Penetration Testing with Kali Linux OffSec
|
- Bu səhifədəki naviqasiya:
- You can start Nessus Scanner by typing /bin/systemctl start nessusd.service - Then go to https://kali:8834/ to configure your scanner
|
cd ~/Downloads
kali@kali:~/Downloads$ echo "4987776fef98bb2a72515abc0529e90572778b1d7aeeb1939179ff1f4de1440d Nessus-10.5.0- debian10_amd64.deb" > sha256sum_nessus kali@kali:~/Downloads$ sha256sum -c sha256sum_nessus Nessus-10.5.0-debian10_amd64.deb: OK Listing 91 - Verifying the checksum The output shows that the checksums match, which means we can install the package. If there is an updated version of Nessus, the checksum from the previous listing will be different and needs to be adapted. To install the Nessus package, we’ll use apt 306 with the install option. kali@kali:~/Downloads$ sudo apt install ./Nessus-10.5.0-debian10_amd64.deb ... Preparing to unpack .../Nessus-10.5.0-debian10_amd64.deb ... Unpacking nessus (10.5.0) ... Setting up nessus (10.5.0) ... ... Unpacking Nessus Scanner Core Components... - You can start Nessus Scanner by typing /bin/systemctl start nessusd.service - Then go to https://kali:8834/ to configure your scanner Listing 92 - Nessus installation After the installation is complete, we can start the nessusd service via systemctl. 307 kali@kali:~/Downloads$ sudo systemctl start nessusd.service Listing 93 - Starting Nessus Once Nessus is running, we can launch a browser and navigate to https://127.0.0.1:8834. We will be presented with a warning indicating an unknown certificate issuer, which is expected due to the use of a self-signed certificate. To accept and trust the self-signed certificate, we can click on Advanced… and then Accept the Risk and Continue . 305 (Man7, 2020), https://man7.org/linux/man-pages/man1/sha256sum.1.html 306 (Wikipedia, 2022), https://en.wikipedia.org/wiki/APT_(software) 307 (Wikipedia, 2022), https://en.wikipedia.org/wiki/Systemd Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 170 Figure 35: Nessus Presenting a Certificate Warning After the page loads, we are prompted to configure pre-installation settings. Let’s click on Continue to start the installation with the default settings. Figure 36: Configuring Pre-Installation Settings Now, we can select a Nessus product. For the purpose of this Learning Unit, we’ll choose Register for Nessus Essentials and click Continue . Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 171 Figure 37: Selecting Nessus Essentials Next, we are prompted to request an activation code for Nessus Essentials. We’ll provide the required information and click Register . Figure 38: Requesting an Activation Code Once we have registered, the activation code is shown in the next window. Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 172 Figure 39: Activating Nessus Next, we’ll create a local Nessus user account. We’ll choose the username admin with a strong password to protect our vulnerability scan results. We’ll use these credentials to log in to the Nessus application. Figure 40: Creating a Local Nessus Account Finally, Nessus downloads and compiles all plugins. This can take a significant amount of time to complete. Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 173 Yüklə Dostları ilə paylaş:
|