Tenable Nessus Panel - Detect

What is the "Tenable Nessus Panel - Detect" module?

The "Tenable Nessus Panel - Detect" module is designed to detect the presence of the Tenable Nessus panel. This module focuses on identifying misconfigurations, vulnerabilities, or software fingerprints related to the Tenable Nessus panel. The severity of the findings is classified as informative, providing valuable insights without indicating immediate threats. The module was authored by joanbono and tess.

Impact

The impact of the Tenable Nessus panel detection module is primarily informational. It helps security professionals gain visibility into the presence of the Tenable Nessus panel, allowing them to assess the security posture of the target system.

How does the module work?

The module works by sending HTTP requests to the target system and analyzing the responses against predefined matching conditions. In the case of the Tenable Nessus panel detection module, it sends a GET request to the "/server/status" path. The module then checks for specific patterns in the response headers and body to determine if the Tenable Nessus panel is present.

Matching conditions:

- The response header must contain the word "NessusWWW". - The response body must contain both the HTML title tag "<title>Nessus</title>" and the JavaScript code "window.location = '/unsupported6.html';".

If any of these conditions are met, the module considers the Tenable Nessus panel to be detected.