安装脚本适用于debian系统，可在kali linux上成功安装。
适用于Ubuntu系统的可在文章末尾下载。

Nessus版本：10.6.4

插件版本：202401292356

安装方法

【1】下载nessus.sh脚本。

下载地址：
nessus.sh

或直接复制如下代码保存为nessus.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi
echo //==============================================================
echo   Nessus 最新版本下载、安装和破解   -Zen 20230819
echo   特别感谢 John Doe 在 Debian 上演示这一操作的有效性
echo   感谢 369 提供关于 "latest" 的提示
echo //==============================================================
echo " + 增加了防滑附加功能，移除所有 chattr 设置 20231013"
chattr -i -R /opt/nessus
echo " + 确保我们有先决条件.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + 停止旧的 nessusd 服务，以防存在一个！"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 下载 Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
  --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
  echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装 Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
# 看，我试图只是进行更改和运行，但它不起作用。如果你能优化我的操作，让我知道。但对我来说，这是唯一需要运行的 :/
echo " + 第一次初始化时启动服务（必须执行）"
/bin/systemctl start nessusd.service &>/dev/null
echo " + 让 Nessus 初始化，等待大约 20 秒..."
sleep 20
echo " + 停止 nessus 服务.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 更改 nessus 设置为 Zen 偏好（自由战士模式）"
echo "   监听端口: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   主题: 暗色"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   安全检查: 关闭"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   日志: 性能"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   更新: 关闭"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   遥测: 关闭"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + 添加一个用户，稍后可以更改（用户名:admin, 密码:ddosi）"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "登录密码:"
send "ddosi\r"
expect "登录密码（再次输入）:"
send "ddosi\r"
expect "*(可以上传插件等)？ (y/n)*"
send "y\r"
expect "*(用户可以有一个空的规则集)"
send "\r"
expect "是否确定*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + 下载新的插件.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装插件.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + 获取版本号.."
# 我曾经看到这个对于下载不正确。嗯，但对我来说它有效。
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + 构建插件 feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + 保护文件.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + 设置所有文件为不可变..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 但是取消关键文件的不可变性.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " + 启动服务.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + 再等待 20 秒以便服务器有足够的时间启动！"
sleep 20
echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题：Nessus 服务器无法访问？再次尝试..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o 完成!\n'
echo
echo "        访问 Nessus:  https://localhost:11127/ （或您的 VPS IP）"
echo "                             用户名: admin"
echo "                             密码: ddosi"
echo "                             随时可以更改"
echo
read -p "按 Enter 键继续"

【2】授予执行权限

chmod +x nessus.sh

【3】使用root账号执行nessus.sh（请耐心等待）大约10-15分钟。

./nessus.sh

【4】安装完毕如图所示

【5】打开如下网页即可访问Nessus。

或

【6】使用账号密码登录

Nessus启动与停止命令

启动

sudo systemctl start nessusd && systemctl --no-pager status nessusd

或直接搜索Nessus，点击nessus start即可

停止

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

或直接搜索Nessus，点击nessus stop即可.

插件数量

卸载方法

【1】停止Nessus服务。

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

【2】修改/opt/nessus/文件夹属性

chattr -i -R /opt/nessus/

【3】卸载Nessus

apt remove nessus

注意事项

问题：在系统或Nessus重启后，扫描按钮可能出现暂时不能用的情况。

原因：Nessus在重新配置插件。

解决办法：耐心等待3~5分钟即可。

Nessus破解版【适用于Ubuntu系统】

操作方法和上面的一样。

下载地址：

nessus_ubuntu.sh

或直接复制如下代码保存为nessus_ubuntu.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo   Nessus latest DOWNLOAD, INSTALL, and CRACK   -Zen 20230819
echo   special thanks to John Doe for showing this works on Debian 
echo   THANKS 369 for tip about LATEST as a version number
echo //==============================================================
echo " o antiskid extra thing added removing all chattr 20231013"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
  --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
  echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
# look I tried to just make changes and run but it doesnt work. if you can optimize
# what im doing here, let me know.  but this was it for me, it had to be run once :/
echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to Zen preferences (freedom fighter mode)"
echo "   listen port: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   theme:       dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   logs:        performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   updates:     off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   telemetry:   off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "ddosi\r"
expect "Login password (again):"
send "ddosi\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download.  hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Done!\n'
echo
echo "        Access your Nessus:  https://localhost:11127/ (or your VPS IP)"
echo "                             username: admin"
echo "                             password: ddosi"
echo "                             you can change this any time"
echo
read -p "Press enter to continue"

