From 225b3311896d3272cf0849a35be18be4252ad72d Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 22:53:56 +0800
Subject: [PATCH 1/9] Update config.yaml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

添加飞书推送
---
 config.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/config.yaml b/config.yaml
index 9e9db42..71a609b 100644
--- a/config.yaml
+++ b/config.yaml
@@ -1,10 +1,14 @@
 all_config:
  github_token: xxxxxx
  dingding:
-   - enable: 1
+   - enable: 0
    - webhook: xxxxxxx
    - secretKey: xxxxxxx
    - app_name: dingding
+ feishu:
+   - enable: 1
+   - webhook: xxx
+   - app_name: feishu
  server:
    - enable: 0
    - sckey: 123123

From 9d5bacf616d335894beb8110d9b000e95881407a Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 22:55:39 +0800
Subject: [PATCH 2/9] Update github_cve_monitor.py
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

添加飞书捷径推送
---
 github_cve_monitor.py | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/github_cve_monitor.py b/github_cve_monitor.py
index ac76f2f..2c56d74 100644
--- a/github_cve_monitor.py
+++ b/github_cve_monitor.py
@@ -3,7 +3,7 @@
 # @Author : yhy&ddm&w4ter
 
 # 每3分钟检测一次githu
-# 是否有新的cve漏洞提交记录，若有则通过server酱和钉钉机器人推送（二者配置一个即可）
+# 是否有新的cve漏洞提交记录，若有则通过server酱和钉钉机器人推送,飞书捷径推送（二者配置一个即可）
 # 建议使用screen命令运行在自己的linux vps后台上，就可以愉快的接收各种cve了
 
 # https://my.oschina.net/u/4581868/blog/4380482
@@ -28,6 +28,10 @@ def load_config():
             dingding_secretKey = config['all_config']['dingding'][2]['secretKey']
             app_name = config['all_config']['dingding'][3]['app_name']
             return app_name,github_token,dingding_webhook,dingding_secretKey
+        elif int(config['all_config']['feishu'][0]['enable']) == 1:
+            feishu_webhook = config['all_config']['feishu'][1]['webhook']
+            app_name = config['all_config']['feishu'][2]['app_name']
+            return app_name,github_token,feishu_webhook,feishu_webhook
         elif int(config['all_config']['server'][0]['enable']) == 1:
             server_sckey = config['all_config']['server'][1]['sckey']
             app_name = config['all_config']['server'][2]['app_name']
@@ -37,7 +41,7 @@ def load_config():
             tgbot_group_id = config['all_config']['tgbot'][2]['group_id']
             app_name = config['all_config']['tgbot'][3]['app_name']
             return app_name,github_token,tgbot_token,tgbot_group_id
-        elif int(config['all_config']['tgbot'][0]['enable']) == 0 and int(config['all_config']['server'][0]['enable']) == 0 and int(config['all_config']['dingding'][0]['enable']) == 0:
+        elif int(config['all_config']['tgbot'][0]['enable']) == 0 and int(config['all_config']['feishu'][0]['enable']) == 0 and int(config['all_config']['server'][0]['enable']) == 0 and int(config['all_config']['dingding'][0]['enable']) == 0:
             print("[-] 配置文件有误，三个社交软件的enable不能为0")
 
