Recon-NG框架是用python编写的开源web工具,主要用于信息收集和网络侦查。
源代码位置:https://bitbucket.org/LaNMaSteR53/recon-ng/src/master/
fxy@kali ~ [22:28:02] > $ sudo recon-ng _/_/_/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/_/_/ /\ / \\ /\ Sponsored by... /\ /\/ \\V \/\ / \\/ // \\\\\ \\ \/\ // // BLACK HILLS \/ \\ www.blackhillsinfosec.com [recon-ng v4.9.6, Tim Tomes (@LaNMaSteR53)] [81] Recon modules //81个侦查模块 [8] Reporting modules //8个报告模块 [2] Import modules //2个导入模块 [2] Exploitation modules //2个渗透攻击模块 [2] Discovery modules //1个发现模块 [recon-ng][default] >
首先我们按照书上来吧:
用help来查看所有可执行的命令
[recon-ng][default] > help Commands (type [help|?]
): --------------------------------- add 将记录添加到数据库 back 退出当前上下文 delete 从数据库中删除记录 exit 退出框架 help 显示此菜单 keys 管理框架API密钥 load 加载指定的模块 pdb 启动Python调试器会话 query 查询数据库 record 将命令记录到资源文件 reload 重新加载所有模块 resource 从资源文件中执行命令 search 搜索可用模块 set 设置模块选项 shell 执行shell命令 show 显示各种框架项 snapshots 管理工作区快照 spool 将线程输出到文件 unset 取消设置模块选项 use 加载指定的模块 workspaces 管理工作区 通过show modules查看所有可用模块
[recon-ng][default] > show modules Discovery 发现模块 --------- discovery/info_disclosure/cache_snoop discovery/info_disclosure/interesting_files Exploitation 渗透模块 ------------ exploitation/injection/command_injector exploitation/injection/xpath_bruter Import 引入模块 ------ import/csv_file import/list Recon 侦查模块 ----- recon/companies-contacts/bing_linkedin_cache recon/companies-contacts/jigsaw/point_usage recon/companies-contacts/jigsaw/purchase_contact recon/companies-contacts/jigsaw/search_contacts recon/companies-contacts/pen recon/companies-domains/pen recon/companies-multi/github_miner recon/companies-multi/whois_miner recon/contacts-contacts/mailtester recon/contacts-contacts/mangle recon/contacts-contacts/unmangle recon/contacts-credentials/hibp_breach recon/contacts-credentials/hibp_paste recon/contacts-domains/migrate_contacts recon/contacts-profiles/fullcontact recon/credentials-credentials/adobe recon/credentials-credentials/bozocrack recon/credentials-credentials/hashes_org recon/domains-companies/pen recon/domains-contacts/metacrawler recon/domains-contacts/pen recon/domains-contacts/pgp_search recon/domains-contacts/whois_pocs recon/domains-credentials/pwnedlist/account_creds recon/domains-credentials/pwnedlist/api_usage recon/domains-credentials/pwnedlist/domain_creds recon/domains-credentials/pwnedlist/domain_ispwned recon/domains-credentials/pwnedlist/leak_lookup recon/domains-credentials/pwnedlist/leaks_dump recon/domains-domains/brute_suffix recon/domains-hosts/bing_domain_api recon/domains-hosts/bing_domain_web recon/domains-hosts/brute_hosts recon/domains-hosts/builtwith recon/domains-hosts/certificate_transparency recon/domains-hosts/findsubdomains recon/domains-hosts/google_site_web recon/domains-hosts/hackertarget recon/domains-hosts/mx_spf_ip recon/domains-hosts/netcraft recon/domains-hosts/shodan_hostname recon/domains-hosts/ssl_san recon/domains-hosts/threatcrowd recon/domains-hosts/threatminer recon/domains-vulnerabilities/ghdb recon/domains-vulnerabilities/punkspider recon/domains-vulnerabilities/xssed recon/domains-vulnerabilities/xssposed recon/hosts-domains/migrate_hosts recon/hosts-hosts/bing_ip recon/hosts-hosts/ipinfodb recon/hosts-hosts/ipstack recon/hosts-hosts/resolve recon/hosts-hosts/reverse_resolve recon/hosts-hosts/ssltools recon/hosts-hosts/virustotal recon/hosts-locations/migrate_hosts recon/hosts-ports/shodan_ip recon/locations-locations/geocode recon/locations-locations/reverse_geocode