Nessus Skills Assessment - What is the plugin ID of the highest criticality vulnerability for the Windows authenticated scan?

I have changed the Basic Network Scan template enabling all ports scan for the target:( and I have provided the same credentials for both SSH and Windows authenticated scans: administrator:Academy_VA_adm1! .
I have checked Scan Results filtering it by a multiple plugins, sorted by criticality, serching by “auth” and by “windows family” plugins but with no ID can be submitted.
Then I once again attentively read the task about pre-populated scan data and guessed immediately.

How can you check the pre-populated scan, I try to start nessus and i can´t.

instead of using nessusd through localhost:8834 you want to visit https:// [the target ip that you spawn]:8834

accept the risk then login using htb-student credentials. it’s confusing but basically you just use the nessus port on the remote box. once logged in the nessus web interface the scans are the first thing you see.

btw, you can see the instructions in the note field of the “getting started with nessus” section of this module.


Thank you very much, i forget the note. Problem solved

Super useful. I was trying to other way of building one local and running into issues. Did it this way and all you had to do was run scans already done and read.

hey i tried attempting it this way but i wasn’t able to get a connection to the nessus server i added the ip address to my /etc/hosts file but no luck. think you can give me a hint.

Restart your kali machine and do it, If you already installed Nessus on the local machine. The target ip should work
Happy Hacking

1 Like

thank you i ended up figuring it out. i appreciate your help. :smiley:

Hi, guys. I’ve tried all high risk vulnerabilities but still can’t find the answer. Maybe somebody can tip with it. Just three first numbers.

Just look at vulnerabilites detected and aim for the ones with score 10 then open it and the Plugin ID will in there in description.

I think the pre populated scan is missing this vulnerability. With my own scan it showed up.