diff --git a/config.yaml b/config.yaml new file mode 100644 index 0000000..f831b2c --- /dev/null +++ b/config.yaml @@ -0,0 +1,16 @@ +all_config: + github_token: xxxxxx + dingding: + - enable:1 + - webhook:xxxxxxx + - secretKey:xxxxxxx + - app_name:dingding + server: + - enable:0 + - sckey:123123 + - app_name:server + tgbot: + - enable:0 + - token:123 + - group_id:123 + - app_name:tgbot \ No newline at end of file diff --git a/github_cve_monitor.py b/github_cve_monitor.py index 28f8255..1d9171d 100644 --- a/github_cve_monitor.py +++ b/github_cve_monitor.py @@ -16,10 +16,12 @@ import hashlib import yaml from lxml import etree import sqlite3 - +import logging today_cve_info_tmp = [] tools_update_list = [] +logging.basicConfig(level=logging.DEBUG, filename='run_info.log') + #读取配置文件 def load_config(): with open('config.yaml', 'r') as f: @@ -41,15 +43,18 @@ def load_config(): return app_name,github_token,tgbot_token,tgbot_group_id elif int(config['all_config']['tgbot'][0].split(":")[1]) == 0 and int(config['all_config']['server'][0].split(":")[1]) == 0 and int(config['all_config']['dingding'][0].split(":")[1]) == 0: print("[-] 配置文件有误,三个社交软件的enable不能为0") + logging.error("[-] 配置文件有误,三个社交软件的enable不能为0") github_headers = { 'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new } + #初始化创建数据库 def create_database(): conn = sqlite3.connect('data.db') print("create_database 函数 连接数据库成功!") + logging.info("create_database 函数 连接数据库成功!") cur = conn.cursor() try: cur.execute('''CREATE TABLE IF NOT EXISTS cve_monitor @@ -57,15 +62,24 @@ def create_database(): pushed_at varchar(255), cve_url varchar(255));''') print("成功创建CVE监控表") + logging.info('成功创建CVE监控表') cur.execute('''CREATE TABLE IF NOT EXISTS redteam_tools_monitor (tools_name varchar(255), pushed_at varchar(255), tag_name varchar(255));''') print("成功创建红队工具监控表") + logging.info('成功创建红队工具监控表') except Exception as e: print("创建cve监控表失败!报错:{}".format(e)) + logging.error("创建cve监控表失败!报错:{}".format(e)) conn.commit() # 数据库存储在硬盘上需要commit 存储在内存中的数据库不需要 conn.close() + if load_config()[0] == "dingding": + dingding("test", "连接成功", load_config()[2], load_config()[3]) + elif load_config()[0] == "server": + server("test", "连接成功", load_config()[2]) + elif load_config()[0] == "tgbot": + tgbot("test", "连接成功", load_config()[2], load_config()[3]) # 根据排序获取本年前20条CVE def getNews(): try: @@ -84,7 +98,9 @@ def getNews(): # today_cve_info_tmp.append({"cve_name": cve_name, "cve_url": cve_url, "pushed_at": pushed_at}) if pushed_at == str(today_date): today_cve_info_tmp.append({"cve_name":cve_name,"cve_url":cve_url,"pushed_at":pushed_at}) - # print(today_cve_info) + else: + print("该{}的更新时间为{},不属于今天的CVE".format(cve_name,pushed_at)) + logging.info("该{}的更新时间为{},不属于今天的CVE".format(cve_name,pushed_at)) today_cve_info = OrderedDict() for item in today_cve_info_tmp: today_cve_info.setdefault(item['cve_name'], {**item, }) @@ -96,20 +112,23 @@ def getNews(): except Exception as e: print(e, "github链接不通") + logging.error(e, "github链接不通") return '', '', '' #获取到的CVE信息插入到数据库 def cve_insert_into_sqlite3(data): conn = sqlite3.connect('data.db') print("cve_insert_into_sqlite3 函数 打开数据库成功!") + logging.info("cve_insert_into_sqlite3 函数 打开数据库成功!") cur = conn.cursor() for i in