Vulnerability Assessment - Using NESSUS

I am wondering if it is just me, but I can’t get Nessus configured using the in browser Linux terminal. Is this one of those challenges which are best approached not using the in browser instance? I am just struggling to register the Nessus software to use in the terminal

Exactly what steps have you taken?

1 Like

I had a similar question. I don’t like to use the integrated attack-machine, but how and to what do I connect. What drives me crazy right now, that I had posted a question in the forum a month ago, then figured it out myself, and deleted the question as silly. Now I’m completely stuck in my brain and don’t have notes.
I remember I ssh’ed to the target-machine and logged in as htb-student, which wasn’t even necessary.
Can anyone give me a step-by-step instruction to run my own scans via VPN?
What do they mean by “Navigate to the web interface at the end of this section and log in with provided credentials”. I run /etc/init.d/service nessusd start on the target-machine, I get asked to choose between 1. Ubuntu or 2. htb-student, I choose 2, enter password, but it doesn’ find the service.

I am stuck with the same confusion, what we supposed to do rdp or ssh.
for some reason i cant connect to target sites in browser even with openvpn on. I have to use pwnbox instance. Please anyone make this thing clear.

What should we do in this step.

1 Like

Have you specified the port?

Actually I figured out its the target we need scan using nessus and nessus webui can be access through browser with ip and port of the target machine cuz obviously its “internal assessment” meaning it has to be done from inside network of the company.

but Its still pending to finish that task as browser based vnc seems so slow.

You should be able to do it with your own machine via tunnel too.

I am also concerned about this. Could anyone suggest a fix?

port 8834

1 Like