recon/locations-pushpins/flickr recon/locations-pushpins/shodan recon/locations-pushpins/twitter recon/locations-pushpins/youtube recon/netblocks-companies/whois_orgs recon/netblocks-hosts/reverse_resolve recon/netblocks-hosts/shodan_net recon/netblocks-hosts/virustotal recon/netblocks-ports/census_2012 recon/netblocks-ports/censysio recon/ports-hosts/migrate_ports recon/profiles-contacts/dev_diver recon/profiles-contacts/github_users recon/profiles-profiles/namechk recon/profiles-profiles/profiler recon/profiles-profiles/twitter_mentioned recon/profiles-profiles/twitter_mentions recon/profiles-repositories/github_repos recon/repositories-profiles/github_commits recon/repositories-vulnerabilities/gists_search recon/repositories-vulnerabilities/github_dorks Reporting 报告模块 --------- reporting/csv reporting/html reporting/json reporting/list reporting/proxifier reporting/pushpin reporting/xlsx reporting/xml
按照书上使用的是baidu_site模块,不过,我的电脑里并没有这个模块(当然你可以自己编写),所以我就使用了另一个bing_domain_web模块了,从这个模块的名字我理解的是,他是使用bing来发现子域名的。
//首先使用这个模块 [recon-ng][default] > use recon/domains-hosts/bing_domain_web [recon-ng][default][bing_domain_web] >
//然后查看这个模块怎么用 [recon-ng][default][bing_domain_web] > show options Name Current Value Required Description ------ ------------- -------- ----------- SOURCE baidu.com yes source of input (see 'show info' for details) [recon-ng][default][bing_domain_web] > //可以看到,这里面有一个值名字是 SOURCE,这个需要被赋予一个值,因为我之前已经赋值了,所以它就默认到里面了
//赋值 [recon-ng][default][bing_domain_web] > set SOURCE bilibili.com SOURCE => bilibili.com //我们从新命名一下
//开始运行 [recon-ng][default][bing_domain_web] > run ------------ BILIBILI.COM ------------ [*] URL: https://www.bing.com/search?first=0&q=domain%3Abilibili.com [*] [host] account.bilibili.com (
) [*] [host] vc.bilibili.com ( ) [*] [host] bangumi.bilibili.com ( ) [*] [host] mall.bilibili.com ( ) [*] [host] show.bilibili.com ( ) [*] [host] pay.bilibili.com ( ) [*] [host] app.bilibili.com ( ) [*] [host] message.bilibili.com ( ) [*] [host] live.bilibili.com ( ) [*] [host] bml.bilibili.com ( ) [*] [host] campus.bilibili.com ( ) [*] [host] member.bilibili.com ( ) [*] [host] game.bilibili.com ( ) [*] [host] bw.bilibili.com ( ) [*] [host] search.bilibili.com ( ) [*] [host] t.bilibili.com ( ) [*] [host] passport.bilibili.com ( ) [*] [host] big.bilibili.com ( ) [*] [host] security.bilibili.com ( ) [*] [host] h.bilibili.com ( ) [*] [host] manga.bilibili.com ( ) [*] Sleeping to avoid lockout... [*] URL: https://www.bing.com/search?first=0&q=domain%3Abilibili.com+-domain%3Aaccount.bilibili.com+-domain%3Avc.bilibili.com+-domain%3Abangumi.bilibili.com+-domain%3Amall.bilibili.com+-domain%3Ashow.bilibili.com+-domain%3Apay.bilibili.com+-domain%3Aapp.bilibili.com+-domain%3Amessage.bilibili.com+-domain%3Alive.bilibili.com+-domain%3Abml.bilibili.com+-domain%3Acampus.bilibili.com+-domain%3Amember.bilibili.com+-domain%3Agame.bilibili.com+-domain%3Abw.bilibili.com+-domain%3Asearch.bilibili.com+-domain%3At.bilibili.com+-domain%3Apassport.bilibili.com+-domain%3Abig.bilibili.com+-domain%3Asecurity.bilibili.com+-domain%3Ah.bilibili.com+-domain%3Amanga.bilibili.com [*] [host] link.bilibili.com ( ) [*] [host] d.bilibili.com ( ) [*] [host] space.bilibili.com ( ) [*] Sleeping to avoid lockout... [*] URL: