MasonLiu/github-cve-monitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat 增加配置文件

Browse Source
This commit is contained in:
yhy 2021-08-27 16:54:20 +08:00
parent f6d317a73e
commit b24ef08d64
3 changed files with 83 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
config.yaml Normal file
View File

@ -0,0 +1,16 @@
all_config:
github_token: xxxxxx
dingding:
- enable:1
- webhook:xxxxxxx
- secretKey:xxxxxxx
- app_name:dingding
server:
- enable:0
- sckey:123123
- app_name:server
tgbot:
- enable:0
- token:123
- group_id:123
- app_name:tgbot

52
github_cve_monitor.py
View File

@ -16,10 +16,12 @@ import hashlib
import yaml import yaml
from lxml import etree from lxml import etree
import sqlite3 import sqlite3
import logging
today_cve_info_tmp = [] today_cve_info_tmp = []
tools_update_list = [] tools_update_list = []
logging.basicConfig(level=logging.DEBUG, filename='run_info.log')
#读取配置文件 #读取配置文件
def load_config(): def load_config():
with open('config.yaml', 'r') as f: with open('config.yaml', 'r') as f:
@ -41,15 +43,18 @@ def load_config():
return app_name,github_token,tgbot_token,tgbot_group_id return app_name,github_token,tgbot_token,tgbot_group_id
elif int(config['all_config']['tgbot'][0].split(":")[1]) == 0 and int(config['all_config']['server'][0].split(":")[1]) == 0 and int(config['all_config']['dingding'][0].split(":")[1]) == 0: elif int(config['all_config']['tgbot'][0].split(":")[1]) == 0 and int(config['all_config']['server'][0].split(":")[1]) == 0 and int(config['all_config']['dingding'][0].split(":")[1]) == 0:
print("[-] 配置文件有误三个社交软件的enable不能为0") print("[-] 配置文件有误三个社交软件的enable不能为0")
logging.error("[-] 配置文件有误三个社交软件的enable不能为0")
github_headers = { github_headers = {
'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new 'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new
} }
#初始化创建数据库 #初始化创建数据库
def create_database(): def create_database():
conn = sqlite3.connect('data.db') conn = sqlite3.connect('data.db')
print("create_database 函数 连接数据库成功!") print("create_database 函数 连接数据库成功!")
logging.info("create_database 函数 连接数据库成功!")
cur = conn.cursor() cur = conn.cursor()
try: try:
cur.execute('''CREATE TABLE IF NOT EXISTS cve_monitor cur.execute('''CREATE TABLE IF NOT EXISTS cve_monitor
@ -57,15 +62,24 @@ def create_database():
pushed_at varchar(255), pushed_at varchar(255),
cve_url varchar(255));''') cve_url varchar(255));''')
print("成功创建CVE监控表") print("成功创建CVE监控表")
logging.info('成功创建CVE监控表')
cur.execute('''CREATE TABLE IF NOT EXISTS redteam_tools_monitor cur.execute('''CREATE TABLE IF NOT EXISTS redteam_tools_monitor
(tools_name varchar(255), (tools_name varchar(255),
pushed_at varchar(255), pushed_at varchar(255),
tag_name varchar(255));''') tag_name varchar(255));''')
print("成功创建红队工具监控表") print("成功创建红队工具监控表")
logging.info('成功创建红队工具监控表')
except Exception as e: except Exception as e:
print("创建cve监控表失败报错{}".format(e)) print("创建cve监控表失败报错{}".format(e))
logging.error("创建cve监控表失败报错{}".format(e))
conn.commit() # 数据库存储在硬盘上需要commit 存储在内存中的数据库不需要 conn.commit() # 数据库存储在硬盘上需要commit 存储在内存中的数据库不需要
conn.close() conn.close()
if load_config()[0] == "dingding":
dingding("test", "连接成功", load_config()[2], load_config()[3])
elif load_config()[0] == "server":
server("test", "连接成功", load_config()[2])
elif load_config()[0] == "tgbot":
tgbot("test", "连接成功", load_config()[2], load_config()[3])
