nessus – Page 5 – WindowsTechs.com

How to know if Nessus found a backdoor

Posted on December 31, 2018 by adi ridzwan

Sometimes, when we scan with Nessus, we see that the backdoor said uncredential. How can we know that this is the real backdoor or not?

Continue reading How to know if Nessus found a backdoor→

Nessus : Router detects my scan and kicks me off the network

Posted on November 6, 2018 by Johnny Pralo

I’m trying nessus on a public router.

When I run a scan on the router at 10.0.0.1, the router somewhat detects it and proceeds to kick me off.

If I put targets : 10.0.0.2-10.0.0.255 (scann all except the router), I’m not … Continue reading Nessus : Router detects my scan and kicks me off the network→

Nessus found a vulnerability, but no corresponding exploit on Metasploit : How to run with meterpreter

Posted on November 5, 2018 by Johnny Pralo

I ran Nessus on a local network, it found a critical vulnerability for the router:

MikroTik RouterOS < 6.41.3 SMB Buffer Overflow

(Vulnerability description : Exploit-db)

But I can’t find any corresponding exploit on m… Continue reading Nessus found a vulnerability, but no corresponding exploit on Metasploit : How to run with meterpreter→

Nessus Home : vulnerability scan [on hold]

Posted on October 13, 2018 by Muhammad Bilal

I am trying a basic vulnerability scan using Nessus Home and can’t find any vulnerability on Windows Server 2003, which is highly unlikely.

I am running Winserver2003 in VM. I also tried bridging NIC’s but it did not yiel… Continue reading Nessus Home : vulnerability scan [on hold]→

How to open a Nessus .db file [on hold]

Posted on July 27, 2018 by NerbertNerbert88

I have downloaded the (windows) Pro version of Nessus the security scanner to play with and (7 day) trial at work.

Nessus contains database files (of various thing) in a .db format.
I believe that these are SqlLite3 database… Continue reading How to open a Nessus .db file [on hold]→

Nessus ADV180002: Microsoft SQL Server January 2018 Security Update (Meltdown) (Spectre)

Posted on July 9, 2018 by Mark Miller

I have a MS Server 2012 r2 running ArcServe 17.5, which uses MSSQL Server Express 2014. When Nessus runs a scan of this system, I am getting the plugin 105613 – ADV180002: Microsoft SQL Server January 2018 Security Update (Me… Continue reading Nessus ADV180002: Microsoft SQL Server January 2018 Security Update (Meltdown) (Spectre)→

GHOST servers or devices in Nessus report

Posted on June 22, 2018 by Sreeraj

Our Nessus tool scans a few subnets covering about 1000 hosts. Post-scan, Nessus generates the report listing various vulnerabilities of ~600 hosts. In the list of that ~600 servers, 9 of them are IP addresses (lacking Revers… Continue reading GHOST servers or devices in Nessus report→

Is it possible to invoke OS commands from a NASL script in OpenVAS?

Posted on May 8, 2018 by MacKinnon360

I was wondering if it is possible to run a command like cat, w3m or any other Operating System (Linux) utility from inside a NASL script and use its output. Do you know any examples? I know you can use the tools that OpenVAS … Continue reading Is it possible to invoke OS commands from a NASL script in OpenVAS?→

nikto’s results differ from other vulnerability scanners , is it more or less accurate?

Posted on May 3, 2018 by user177300

I was doing some scanning on a web application, I used OWASP zap and Nessus. The risks that these two detected were medium to low, very few vulnerabilities.

Then I tried nikto, and the results were huge. It detected potenti… Continue reading nikto’s results differ from other vulnerability scanners , is it more or less accurate?→

Nessus keeps detecting mDNS

Posted on April 15, 2018 by user21303

I’m scanning my Windows 10 machine with my Kali Linux virtual box. I have a medium level vulnerability with mDNS. The solution according to the Nessus docs is to block UDP port 5353 even though the mDNS service was broadcasti… Continue reading Nessus keeps detecting mDNS→