REQ: Nessus latest on linux - wtf [email protected]#
by vectorbravo - April 23, 2021 at 10:24 PM
#1
It seems that there is no problem modifying Nessus on windows.  However I have now been fighting with Nessus for two days straight on linux and have followed every guide on the net (many are chinese but easily translated) and nothing works.  I simple cannot get both unlimited "SC" mode, simultaneous with a loaded Plugin set.

I have now wasted days on this stupid shit.  I am a complete fucking asshat for not having just re-committed myself to reversing and cracking of nessusd binary, since that would have saved me all this grief and would have been a more elegant solution anyway.  Bumbling around in a bash shell replacing files and reloading Nessus (literally I shit you not like a hundred fucking times now) was a massive waste of time and energy.

Nessus does a check to see if the plugins are mismatched (Home feed where it should be their SC managed feed) and it will delete the plugins directory as part of it's check when it is starting up.  Some of the tutorials suggest copying a backup of the plugins directory to recreate the directory and then restarting and Nessus magically works but I have found this to not be the case and it will simply delete the directory over and over again.  The guides out there right now do not work with current Nessus.

The key to all the posted cracks has been to have a different string in the plugin_feed_info.inc file and place it in several locations.  This string being changed from Nessus Home to Nessus Professional does indeed work to make the software think it's in managed mode, however this triggers the erasing of the plugins and the software will not be functional.

Note that all attempts to set immutable bit or in other ways protect the files from erasure just keeps Nessus from continuing and it will not function.

I suspect that there is something NEW in the latest Nessus linux version that is different from what all the posted cracks out there have dealt with, so following the crack steps is just not working anymore.

Is anyone out there using the current Nessus, on Linux, and if so could you please post or PM me how you were able to bypass the plugins consistency check that Nessus is doing?
Reply
#2
ok please delete this thread. It took several days but I got it. Just, unbelievable.

The only thing I can think, and maybe this will save someone else some headache, is that I changed the feed inc file to have double quotes around the date variable. So, for plugin_feed_info.inc, the PLUGIN_SET I had to set to "202104231628". With the quotes.

(or, if this thread must stay, then I guess let it be a lesson to others who are trying to get this working in linux. Total pain but there is a combination where it will work.)
Reply
#3
I'm not sure if it's really due to the double-quotes, as I always used double-quotes so far during my tests. I wasted several evenings so far and did not get it to work on Ubuntu 20.04.1. What UNIX distribution are you using?
Reply
#4
Ubuntu 20.04 same here.  I fought with it a lot before finally hitting just the right combination.  I still think what I did right was fixing the plugin_feed_info.inc to have the right date as well as being in doublequotes - it's the only thing I changed right before it worked.  I also did null all the hosts nessus tries to phone home to, but that wasn't some recent thing I did that from the start in the first hour (out of like 15 hours of fucking with this) so it wasn't that.

When setting something up, run tcpdump in another shell (I use screen) watching for dns traffic like "tcpdump -n port 53" then after running the software go back and look at all the places it phoned home to, then add an entry in /etc/hosts setting those to 127.0.0.1 or something (nonroutable localhost).

I'm not sure that is the breakthrough for linux - I still think its the doublequotes.  Follow the directions from the chinese sites step by step and there will be a place where it looks like "why am i doing this twice wtf" but if you get things just right, it really will work.
Reply
#5
Thank you very much for this sharing....
Reply
#6
Which guide should I follow? I've been meaning to patch this on my arch linux for a long time. Please recommend something.

(April 23, 2021 at 10:24 PM)vectorbravo Wrote: It seems that there is no problem modifying Nessus on windows.  However I have now been fighting with Nessus for two days straight on linux and have followed every guide on the net (many are chinese but easily translated) and nothing works.  I simple cannot get both unlimited "SC" mode, simultaneous with a loaded Plugin set.

I have now wasted days on this stupid shit.  I am a complete fucking asshat for not having just re-committed myself to reversing and cracking of nessusd binary, since that would have saved me all this grief and would have been a more elegant solution anyway.  Bumbling around in a bash shell replacing files and reloading Nessus (literally I shit you not like a hundred fucking times now) was a massive waste of time and energy.

Nessus does a check to see if the plugins are mismatched (Home feed where it should be their SC managed feed) and it will delete the plugins directory as part of it's check when it is starting up.  Some of the tutorials suggest copying a backup of the plugins directory to recreate the directory and then restarting and Nessus magically works but I have found this to not be the case and it will simply delete the directory over and over again.  The guides out there right now do not work with current Nessus.

The key to all the posted cracks has been to have a different string in the plugin_feed_info.inc file and place it in several locations.  This string being changed from Nessus Home to Nessus Professional does indeed work to make the software think it's in managed mode, however this triggers the erasing of the plugins and the software will not be functional.

Note that all attempts to set immutable bit or in other ways protect the files from erasure just keeps Nessus from continuing and it will not function.

I suspect that there is something NEW in the latest Nessus linux version that is different from what all the posted cracks out there have dealt with, so following the crack steps is just not working anymore.

Is anyone out there using the current Nessus, on Linux, and if so could you please post or PM me how you were able to bypass the plugins consistency check that Nessus is doing?
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
🤖 Nessus Pro 8.14.0 Plugins + Steps ( 202105032307 ) May 3 2021 ( No Credits ) Amank 20 1,206 Yesterday at 03:09 PM
Last Post: willson
🤖 Nessus Pro 8.14.0 Plugins + Steps ( 202104290717 ) April 29 2021 - (No Credits) Amank 46 2,321 May 04, 2021 at 07:48 AM
Last Post: wqwq
Nessus Plugin202104280111 alireza1023 36 2,617 May 03, 2021 at 07:16 AM
Last Post: adbhutham

 Users browsing this thread: 1 Guest(s)