Scanning and Exploiting Vulnerabilities with Nessus
- Teja Swaroop
- Apr 18, 2024
- 3 min read
In this article, I will walk you through the process of setting up Nessus, scan and exploit a target on Proving Grounds Play with it.
What is Nessus?
Nessus is a vulnerability scanner that can scan and asses the complete attack surface of a target. With Nessus, you can scan a network for potential vulnerabilities, and even automatically exploit these discovered vulnerabilities. It supports different type of scans like Host Scan, Basic Network Scan, Malware Scan, Active Directory Scan, etc. It is a great tool for enumerating a target network and discovering potential ways to gain access.
Setting up Nessus
Nessus can be installed on Windows, Linux, Mac, Docker and even on a Raspberry Pi!. I prefer using it with Kasm Workspaces, which is a docker container streaming platform that lets me access and manage my docker apps from my web browser!
You can install Kasm Workspaces on your Linux machine with four simple commands by following the official installation guide here.
If you'd like to install Nessus on your machine directly (without Docker or Kasm), you can follow the installation guide here.
If you're setting up Nessus on Kasm, you need to edit some minor configurations. Go to Admin -> Workspaces and edit the Nessus image. For the "Docker Exec Config", use this configuration:
{"first_launch": { "cmd": "bash -c 'sudo apt-get update -y && sudo apt-get install -y openvpn && sudo apt-get install -y iputils-ping'"}}
For "Docker Run Config Override", use this configuration:
{"user":"root","cap_add":["NET_ADMIN"],"devices":["dev/net/tun","/dev/net/tun"],"privileged":true}
These configurations will enable you to use OpenVPN within the Nessus container spawned in Kasm.
On the first launch of Nessus, you need to register for Nessus Essentials to be able to use it for free.
You will then need to submit your name and email to receive an activation code.
Once the registration process is complete, Nessus will download all the plugins and compile them. This is going to take a lot of time - it took me 2 hours! So be patient, I guess.
Once the plugins are downloaded and compiled, you will be able to start scanning.
Scan and Exploit
We will perform our first scan on a machine called "Sumo" from Proving Grounds Play, which is a free platform offered by Offsec to practice hacking. Once you signup on Proving Grounds Play, you can download your universal VPN pack to be able to connect to the PG Play's network and scan the target.
To connect using OpenVPN, use the following command:
sudo openvpn universal.ovpn
Now, create a new "Basic Network Scan" on Nessus, set the target to the IP address of the "Sumo" machine on PG Play.
Once the scan is complete, you can see that Nessus was able to find multiple vulnerabilities of different severities.
We'll focus on the "GNU Bash Environment Variable Handling Code Injection (Shellshock)" vulnerability that Nessus identified.
Upon opening the report, you can see that Nessus was actually able to exploit this vulnerability. The report also clearly states the exact malicious request that Nessus sent in order to exploit the vulnerability.
Let's try to replicate this request to see if the exploit is actually working.
I asked ChatGPT to give me a CURL one-liner command based on the HTTP request.
Upon running this CURL command, I got a response from the target that proves that the exploit worked. The response contains the output of the command injected in the request.
Using this exploit, one can inject and run arbitrary commands on the target and even get reverse shell access on the target by doing so.
So just like that, with Nessus, we were able to scan a target, find potential vulnerabilities and even get a detailed report on how to exploit one of these vulnerabilities.
Are you looking for CALL GIRLS in Junagadh and escort service? Curbess adult classifieds ads, independent call girls in Junagadh. The largest call girls ads selection in Junagadh. Browse in our call girl category for finding a SEX MEETING in Junagadh.
Junagadh Female Escorts Palanpur Female Escorts Porbandar Female Escorts Vapi Female Escorts Ahmedabad Female Escorts Goa Female Escorts
Are you looking for CALL GIRLS in Greater Noida and escort service? Curbess adult classifieds ads, independent call girls in Greater Noida. The largest call girls ads selection in Greater Noida. Browse in our call girl category for finding a SEX MEETING in Greater Noida.
Female Independent Greater Noida Escorts Female Independent Meerut Escorts Female Independent Rajkot Escorts Female Independent Vadodara Escorts Female Independent Kanpur Escorts Female Independent Nashik Escorts
Ocean of game is a growing site where gamers find free versions of premium titles daily.
O KMSpico Ativador está entre os mais baixados no Brasil. Com o KMSpico Ativador, você garante produtividade sem limites. Qualquer computador pode rodar com o KMSpico Ativador. Não há erro ao utilizar o KMSpico Ativador. Mantenha seu sistema funcional com o KMSpico Ativador. A versão mais recente do KMSpico Ativador está ainda mais otimizada. Com o KMSpico Ativador, você não perde desempenho. Baixar o KMSpico Ativador é a melhor decisão. Você ativa até o Office 2021 com o KMSpico Ativador. Ative tudo com um clique no KMSpico Ativador.
Dr. Christopher Walker is a helpful, human, and nationally recognized urologist and regenerative medicine specialist. Known for his compassionate approach and commitment to patient-centered care, Dr. Walker brings decades of experience and a global perspective to his work. He earned his medical degree from the University of the West Indies and began his career practicing family medicine in Jamaica, where he developed a strong foundation in holistic and community-based healthcare.
Today, Dr. Christopher Walker MD is a respected leader in urology and regenerative therapies, dedicated to advancing innovative treatments that improve quality of life. Whether he's guiding patients through complex diagnoses or pioneering cutting-edge solutions, Dr. Walker remains committed to healing with heart and science.
Dr. Christopher Walker - Instagram, Dr. Christopher…