Skip to main content

Install Nessus from docker

Docker installation. Give the below commands one by one.

apt install docker-cli

apt install docker.io

After the installation is complete, if you are inside wsl then give this command to start docker, because inside wsl systemd (systemctl) does not work:

service docker start

WSL troubleshooting:

If the above command "service docker start" does not work then use below command:

dockerd (It may not work if any previous docker process is running. It will show you pid of that process. Use this command to kill that process "kill -9 pid" and run dockerd command again)

If "docker ps -a" giving error like "Cannot connect to the Docker daemon at unix:///run/podman/podman.sock. Is the docker daemon running?" This is because you may installed podman-docker package. If you remove the package still you will get this error but you should remove the package. Then issue this command:

env | grep -i docker

DOCKER_HOST=unix:///run/podman/podman.sock   --> This is command output. You need to change this because it is pointing to podman whereas you uninstalled podman. 

Run:

unset DOCKER_HOST

or

export DOCKER_HOST=unix:///var/run/docker.sock

or

Paste this export DOCKER_HOST=unix:///var/run/docker.sock inside .profile, save the file and reboot or source the file. 

The above troubleshooting steps are needed inside of wsl. If you install docker in plain kali then you don't need to do this. 

Finally I foundin wsl, after reboot or shutdown the system, docker service is not started automatically. You just need to run "service docker start" to get it work. 


Now the below two commands you need to run for complete docker nessus installation. Run the first command and hold. Before running the 2nd command you need to do some home work :) 

First part:

1. docker run -itd --name=ramisec_nessus -p 8834:8834 ramisec/nessus

Now set admin user password and turn off the update first. 

#Enter the command to get into the docker container

docker exec -it ramisec_nessus bash

#Execute the following commands in sequence
# Enter this directory
cd /opt/nessus/sbin
# Modify the password of the specified user (take admin as an example)
./nessuscli chpasswd admin
Now open your browser and navigate to https://localhost:8834
Provide username as admin and the password that you just set. After logging in, disable the auto update.


Now time to execute the 2nd command:
#Enter the following command to get into the docker container if you are not in there. You
should be within the container as you changed password a while ago. So you can skip this
command. Still i am giving it for your conveniance. 


docker exec -it ramisec_nessus bash
# Enter this directory
cd /opt/nessus/sbin
# Fetching the challenge id

./nessuscli fetch --challenge 
(copy the challenge id i.e aaaaaa11b2222cc33d44e5f6666a777b8cc99912 This
challenge id can be manipulated meaning you can change some alphabet from the actual one, 
still it would work. But dont use the above one blindly because it is already used)


Second Part:

2. docker exec -it ramisec_nessus /bin/bash /nessus/update.sh "plugin_url"    (Need to give plugin url within quotes)

Now let's see how you can get the plugin url. Go to the following link first.

1. https://www.tenable.com/products/nessus/nessus-essentials

Now provide the business email (you can create protonmail account for business email) for activation code. Once the registration is complete, you will get the activation code. Now go to following link. 

2. https://plugins.nessus.org/v2/offline.php

Here you need to do two things. You need to provide a challenge id and the activation code that you got in a while ago. Now how you got the challenge id? 

Run below command to get the challenge id. Assuming your docker nessus instance is up and running because you ran the first command. 


Now go to the 2nd https link and provide challenge id and activation code. Now click on submit. You will get plugins url link on the next page. Now copy that link and paste in below command (in the place holder of plugin_url). First type exit to come out from the docker instance. Now from your local machine shell, issue the following commnad:

docker exec -it ramisec_nessus /bin/bash /nessus/update.sh "plugin_url"   (Need to give plugin url within quotes)

A plugin compilation process will start, wait for the process to complete. Then you are done. 

Now on before any scan you need to run the update.sh command the 2nd one which is including the plugin_url (shown above) to have the latest plugins.


Container up at persistence level:

Ensuring Docker Container Persistence After Reboot

By default, a Docker container stops when your system reboots. To configure a container to automatically restart after a reboot, you can use the --restart policy. Below are step-by-step instructions to enable persistence for your Docker container.


Option 1: Configure Persistence for a Stopped Container

Check the container status

Use the following command to list all containers and identify their state (running or stopped):



docker ps -a

Look for the container ID or name of your target container.


Start the container with a restart policy

If the container is stopped, you can set it to always restart with the following command:



docker run -d --restart always <image_name>

Replace <image_name> with the name of your Docker image (e.g., ramisec_nessus).


Option 2: Update Restart Policy for a Running Container

Start or restart the container

If the container is stopped, start or restart it using:



docker start <container_id>

or



docker restart <container_id>

Apply the restart policy

After the container is running, update its restart policy with the following command:



docker update --restart always <container_name_or_id>

Verify the Configuration

To confirm the restart policy is set correctly, inspect the container:



docker inspect <container_id> | grep RestartPolicy

You should see "Name": "always" in the output.


Now, whenever your system reboots, the container will automatically start unless explicitly stopped or the Docker daemon is restarted.


Avi





Comments

Post a Comment

Popular posts from this blog

Installtion of SQLMutant tool

This tool is perfectly works on ubuntu 24 system. And I found it is not working properly in kali linux 24 version.   https://github.com/blackhatethicalhacking/SQLMutant/tree/main This tool need to use along with sqlmap tool. Showing this cheat sheet for kali or debian based system.  This tool actually analyze everything and give you the vulnerable url where sql injection is possible. You just need to use then sqlmap to exploit that.   Prerequisite: apt install pipx -y (for ubuntu) pip3 install uro or pipx install uro pipx ensurepath pipx completions  (not needed)  source ~/.bashrc   or restart system If go tool is not installed then run the below two commands first ( golang-go ) or follow this link to install go (https://mahimfiroj.blogspot.com/2024/12/installing-nuclei-in-kali.html) otherwise skip this step.   dpkg -l | grep packagename (Using this command you can check package is installed or not) apt install gccgo-go -y or apt install gol...
Post a Comment
Read more

net command cheat sheet

  To see what users present in the system: net user To see local groups in the system: net localgroup To see domain groups. This should be run on a domain controller: net group To see the details of a user along with his/her group membership: net user mahim To see who are the members of a particular group (local machine): net localgroup "administrators"    (These are not case sensitive. You can use administrators or Administrators. Both will give you same result. To see who are the members of a particular group (domain machine): net group "domain admins" Create a local user: net user localuser1 MyP@ssw0rd /add Create a domain user: net user domainuser1 MyP@ssw0rd /add /domain Add the local user to local admin group: net localgroup Administrators localuser1 /add Add the user to domain admin group: net group "Domain Admins" domainuser1 /add /domain Avi
Post a Comment
Read more