https://www.bing.com/search?first=0&q=domain%3Abilibili.com+-domain%3Aaccount.bilibili.com+-domain%3Avc.bilibili.com+-domain%3Abangumi.bilibili.com+-domain%3Amall.bilibili.com+-domain%3Ashow.bilibili.com+-domain%3Apay.bilibili.com+-domain%3Aapp.bilibili.com+-domain%3Amessage.bilibili.com+-domain%3Alive.bilibili.com+-domain%3Abml.bilibili.com+-domain%3Acampus.bilibili.com+-domain%3Amember.bilibili.com+-domain%3Agame.bilibili.com+-domain%3Abw.bilibili.com+-domain%3Asearch.bilibili.com+-domain%3At.bilibili.com+-domain%3Apassport.bilibili.com+-domain%3Abig.bilibili.com+-domain%3Asecurity.bilibili.com+-domain%3Ah.bilibili.com+-domain%3Amanga.bilibili.com+-domain%3Alink.bilibili.com+-domain%3Ad.bilibili.com+-domain%3Aspace.bilibili.com [*] [host] yoo.bilibili.com ( ) [*] [host] news.bilibili.com ( ) [*] [host] api.bilibili.com ( ) [*] [host] moe.bilibili.com ( ) [*] Sleeping to avoid lockout... [*] URL: https://www.bing.com/search?first=0&q=domain%3Abilibili.com+-domain%3Aaccount.bilibili.com+-domain%3Avc.bilibili.com+-domain%3Abangumi.bilibili.com+-domain%3Amall.bilibili.com+-domain%3Ashow.bilibili.com+-domain%3Apay.bilibili.com+-domain%3Aapp.bilibili.com+-domain%3Amessage.bilibili.com+-domain%3Alive.bilibili.com+-domain%3Abml.bilibili.com+-domain%3Acampus.bilibili.com+-domain%3Amember.bilibili.com+-domain%3Agame.bilibili.com+-domain%3Abw.bilibili.com+-domain%3Asearch.bilibili.com+-domain%3At.bilibili.com+-domain%3Apassport.bilibili.com+-domain%3Abig.bilibili.com+-domain%3Asecurity.bilibili.com+-domain%3Ah.bilibili.com+-domain%3Amanga.bilibili.com+-domain%3Alink.bilibili.com+-domain%3Ad.bilibili.com+-domain%3Aspace.bilibili.com+-domain%3Ayoo.bilibili.com+-domain%3Anews.bilibili.com+-domain%3Aapi.bilibili.com+-domain%3Amoe.bilibili.com ------- SUMMARY ------- [*] 28 total (28 new) hosts found. //可以看到,他还会为了防止锁IP而暂停一段时间,最终程序发现了28个主机。 //接下来生成报告 [recon-ng][default][bing_domain_web] > use reporting/csv [recon-ng][default][csv] > [recon-ng][default] > use reporting/csv [recon-ng][default][csv] > run [*] 126 records added to '/root/.recon-ng/workspaces/default/results.csv'. [recon-ng][default][csv] > //然后就可以去目录下查看了
如果想非常熟悉的使用这些,所有的模块还需要大量的学习,因为作为入门,所以我只是先了解这些内容,所以十分简单,并不会设计太深,当然如果你对这个框架十分感兴趣可以尝试买些相关书籍。
不过从这里开始,我写的就不是书上介绍的了,因为我发现实际操作总与书本不符,所以来看看下面吧。
首先我发现了一个问题,就是在我打开这个框架的时候,报了很多错误。其中大多与api相关,于是你可以尝试一下查看这些api的key值。
[!] 'builtwith_api' key not set. builtwith module will likely fail at runtime. See 'keys add'. [!] 'bing_api' key not set. bing_domain_api module will likely fail at runtime. See 'keys add'. [!] 'shodan_api' key not set. shodan_hostname module will likely fail at runtime. See 'keys add'. [!] 'censysio_id' key not set. censysio module will likely fail at runtime. See 'keys add'. [!] 'censysio_secret' key not set. censysio module will likely fail at runtime. See 'keys add'. [!] 'google_api' key not set. geocode module will likely fail at runtime. See 'keys add'. [!] 'google_api' key not set. reverse_geocode module will likely fail at runtime. See 'keys add'. [!] 'shodan_api' key not set. shodan module will likely fail at runtime. See 'keys add'. [!] 'twitter_api' key not set. twitter module will likely fail at runtime. See 'keys add'. [!] 'twitter_secret' key not set. twitter module will likely fail at runtime. See 'keys add'. [!] 'flickr_api' key not set. flickr module will likely fail at runtime. See 'keys add'. [!] 