Scanning with Nessus
[-- Intro --]
Welcome to the Nessus scanning quick guide. In this guide I'll show you
blackhats how to use Tenable Nessus to scan websites // IP's for
vulnerabilities. For this guide I'll be using http://sugarmegs.org/
[-- Installing Nessus --]
For this tutorial I'll be using a Windows 7 machine, instead of my
normal Linux, because the free version works a lot better on Windows.
Now to the actual installing part. Step one, obtaining Nessus. To
download Nessus, visit http://www.nessus.org/download/ and download it. Then install it like you'd install any other program.
[-- Setting up --]
Now to set up your Nessus server. Open the Nessus Server Manager that
should be on your desktop(If its not look on C:\Program
Files\Tenable\Nessus for it)
Once you have that open, update your plugins. If "Allow remote users to
connect to this Nessus server" is unchecked, check it. Now hit the
"Manage users button". Click the + symbol, and fill in the Username,
Password and make it Administrator. Now just save that user and close
that dialog box and start the Nessus server(This may take a couple
seconds)
[-- Logging in --]
Now to log into the Nessus interface. Just click on the Nessus Client on
your desktop, or go to https://localhost:8834/ (This should be the
default)
Now log in with your new credentials for that new user you added. You should end up on that Nessus interface.
[-- Adding a policy --]
A policy will be used to scan the target with plugins used by Nessus.
Click the policy tab and add a new one. Click safe checks box to make
sure your scan doesn't DoS or harm the target in any way, then click
next. Fill in any optional info you may need in this window such as
credentials, and select next. The next box is for the plugins. I prefer
to add all, but you can sift through them to choose any you want. Next,
type a username and password for database settings, and click submit.
Congrats, you've made a policy for scanning.
[-- Scanning --]
Now to actually scan the target for vulnerabilities. Go to your desktop
and make a new text document, and add the IP of the site. The IP for
SugarMegs is 69.38.143.62. Just add the IP and save the file. Now go to
the scans tab and hit Add. Type any name in the Name field. I'm just
gonna make it "Sugar". For Type, hit run now. Policy is gonna be your
new policy you've made. Hit browse for the IP file and navigate to that
text document, and hit upload. Now, just hit launch scan and let it run.
I recommend going to the reports tab and double clicking your current
scan to see how its going.
[-- Now what? --]
Once your done scanning, you can exploit it. Double click on the scan
and hit "Download Report". In the dropdown box, you can select a few
things. For an html detailed report, hit Detailed HTML report(By
finding). If you want to add it to Metasploit to autopwn it, save it as
.nessus
Enjoy your scanning ;)
-----------------------
Welcome to the Nessus scanning quick guide. In this guide I'll show you
blackhats how to use Tenable Nessus to scan websites // IP's for
vulnerabilities. For this guide I'll be using http://sugarmegs.org/
[-- Installing Nessus --]
For this tutorial I'll be using a Windows 7 machine, instead of my
normal Linux, because the free version works a lot better on Windows.
Now to the actual installing part. Step one, obtaining Nessus. To
download Nessus, visit http://www.nessus.org/download/ and download it. Then install it like you'd install any other program.
[-- Setting up --]
Now to set up your Nessus server. Open the Nessus Server Manager that
should be on your desktop(If its not look on C:\Program
Files\Tenable\Nessus for it)
Once you have that open, update your plugins. If "Allow remote users to
connect to this Nessus server" is unchecked, check it. Now hit the
"Manage users button". Click the + symbol, and fill in the Username,
Password and make it Administrator. Now just save that user and close
that dialog box and start the Nessus server(This may take a couple
seconds)
[-- Logging in --]
Now to log into the Nessus interface. Just click on the Nessus Client on
your desktop, or go to https://localhost:8834/ (This should be the
default)
Now log in with your new credentials for that new user you added. You should end up on that Nessus interface.
[-- Adding a policy --]
A policy will be used to scan the target with plugins used by Nessus.
Click the policy tab and add a new one. Click safe checks box to make
sure your scan doesn't DoS or harm the target in any way, then click
next. Fill in any optional info you may need in this window such as
credentials, and select next. The next box is for the plugins. I prefer
to add all, but you can sift through them to choose any you want. Next,
type a username and password for database settings, and click submit.
Congrats, you've made a policy for scanning.
[-- Scanning --]
Now to actually scan the target for vulnerabilities. Go to your desktop
and make a new text document, and add the IP of the site. The IP for
SugarMegs is 69.38.143.62. Just add the IP and save the file. Now go to
the scans tab and hit Add. Type any name in the Name field. I'm just
gonna make it "Sugar". For Type, hit run now. Policy is gonna be your
new policy you've made. Hit browse for the IP file and navigate to that
text document, and hit upload. Now, just hit launch scan and let it run.
I recommend going to the reports tab and double clicking your current
scan to see how its going.
[-- Now what? --]
Once your done scanning, you can exploit it. Double click on the scan
and hit "Download Report". In the dropdown box, you can select a few
things. For an html detailed report, hit Detailed HTML report(By
finding). If you want to add it to Metasploit to autopwn it, save it as
.nessus
Enjoy your scanning ;)
-----------------------