range(len(data)): try: cve_name = re.findall('(cve\-\d+\-\d+)', data[i]['cve_name'])[0].upper() cur.execute("INSERT INTO cve_monitor (cve_name,pushed_at,cve_url) VALUES ('{}', '{}', '{}')".format(cve_name, data[i]['pushed_at'], data[i]['cve_url'])) + print("cve_insert_into_sqlite3 函数: {}插入数据成功!".format(cve_name)) + logging.info("cve_insert_into_sqlite3 函数: {}插入数据成功!".format(cve_name)) except Exception as e: pass conn.commit() - print("cve_insert_into_sqlite3 函数 插入数据成功!") conn.close() #查询数据库里是否存在该CVE的方法 def query_cve_info_database(cve_name): @@ -127,19 +146,23 @@ def get_today_cve_info(today_cve_info_data): Verify = query_cve_info_database(today_cve_name.upper()) if Verify == 0: print("[+] 数据库里不存在{}".format(today_cve_name.upper())) + logging.info("[+] 数据库里不存在{}".format(today_cve_name.upper())) today_all_cve_info.append(today_cve_info_data[i]) else: print("[-] 数据库里存在{}".format(today_cve_name.upper())) + logging.info("[-] 数据库里存在{}".format(today_cve_name.upper())) return today_all_cve_info #获取红队工具信息插入到数据库 def tools_insert_into_sqlite3(data): conn = sqlite3.connect('data.db') print("tools_insert_into_sqlite3 函数 打开数据库成功!") + logging.info("tools_insert_into_sqlite3 函数 打开数据库成功!") cur = conn.cursor() for i in range(len(data)): cur.execute("INSERT INTO redteam_tools_monitor (tools_name,pushed_at,tag_name) VALUES ('{}', '{}','{}')".format(data[i]['tools_name'], data[i]['pushed_at'],data[i]['tag_name'])) + print("tools_insert_into_sqlite3 函数: {}插入数据成功!".format(format(data[i]['tools_name']))) + logging.info("tools_insert_into_sqlite3 函数: {}插入数据成功!".format(format(data[i]['tools_name']))) conn.commit() - print("tools_insert_into_sqlite3 函数 插入数据成功!") conn.close() #读取本地红队工具链接文件转换成list def load_tools_list(): @@ -179,6 +202,7 @@ def get_tools_update_list(data): today_tools_pushed_at = query_result[0] if dist['pushed_at'] != today_tools_pushed_at: print("今日获取时间: ",dist['pushed_at'],"获取数据库时间: ",today_tools_pushed_at,dist['tools_name'],"update!!!!") + logging.info("今日获取时间: ",dist['pushed_at'],"获取数据库时间: ",today_tools_pushed_at,dist['tools_name'],"update!!!!") #返回数据库里面的时间和版本 tools_update_list.append({"api_url":dist['api_url'],"pushed_at":today_tools_pushed_at,"tag_name":query_result[1]}) return tools_update_list @@ -194,6 +218,7 @@ def send_dingding(url,query_pushed_at,query_tag_name): tag_name = json_str[0]['tag_name'] print("[*] 数据库里的pushed_at -->",query_pushed_at,";;;; api的pushed_at -->",new_pushed_at) + logging.info("[*] 数据库里的pushed_at -->",query_pushed_at,";;;; api的pushed_at -->",new_pushed_at) if query_pushed_at != new_pushed_at and tag_name != query_tag_name: try: update_log = json_str[0]['body'] @@ -218,6 +243,7 @@ def send_dingding(url,query_pushed_at,query_tag_name): conn.commit() conn.close() print("[+] tools_name -->", tools_name, "pushed_at 已更新,现在pushed_at 为 -->", new_pushed_at,"tag_name 已更新,现在tag_name为 -->",tag_name) + logging.info("[+] tools_name -->", tools_name, "pushed_at 已更新,现在pushed_at 为 -->", new_pushed_at,"tag_name 已更新,现在tag_name为 -->",tag_name) else: commits_url = url + "/commits" commits_url_response_json = requests.get(commits_url).text @@ -243,6 +269,7 @@ def send_dingding(url,query_pushed_at,query_tag_name): conn.commit() conn.close() print("[+] tools_name -->",tools_name,"pushed_at 已更新,现在pushed_at 为 -->",new_pushed_at) + logging.info("[+] tools_name -->",tools_name,"pushed_at 已更新,现在pushed_at 为 -->",new_pushed_at) # return update_log, download_url, tools_version else: @@ -265,7 +292,7 @@ def send_dingding(url,query_pushed_at,query_tag_name): conn.commit() conn.close() print("[+] tools_name -->", tools_name, "pushed_at 已更新,现在pushed_at 为 -->", new_pushed_at) - + logging.info("[+] tools_name -->", tools_name, "pushed_at 已更新,现在pushed_at 为 -->", new_pushed_at) # return update_log, download_url # 创建md5对象 def nmd5(str): @@ -354,26 +381,34 @@ def sendNews(data): body = "CVE编号:" + cve_name + "\r\n" + "Github地址:" + str(data[i]['cve_url']) + "\r\n" + "CVE描述:" + "\r\n" + cve_zh if load_config()[0] == "dingding": dingding(text, body, load_config()[2], load_config()[3]) + print("钉钉 发送 CVE 成功") + logging.info("钉钉 发送 CVE 成功") elif load_config()[0] == "server": server(text, body, load_config()[2]) + print("server酱 发送 CVE 成功") + logging.info("server酱 发送 CVE 成功") elif load_config()[0] == "tgbot": tgbot(text, body, load_config()[2], load_config()[3]) - print("钉钉 发送 CVE 成功") + print("tgbot 发送 CVE 成功") + logging.info("tgbot 发送 CVE 成功") except IndexError: pass except Exception as e: - print("Program runing error:{}".format(e)) + print("sendNews 函数 error:{}".format(e)) + logging.error("sendNews 函数 error:{}".format(e)) #main函数 if __name__ == '__main__': print("cve 和 github 发布工具 监控中 ...") - try: - #初始化部分 - create_database() - tools_list = load_tools_list() - tools_data = get_pushed_at_time(tools_list) - tools_insert_into_sqlite3(tools_data) + logging.info("cve 和 github 发布工具 监控中 ...") - while True: + #初始化部分 + create_database() + tools_list = load_tools_list() + tools_data = get_pushed_at_time(tools_list) + tools_insert_into_sqlite3(tools_data) + + while True: + try: #CVE部分 cve_data = getNews() today_cve_data = get_today_cve_info(cve_data) @@ -386,5 +421,6 @@ if __name__ == '__main__': data3 = get_tools_update_list(data2) for i in range(len(data3)): send_dingding(data3[i]['api_url'],data3[i]['pushed_at'],data3[i]['tag_name']) - except Exception as e: - print("main 函数 遇到错误-->{}".format(e)) + except Exception as e: + print("main 函数 遇到错误-->{}".format(e)) + logging.error("main 函数 遇到错误-->{}".format(e)) \ No newline at end of file diff --git a/tools_list.yaml b/tools_list.yaml new file mode 100644 index 0000000..e0bad4a --- /dev/null +++ b/tools_list.yaml @@ -0,0 +1,15 @@ +tools_list: + - https://api.github.com/repos/BeichenDream/Godzilla + - https://api.github.com/repos/rebeyond/Behinder + - https://api.github.com/repos/AntSwordProject/antSword + - https://api.github.com/repos/j1anFen/shiro_attack + - https://api.github.com/repos/yhy0/ExpDemo-JavaFX + - https://api.github.com/repos/yhy0/github-cve-monitor + - https://api.github.com/repos/gentilkiwi/mimikatz + - https://api.github.com/repos/ehang-io/nps + - https://api.github.com/repos/chaitin/xray + - https://api.github.com/repos/FunnyWolf/pystinger + - https://api.github.com/repos/L-codes/Neo-reGeorg + - https://api.github.com/repos/shadow1ng/fscan + - https://api.github.com/repos/SafeGroceryStore/MDUT + - https://api.github.com/repos/EdgeSecurityTeam/Vulnerability \ No newline at end of file