'google_api' key not set. youtube module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_api' key not set. api_usage module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_secret' key not set. api_usage module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_api' key not set. domain_ispwned module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_secret' key not set. domain_ispwned module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_api' key not set. domain_creds module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_secret' key not set. domain_creds module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_iv' key not set. domain_creds module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_api' key not set. leaks_dump module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_secret' key not set. leaks_dump module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_api' key not set. account_creds module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_secret' key not set. account_creds module will likely fail at runtime. See 'keys add'. [!] 'pwnedlist_iv' key not set. account_creds module will likely fail at runtime. See 'keys add'. [!] 'twitter_api' key not set. twitter_mentions module will likely fail at runtime. See 'keys add'. [!] 'twitter_secret' key not set. twitter_mentions module will likely fail at runtime. See 'keys add'. [!] 'twitter_api' key not set. twitter_mentioned module will likely fail at runtime. See 'keys add'. [!] 'twitter_secret' key not set. twitter_mentioned module will likely fail at runtime. See 'keys add'. [!] 'hashes_api' key not set. hashes_org module will likely fail at runtime. See 'keys add'. [!] 'github_api' key not set. github_dorks module will likely fail at runtime. See 'keys add'. [!] 'virustotal_api' key not set. virustotal module will likely fail at runtime. See 'keys add'. [!] 'shodan_api' key not set. shodan_net module will likely fail at runtime. See 'keys add'. [!] 'github_api' key not set. github_commits module will likely fail at runtime. See 'keys add'. [!] 'fullcontact_api' key not set. fullcontact module will likely fail at runtime. See 'keys add'. [!] 'github_api' key not set. github_repos module will likely fail at runtime. See 'keys add'. [!] 'shodan_api' key not set. shodan_ip module will likely fail at runtime. See 'keys add'. [!] 'bing_api' key not set. bing_linkedin_cache module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_username' key not set. point_usage module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_password' key not set. point_usage module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_api' key not set. point_usage module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_api' key not set. search_contacts module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_username' key not set. purchase_contact module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_password' key not set. purchase_contact module will likely fail at runtime. See 'keys add'. [!] 'jigsaw_api' key not set. purchase_contact module will likely fail at runtime. See 'keys add'. [!] 'github_api' key not set. github_miner module will likely fail at runtime. See 'keys add'. [!] 'virustotal_api' key not set. virustotal module will likely fail at runtime. See 'keys add'. [!] 'bing_api' key not set. bing_ip module will likely fail at runtime. See 'keys add'. [!] 'ipstack_api' key not set. ipstack module will likely fail at runtime. See 'keys add'. [!] 'ipinfodb_api' key not set. ipinfodb module will likely fail at runtime. See 'keys add'. [!] 'github_api' key not set. github_users module will likely fail at runtime. See 'keys add'.