# 根据排序获取本年前20条CVE # 根据排序获取本年前20条CVE
def getNews(): def getNews():
try: try:
@ -84,7 +98,9 @@ def getNews():
# today_cve_info_tmp.append({"cve_name": cve_name, "cve_url": cve_url, "pushed_at": pushed_at}) # today_cve_info_tmp.append({"cve_name": cve_name, "cve_url": cve_url, "pushed_at": pushed_at})
if pushed_at == str(today_date): if pushed_at == str(today_date):
today_cve_info_tmp.append({"cve_name":cve_name,"cve_url":cve_url,"pushed_at":pushed_at}) today_cve_info_tmp.append({"cve_name":cve_name,"cve_url":cve_url,"pushed_at":pushed_at})
# print(today_cve_info) else:
print("{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at))
logging.info("{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at))
today_cve_info = OrderedDict() today_cve_info = OrderedDict()
for item in today_cve_info_tmp: for item in today_cve_info_tmp:
today_cve_info.setdefault(item['cve_name'], {**item, }) today_cve_info.setdefault(item['cve_name'], {**item, })
@ -96,20 +112,23 @@ def getNews():
except Exception as e: except Exception as e:
print(e, "github链接不通") print(e, "github链接不通")
logging.error(e, "github链接不通")
return '', '', '' return '', '', ''
#获取到的CVE信息插入到数据库 #获取到的CVE信息插入到数据库
def cve_insert_into_sqlite3(data): def cve_insert_into_sqlite3(data):
conn = sqlite3.connect('data.db') conn = sqlite3.connect('data.db')
print("cve_insert_into_sqlite3 函数 打开数据库成功!") print("cve_insert_into_sqlite3 函数 打开数据库成功!")
logging.info("cve_insert_into_sqlite3 函数 打开数据库成功!")
cur = conn.cursor() cur = conn.cursor()
for i in range(len(data)): for i in range(len(data)):
try: try:
cve_name = re.findall('(cve\-\d+\-\d+)', data[i]['cve_name'])[0].upper() cve_name = re.findall('(cve\-\d+\-\d+)', data[i]['cve_name'])[0].upper()
cur.execute("INSERT INTO cve_monitor (cve_name,pushed_at,cve_url) VALUES ('{}', '{}', '{}')".format(cve_name, data[i]['pushed_at'], data[i]['cve_url'])) cur.execute("INSERT INTO cve_monitor (cve_name,pushed_at,cve_url) VALUES ('{}', '{}', '{}')".format(cve_name, data[i]['pushed_at'], data[i]['cve_url']))
print("cve_insert_into_sqlite3 函数: {}插入数据成功!".format(cve_name))
logging.info("cve_insert_into_sqlite3 函数: {}插入数据成功!".format(cve_name))
except Exception as e: except Exception as e:
pass pass
conn.commit() conn.commit()
print("cve_insert_into_sqlite3 函数 插入数据成功!")
conn.close() conn.close()
#查询数据库里是否存在该CVE的方法 #查询数据库里是否存在该CVE的方法
def query_cve_info_database(cve_name): def query_cve_info_database(cve_name):
@ -127,19 +146,23 @@ def get_today_cve_info(today_cve_info_data):
Verify = query_cve_info_database(today_cve_name.upper()) Verify = query_cve_info_database(today_cve_name.upper())
if Verify == 0: if Verify == 0:
print("[+] 数据库里不存在{}".format(today_cve_name.upper())) print("[+] 数据库里不存在{}".format(today_cve_name.upper()))
logging.info("[+] 数据库里不存在{}".format(today_cve_name.upper()))
today_all_cve_info.append(today_cve_info_data[i]) today_all_cve_info.append(today_cve_info_data[i])
else: else:
print("[-] 数据库里存在{}".format(today_cve_name.upper())) print("[-] 数据库里存在{}".format(today_cve_name.upper()))
logging.info("[-] 数据库里存在{}".format(today_cve_name.upper()))
return today_all_cve_info return today_all_cve_info
#获取红队工具信息插入到数据库 #获取红队工具信息插入到数据库
def tools_insert_into_sqlite3(data): def tools_insert_into_sqlite3(data):
conn = sqlite3.connect('data.db') conn = sqlite3.connect('data.db')
print("tools_insert_into_sqlite3 函数 打开数据库成功!") print("tools_insert_into_sqlite3 函数 打开数据库成功!")
