root/nessus_start.sh

CentOS Docker环境部署Nessus漏洞扫描 系列一最先出现在Liao's blog。