补充内容：下载Nessus pro插件并更新

（1）Nessus插件下载地址:

Nessus插件版本为all-2.0-20211012.tar.gz

yunzhongzhuan.com/#sharefile=aBAqaNJH…

（2）更新/安装Nessus pro插件

命令如下:

/opt/nessus/sbin/nessuscli update all-2.0-20211012.tar.gz

（3）重启Nessus服务

先停止服务

/bin/systemctl stop nessusd.service

再启动服务

/bin/systemctl start nessusd.service

（4）网页打开Nessus耐心等待插件配置完成

配置完成后页面是这样的

（5）修改plugin_feed_info.inc文件

打开目录 /opt/nessus/var/nessus/

找到文件 plugin_feed_info.inc

修改 plugin_feed_info.inc 为以下内容并保存:

PLUGIN_SET = "2021010120609";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

复制 已经修改过的plugin_feed_info.inc 文件到/opt/nessus/var/nessus/plugins/目录下

如果没有 plugins 目录则自己手动创建一个

（6）再次重启Nessus服务

先停止服务

/bin/systemctl stop nessusd.service

再启动服务

/bin/systemctl start nessusd.service

打开Nessus网页等待配置完成

（7）配置结束后打开网页登录Nessus

此时已经出现scan按钮,但显示404还不能使用.

（8）再次更新插件

命令如下:

/opt/nessus/sbin/nessuscli update all-2.0-20211012.tar.gz

耐心等待直到如下界面出现

此时登录Nessus可以看到扫描界面已经出来,
至此,Nessus已”成功破解”

设置页面截图

破解成功验证

①查看可以使用的功能有哪些

②插件数量和企业版的一致

插件数量总数如下:

Status
AIX Local Security Checks 	11409
Amazon Linux Local Security Checks 	2053
Backdoors 	121
Brute force attacks 	26
CentOS Local Security Checks 	3799
CGI abuses 	4545
CGI abuses : XSS 	690
CISCO 	1985
Databases 	762
Debian Local Security Checks 	7682
Default Unix Accounts 	171
Denial of Service 	110
DNS 	208
F5 Networks Local Security Checks 	1046
Fedora Local Security Checks 	16414
Firewalls 	312
FreeBSD Local Security Checks 	4824
FTP 	258
Gain a shell remotely 	281
General 	312
Gentoo Local Security Checks 	3155
HP-UX Local Security Checks 	1983
Huawei Local Security Checks 	5740
Junos Local Security Checks 	412
MacOS X Local Security Checks 	1784
Mandriva Local Security Checks 	3641
Misc. 	2462
Netware 	14
NewStart CGSL Local Security Checks 	919
Oracle Linux Local Security Checks 	4131
OracleVM Local Security Checks 	563
Palo Alto Local Security Checks 	141
Peer-To-Peer File Sharing 	102
PhotonOS Local Security Checks 	1860
Policy Compliance 	59
Red Hat Local Security Checks 	8103
RPC 	38
SCADA 	357
Scientific Linux Local Security Checks 	3174
Service detection 	524
Settings 	111
Slackware Local Security Checks 	1255
SMTP problems 	149
SNMP 	33
Solaris Local Security Checks 	3750
SuSE Local Security Checks 	17989
Ubuntu Local Security Checks 	5663
Virtuozzo Local Security Checks 	341
VMware ESX Local Security Checks 	140
Web Servers 	1424
Windows 	5267
Windows : Microsoft Bulletins 	2387
Windows : User management 	29

扫描验证:检查是否可以进行漏洞扫描/大于16个ip的扫描.

此处我使用namp随机扫描了大概800多个存活ip.

为了快速判断,我只扫描了80端口.

大约10秒钟时间,已经扫出来114个开放80端口的ip,
说明成功突破16ip限制,亦说明破解成功.

漏洞扫描验证

为了检测破解是否完整,此时对漏洞进行扫描测试插件可用性.

此处随机找了几个国外的网站进行漏洞扫描测试.

可以扫描出来漏洞

说明/备注:

Nessus再Linux中的扫描速度比在Windows中快很多,所以建议使用Linux进行安装.