Wednesday, March 20, 2013

Installing Nessus in Kali Linux

Written by Pranshu Bajpai |  | LinkedIn

The Nessus vulnerability scanner is a great scanner for locating vulnerabilities in clients on local and remote networks. However, it does not come installed in Kali Linux. If you try to install it using the repositories, 'apt-get install nessus', you will notice that there is no such package.

For this reason, you need to visit the Tenable website and download the package for Debian 7 (Kali Linux is built over Debian 7):

You can download the Nessus installation package (.deb) here.

Now, install the package:
#dpkg -i Nessus.....deb


After it finishes installation, goto :
$ cd /opt/nessus/bin$ ./nessus-fetch --register "QREDDR-3$FDF-DFSE3-DFSD3"
 "QREDDR-3$FDF-DFSE3-DFSD3" represents the serial code that tenable mailed you after your registration.  If you haven't registered yet, you will have to do it before you can use Nessus.

Go here for getting the registration code.

$ nessus-fetch --register <code> will take sometime for updating plugins

These plugins are necessary to help Nessus locate the latest vulnerabilities. They are to Nessus what virus definition files are to antivirus software.

Update: Nessus GUI will ask you to set up user credentials after you visit the scanner for the first time after installation at the location 'https://localhost:8834'. MoreoverNessus GUI automatically fetches the latest plugins after installation now. However, if you wish to install the plugins using command-line, and since 'nessus-fetch' has been deprecated, you need to use 'nessuscli' for updating the plugins:
#cd /opt/nessus/sbin/#./nessuscli update

After it finishes the update, Nessus is ready to be launched. First, you need to ensure that the Nessus service is running on your system:
#service nessusd start
This will start the Nessus service on port 8834.

Fire up your browser and type the following URL :

https://127.0.0.1:8834

The first time you access the scanner, it will take a long time to initialize:


After the initialization is complete, you can use the credentials you set up during installation to log into the Nessus scanner:


(It may ask to add a security exception since the SSL certificate is not verified; add the security exception).

And you're in!!


Update: This is what the new interface looks like:







16 comments:

  1. Thanks :)

    ./nessus-fetch*

    ReplyDelete
  2. So so, pusheax.

    ReplyDelete
    Replies
    1. what would you recommend instead?

      Delete
  3. This comment has been removed by the author.

    ReplyDelete
  4. Thanks for this, btw u can do all the registering at the browser also for those whos code didnt work:)

    ReplyDelete
  5. root@kali:/opt/nessus/bin# ./nessus-fetch --register "81F2-DCE3-3AC6-CC1D-5177"
    [Fri Jun 28 14:43:35 2013][3894.0] Could not connect to plugins.nessus.org:443
    It was not possible to connect to https://plugins.nessus.org. Please check your network settings. You may need to add a proxy to connect through.
    root@kali:/opt/nessus/bin#

    Please tell me where to add a proxy

    ReplyDelete
    Replies
    1. seems like nessus-fetch is decprecated. The registration process now works directly via the backend at https//127.0.0.1:8834

      Delete
  6. root@kali:/opt/nessus/bin# ./nessus-fetch --register "81F2-DCE3-3AC6-CC1D-5177"
    [Fri Jun 28 14:43:35 2013][3894.0] Could not connect to plugins.nessus.org:443
    It was not possible to connect to https://plugins.nessus.org. Please check your network settings. You may need to add a proxy to connect through.
    root@kali:/opt/nessus/bin#

    Please tell me where to add a proxy in the nessus folder

    Note: I've set my system proxy

    ReplyDelete
  7. That was great. Unfortunately, I could not recall the password of Nessus in Kali. Is there any way to reset the same?

    If yes, plz lemme knw...

    Regards,
    Krishna Gupta

    ReplyDelete
    Replies
    1. Krishna,

      If you are asking about the password for the user/admin in Nessus give this a shot, it worked for me.

      root@kali:~#/opt/nessus/sbin/nessus-chpasswd USERNAME

      Substituting USERNAME for whichever user you are trying to reset the password on.

      Hope this helps!

      Robert
      arch3angel

      Delete
  8. This comment has been removed by a blog administrator.

    ReplyDelete
  9. Starting Nmap 6.25 ( http://nmap.org ) at 2014-07-22 04:39 EDT
    Nmap scan report for localhost (127.0.0.1)
    Host is up (0.000016s latency).
    All 1000 scanned ports on localhost (127.0.0.1) are closed

    Nmap done: 1 IP address (1 host up) scanned in 0.78 secon

    ReplyDelete
  10. What do you do if, in the entire .deb download, you find there is no "nessus-fetch"? I mean, nowhere. I used the "find" command and all, and it is nowhere.

    ReplyDelete