//果然你会发现,这些值都为空,因为你并没有申请到这些api等等,当然还有其他的,这里并没有列出来。 [recon-ng][default] > keys -h Manages framework API keys Usage: keys [list|add|delete] [recon-ng][default] > keys list +--------------------------+ | Name | Value | +--------------------------+ | bing_api | | | builtwith_api | | | censysio_id | | | censysio_secret | | | flickr_api | | | fullcontact_api | | | github_api | | | google_api | | | hashes_api | | | ipinfodb_api | | | ipstack_api | | | jigsaw_api | | | jigsaw_password | | | jigsaw_username | | | pwnedlist_api | | | pwnedlist_iv | | | pwnedlist_secret | | | shodan_api | | | twitter_api | | | twitter_secret | | | virustotal_api | | +--------------------------+
所以在他的开源介绍中提到了如何获取这些key:
- Bing API Key(bing_api) - 在此处注册免费试用Bing Search API 90天。登录Microsoft Cognitive Services并转到“ 我的帐户 ”选项卡。点击“订阅新的免费试用版”,获取“Bing搜索 - 免费”的密钥。API密钥将在“我的帐户”页面的“Bing搜索”标题下提供。
- BuiltWith API密钥(builtwith_api) - 在这里注册一个免费帐户。登录该应用程序。API密钥将在屏幕的右上角提供。
- Censys API Key(censysio_id) - 待定
- Censys API Secret(censysio_secret) - 待定
- Flickr API密钥(flickr_api) - 在此处创建Flickr帐户。在此申请API密钥并选择“申请非商业密钥”。输入您的申请名称。输入您正在构建的内容的说明。检查“我承认Flickr成员拥有对其内容的所有权利,并且我有责任确保我的项目不会违反这些权利。” 免责声明。阅读Flickr API使用条款。检查“我同意遵守Flickr API使用条款”。框。将有一个32个字符的“Key”和一个16个字符的“Secret”。重新使用仅使用“密钥”。
- FullContact API密钥(fullcontact_api) - 待定
- Google API密钥(google_api) - 在此处创建API项目。API密钥将在API Manager控制台的“凭据”部分中提供。请务必启用相关的API。
- YouTube数据API
- 自定义搜索API
- Google自定义搜索引擎(CSE)ID(google_cse) - 在此处创建CSE 。CSE ID将在CSE管理控制台中提供。请阅读此处以获取有关配置CSE以搜索整个Web的指导。否则,CSE将仅限于搜索CSE管理控制台中指定的域。这将极大地影响利用CSE的任何模块的结果。
- Github API密钥(github_api) - 待定
- Hashes.org API密钥(hashes_api) - 待定
- IPInfoDB API密钥(ipinfodb_api) - 在此处创建一个免费帐户。在此处登录该应用程序。API密钥将在“帐户”标签上提供。
- 拼图API密钥(jigsaw_api) - 在此处创建一个帐户并注册$ 1,500 /年计划。公司电子邮件地址是首选。使用与创建付费帐户相同的电子邮件地址在此处提交API令牌请求。Jigsaw API团队将查找该帐户以验证其是付费成员资格并颁发API令牌。注意:这不是确认的过程,因此请小心操作。如果不出意外,请致电Salesforce并询问如何获取API密钥。
- PwnedList API Key(pwnedlist_api) - 直接联系PwnedList,了解API访问。
- PwnedList初始化向量(pwnedlist_iv) - 直接联系PwnedList关于API访问。
- PwnedList Secret(pwnedlist_secret) - 直接联系PwnedList关于API访问。
- Shodan API Key(shodan_api) - 创建一个帐户或使用此处提供的众多选项之一登录Shodan 。API密钥将在屏幕右侧提供。需要升级帐户才能访问高级搜索功能。
- Twitter消费者密钥(twitter_api) - 在此处创建应用程序。Consumer键将在应用程序管理页面上提供。
- Twitter Consumer Secret(twitter_secret) - 消费者秘密将在上面创建的应用程序的应用程序管理页面上提供。
接下来我们尝试一些命令:
这里可以看到,我的原本工作区只有默认工作区,然后通过add可以创建一个新的工作区
[recon-ng][default] > show workspaces +------------+ | Workspaces | +------------+ | default | +------------+ [recon-ng][default] > workspaces add firstspace [recon-ng][firstspace] > show workspaces +------------+ | Workspaces | +------------+ | firstspace | | default | +------------+
通过是show schema 我们可以看到一些简单的数据库的列表类型,然后就可以在对应的表中进行添加
[recon-ng][firstspace] > show schema +---------------+ | domains | +---------------+ | domain | TEXT | | module | TEXT | +---------------+ +--------------------+ | companies | +--------------------+ | company | TEXT | | description | TEXT | | module | TEXT | +--------------------+ +-----------------+ | netblocks | +-----------------+ | netblock | TEXT | | module | TEXT | +-----------------+ +-----------------------+ | locations | +-----------------------+ | latitude | TEXT | | longitude | TEXT | | street_address | TEXT | | module | TEXT | +-----------------------+ +---------------------+ | vulnerabilities | +---------------------+ | host | TEXT | | reference | TEXT | | example | TEXT | | publish_date | TEXT | | category | TEXT | | status | TEXT | | module | TEXT | +---------------------+ +-------------------+ | ports | +-------------------+ | ip_address | TEXT | | host | TEXT | | port | TEXT | | protocol | TEXT | | module | TEXT | +-------------------+ +-------------------+ | hosts | +-------------------+ | host | TEXT | | ip_address | TEXT | | region | TEXT | | country | TEXT | | latitude | TEXT | | longitude | TEXT | | module | TEXT | +-------------------+ +--------------------+ | contacts | +--------------------+ | first_name | TEXT | | middle_name | TEXT | | last_name | TEXT | | email | TEXT | | title | TEXT | | region | TEXT | | country | TEXT | | module | TEXT | +--------------------+ +-----------------+ | credentials | +-----------------+ | username | TEXT | | password | TEXT | | hash | TEXT | | type | TEXT | | leak | TEXT | | module | TEXT | +-----------------+ +-----------------------------+ | leaks | +-----------------------------+ | leak_id | TEXT | | description | TEXT | | source_refs | TEXT | | leak_type | TEXT | | title | TEXT | | import_date | TEXT | | leak_date | TEXT | | attackers | TEXT | | num_entries | TEXT | | score | TEXT | | num_domains_affected | TEXT | | attack_method | TEXT | | target_industries | TEXT | | password_hash | TEXT | | password_type | TEXT | | targets | TEXT | | media_refs | TEXT | | module | TEXT | +-----------------------------+ +---------------------+ | pushpins | +---------------------+ | source | TEXT | | screen_name | TEXT | | profile_name | TEXT | | profile_url | TEXT | | media_url | TEXT | | thumb_url | TEXT | | message | TEXT | | latitude | TEXT | | longitude | TEXT | | time | TEXT | | module | TEXT | +---------------------+ +-----------------+ | profiles | +-----------------+ | username | TEXT | | resource | TEXT | | url | TEXT | | category | TEXT | | notes | TEXT | | module | TEXT | +-----------------+ +--------------------+ | repositories | +--------------------+ | name | TEXT | | owner | TEXT | | description | TEXT | | resource | TEXT | | category | TEXT | | url | TEXT | | module | TEXT | +--------------------+
然后我们可以尝试加一些
[recon-ng][default] > add companies baidu~An internet company [recon-ng][default] > show companies +----------------------------------------------+ | rowid | company | description | module | +----------------------------------------------+ | 1 | baidu | 一个互联网企业 | user_defined | +----------------------------------------------+ [*] 1 rows returned [recon-ng][default] > delete companies 1 [recon-ng][default] > show companies [*] No data returned. [recon-ng][default] > add companies baidu~An internet company [recon-ng][default] > show companies +------------------------------------------------------+ | rowid | company | description | module | +------------------------------------------------------+ | 1 | baidu | An internet company | user_defined | +------------------------------------------------------+ [*] 1 rows returned
了解了这么多,差不多就可以基本使用这个框架了
博主还在学习kali的相关内容,如有错误,还请各位指出,谢谢支持。