logging.info("tools_insert_into_sqlite3 函数 打开数据库成功!")
cur = conn.cursor() cur = conn.cursor()
for i in range(len(data)): for i in range(len(data)):
cur.execute("INSERT INTO redteam_tools_monitor (tools_name,pushed_at,tag_name) VALUES ('{}', '{}','{}')".format(data[i]['tools_name'], data[i]['pushed_at'],data[i]['tag_name'])) cur.execute("INSERT INTO redteam_tools_monitor (tools_name,pushed_at,tag_name) VALUES ('{}', '{}','{}')".format(data[i]['tools_name'], data[i]['pushed_at'],data[i]['tag_name']))
print("tools_insert_into_sqlite3 函数: {}插入数据成功!".format(format(data[i]['tools_name'])))
logging.info("tools_insert_into_sqlite3 函数: {}插入数据成功!".format(format(data[i]['tools_name'])))
conn.commit() conn.commit()
print("tools_insert_into_sqlite3 函数 插入数据成功!")
conn.close() conn.close()
#读取本地红队工具链接文件转换成list #读取本地红队工具链接文件转换成list
def load_tools_list(): def load_tools_list():
@ -179,6 +202,7 @@ def get_tools_update_list(data):
today_tools_pushed_at = query_result[0] today_tools_pushed_at = query_result[0]
if dist['pushed_at'] != today_tools_pushed_at: if dist['pushed_at'] != today_tools_pushed_at:
print("今日获取时间: ",dist['pushed_at'],"获取数据库时间: ",today_tools_pushed_at,dist['tools_name'],"update!!!!") print("今日获取时间: ",dist['pushed_at'],"获取数据库时间: ",today_tools_pushed_at,dist['tools_name'],"update!!!!")
logging.info("今日获取时间: ",dist['pushed_at'],"获取数据库时间: ",today_tools_pushed_at,dist['tools_name'],"update!!!!")
#返回数据库里面的时间和版本 #返回数据库里面的时间和版本
tools_update_list.append({"api_url":dist['api_url'],"pushed_at":today_tools_pushed_at,"tag_name":query_result[1]}) tools_update_list.append({"api_url":dist['api_url'],"pushed_at":today_tools_pushed_at,"tag_name":query_result[1]})
return tools_update_list return tools_update_list
@ -194,6 +218,7 @@ def send_dingding(url,query_pushed_at,query_tag_name):
tag_name = json_str[0]['tag_name'] tag_name = json_str[0]['tag_name']
print("[*] 数据库里的pushed_at -->",query_pushed_at,";;;; api的pushed_at -->",new_pushed_at) print("[*] 数据库里的pushed_at -->",query_pushed_at,";;;; api的pushed_at -->",new_pushed_at)
logging.info("[*] 数据库里的pushed_at -->",query_pushed_at,";;;; api的pushed_at -->",new_pushed_at)
if query_pushed_at != new_pushed_at and tag_name != query_tag_name: if query_pushed_at != new_pushed_at and tag_name != query_tag_name:
try: try:
update_log = json_str[0]['body'] update_log = json_str[0]['body']
@ -218,6 +243,7 @@ def send_dingding(url,query_pushed_at,query_tag_name):
conn.commit() conn.commit()
conn.close() conn.close()
print("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at,"tag_name 已更新现在tag_name为 -->",tag_name) print("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at,"tag_name 已更新现在tag_name为 -->",tag_name)
logging.info("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at,"tag_name 已更新现在tag_name为 -->",tag_name)
else: else:
commits_url = url + "/commits" commits_url = url + "/commits"
commits_url_response_json = requests.get(commits_url).text commits_url_response_json = requests.get(commits_url).text
@ -243,6 +269,7 @@ def send_dingding(url,query_pushed_at,query_tag_name):
conn.commit() conn.commit()
conn.close() conn.close()
print("[+] tools_name -->",tools_name,"pushed_at 已更新现在pushed_at 为 -->",new_pushed_at) print("[+] tools_name -->",tools_name,"pushed_at 已更新现在pushed_at 为 -->",new_pushed_at)
logging.info("[+] tools_name -->",tools_name,"pushed_at 已更新现在pushed_at 为 -->",new_pushed_at)
# return update_log, download_url, tools_version # return update_log, download_url, tools_version
else: else:
@ -265,7 +292,7 @@ def send_dingding(url,query_pushed_at,query_tag_name):
conn.commit() conn.commit()
conn.close() conn.close()
print("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at) print("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at)
logging.info("[+] tools_name -->", tools_name, "pushed_at 已更新现在pushed_at 为 -->", new_pushed_at)
# return update_log, download_url # return update_log, download_url
# 创建md5对象 # 创建md5对象
def nmd5(str): def nmd5(str):
@ -354,19 +381,26 @@ def sendNews(data):
body = "CVE编号" + cve_name + "\r\n" + "Github地址" + str(data[i]['cve_url']) + "\r\n" + "CVE描述" + "\r\n" + cve_zh body = "CVE编号" + cve_name + "\r\n" + "Github地址" + str(data[i]['cve_url']) + "\r\n" + "CVE描述" + "\r\n" + cve_zh
if load_config()[0] == "dingding": if load_config()[0] == "dingding":
dingding(text, body, load_config()[2], load_config()[3]) dingding(text, body, load_config()[2], load_config()[3])
print("钉钉 发送 CVE 成功")
logging.info("钉钉 发送 CVE 成功")
elif load_config()[0] == "server": elif load_config()[0] == "server":
server(text, body, load_config()[2]) server(text, body, load_config()[2])
print("server酱 发送 CVE 成功")
logging.info("server酱 发送 CVE 成功")
elif load_config()[0] == "tgbot": elif load_config()[0] == "tgbot":
tgbot(text, body, load_config()[2], load_config()[3]) tgbot(text, body, load_config()[2], load_config()[3])
print("钉钉 发送 CVE 成功") print("tgbot 发送 CVE 成功")
logging.info("tgbot 发送 CVE 成功")
except IndexError: except IndexError:
pass pass
except Exception as e: except Exception as e:
print("Program runing error:{}".format(e)) print("sendNews 函数 error:{}".format(e))
logging.error("sendNews 函数 error:{}".format(e))
#main函数 #main函数
if __name__ == '__main__': if __name__ == '__main__':
print("cve 和 github 发布工具 监控中 ...") print("cve 和 github 发布工具 监控中 ...")
try: logging.info("cve 和 github 发布工具 监控中 ...")
#初始化部分 #初始化部分
create_database() create_database()
tools_list = load_tools_list() tools_list = load_tools_list()
@ -374,6 +408,7 @@ if __name__ == '__main__':
tools_insert_into_sqlite3(tools_data) tools_insert_into_sqlite3(tools_data)
while True: while True:
try:
#CVE部分 #CVE部分
cve_data = getNews() cve_data = getNews()
today_cve_data = get_today_cve_info(cve_data) today_cve_data = get_today_cve_info(cve_data)
@ -388,3 +423,4 @@ if __name__ == '__main__':
send_dingding(data3[i]['api_url'],data3[i]['pushed_at'],data3[i]['tag_name']) send_dingding(data3[i]['api_url'],data3[i]['pushed_at'],data3[i]['tag_name'])
except Exception as e: except Exception as e:
print("main 函数 遇到错误-->{}".format(e)) print("main 函数 遇到错误-->{}".format(e))
logging.error("main 函数 遇到错误-->{}".format(e))

15
tools_list.yaml Normal file
View File

@ -0,0 +1,15 @@
tools_list:
- https://api.github.com/repos/BeichenDream/Godzilla
- https://api.github.com/repos/rebeyond/Behinder
- https://api.github.com/repos/AntSwordProject/antSword
- https://api.github.com/repos/j1anFen/shiro_attack
- https://api.github.com/repos/yhy0/ExpDemo-JavaFX
- https://api.github.com/repos/yhy0/github-cve-monitor
- https://api.github.com/repos/gentilkiwi/mimikatz
- https://api.github.com/repos/ehang-io/nps
- https://api.github.com/repos/chaitin/xray
- https://api.github.com/repos/FunnyWolf/pystinger
- https://api.github.com/repos/L-codes/Neo-reGeorg
- https://api.github.com/repos/shadow1ng/fscan
- https://api.github.com/repos/SafeGroceryStore/MDUT
- https://api.github.com/repos/EdgeSecurityTeam/Vulnerability