Go to this link Nessus Essentials Vulnerability Scanner | Tenable® and register for an Activation Code. You can use Temp-Mail to get a temporary email address.
a. Once installed, go to the welcome configuration page (Nessus automatically opens the browser) selects
Managed Scanner, and click
Tenable.sc and click
Continue and set your account password and click
PowerShell with administrator privileges and go to the installation directory, Use this command to get the challenge code.
.\nessuscli.exe fetch --challenge
d. Go to the offline activation page, enter the activation code and challenge code and click
Submit to get the offline plug-in package and activation certificate.
e. Download the
all-2.0.tar.gz plug-in package from the link and copy
all-2.0.tar.gz to the installation directory.
f. Use this command in
PowerShell with administrator privileges. It’ll take time to process. After complete copy the number string (Moved new templates with version 20210*****) .
.\nessuscli.exe update .\all-2.0.tar.gz
g. Now go to the Nessus Settings (https://localhost:8834/#/settings/about) Select
Offline and enter the activation certificate and click
Active. It is then initialized for a period of time, When you’re done, go to the settings page and activate successfully, showing that only 16 IPs are allowed to be scan.
h. Copy the code in notepad and replace the number string (step " f ") save it as
PLUGIN_SET = "20210*****";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
i. Now overwrite the
plugin_feed_info.inc file with the Nessus installation directory (
C:\ProgramData\Tenable\Nessus\nessus) and delete the another
plugin_feed_info.inc file from the
You can also create a blank file
plugin_feed_info.inc with read only permission in
j. Now go to Windows Service Management (
services.msc) and restart the
k. After the restart of Nessus, go to the Nessus Settings (https://localhost:8834/#/settings/about) You will see something like this and the crack is successful.
- Set Tenable Nessus to
manualin Windows services
- Before each launch of Nessus, remove the
nessus/pluginsdirectory or make a blank file with read only permission.
- With a very low chance, your
nessus/plugin_feed_info.incwill be reset and modified to crack the content.