 github_headers = {
@@ -277,6 +281,8 @@ def send_body(url,query_pushed_at,query_tag_name):
                 body = "工具名称：" + tools_name + "\r\n" + "更新详情地址：" + download_url + "\r\n" + "commit更新日志：" + "\r\n" + update_log
                 if load_config()[0] == "dingding":
                     dingding(text, body,load_config()[2],load_config()[3])
+                elif load_config()[0] == "feishu":
+                    feishu(text,body,load_config()[2])
                 elif load_config()[0] == "server":
                     server(text, body,load_config()[2])
                 elif load_config()[0] == "tgbot":
@@ -301,6 +307,8 @@ def send_body(url,query_pushed_at,query_tag_name):
             body = "工具名称：" + tools_name + "\r\n" + "工具地址：" + download_url + "\r\n" + "commit更新日志：" + "\r\n" + update_log
             if load_config()[0] == "dingding":
                 dingding(text, body, load_config()[2], load_config()[3])
+            elif load_config()[0] == "feishu":
+                feishu(text,body,load_config[2])
             elif load_config()[0] == "server":
                 server(text, body, load_config()[2])
             elif load_config()[0] == "tgbot":
@@ -371,6 +379,10 @@ def translate(word):
 def dingding(text, msg,webhook,secretKey):
     ding = cb.DingtalkChatbot(webhook, secret=secretKey)
     ding.send_text(msg='{}\r\n{}'.format(text, msg), is_at_all=False)
+## 飞书
+def feishu(text,msg,webhook):
+    ding = cb.DingtalkChatbot(webhook)
+    ding.send_text(msg='{}\r\n{}'.format(text, msg), is_at_all=False)
 # server酱  http://sc.ftqq.com/?c=code
 def server(text, msg,sckey):
     try:
@@ -422,6 +434,9 @@ def sendNews(data):
                 if load_config()[0] == "dingding":
                     dingding(text, body, load_config()[2], load_config()[3])
                     print("钉钉 发送 CVE 成功")
+                elif load_config()[0] == "feishu":
+                    feishu(text, body, load_config()[2])
+                    print("飞书 发送 CVE 成功")
                 elif load_config()[0] == "server":
                     server(text, body, load_config()[2])
                     print("server酱 发送 CVE 成功")

From 1ef0ee27a3466124fa2296848c74a2512b40bbf8 Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 23:03:17 +0800
Subject: [PATCH 4/9] Update README.md
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

添加飞书捷径通知，可以发给自己也可以发给群里
---
 README.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/README.md b/README.md
index 9b5c042..20380be 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,17 @@
 
 ## 更新
 
+
+#### 添加飞书捷径推送
+飞书工作台  - 飞书捷径 -webhook
+![image](https://user-images.githubusercontent.com/29257678/136410980-302be028-3817-447c-9bad-e3d63045060d.png)
+![image](https://user-images.githubusercontent.com/29257678/136411130-217a2ae4-c422-48a4-8866-944176120087.png)
+> 配置和测试效果
+![image](https://user-images.githubusercontent.com/29257678/136411286-99c2e4db-0d8a-4b61-8613-96e3ebad8e44.png)
+![image](https://user-images.githubusercontent.com/29257678/136411333-0f233245-5c4e-40f4-8a59-e0baef6f1d2b.png)
+![Uploading image.png…]()
+
+
 [修复钉钉通知小bug](https://github.com/yhy0/github-cve-monitor/issues/4)，修复cve编号推送错误
 
 >钉钉通知的话，有个安全设置，通过添加加签发送消息，双击，右键复制

From fcc52cf2746b27c612a090f258caaec0002d714a Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 23:05:00 +0800
Subject: [PATCH 5/9] Update README.md

---
 README.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 20380be..f0a7d2a 100644
--- a/README.md
+++ b/README.md
@@ -4,13 +4,16 @@
 
 
 #### 添加飞书捷径推送
-飞书工作台  - 飞书捷径 -webhook
+> 飞书工作台  - 飞书捷径 -webhook
+
+
 ![image](https://user-images.githubusercontent.com/29257678/136410980-302be028-3817-447c-9bad-e3d63045060d.png)
 ![image](https://user-images.githubusercontent.com/29257678/136411130-217a2ae4-c422-48a4-8866-944176120087.png)
 > 配置和测试效果
+
+
 ![image](https://user-images.githubusercontent.com/29257678/136411286-99c2e4db-0d8a-4b61-8613-96e3ebad8e44.png)
 ![image](https://user-images.githubusercontent.com/29257678/136411333-0f233245-5c4e-40f4-8a59-e0baef6f1d2b.png)
-![Uploading image.png…]()
 
 
 [修复钉钉通知小bug](https://github.com/yhy0/github-cve-monitor/issues/4)，修复cve编号推送错误

From 271d31dbfef3828096ad6a25abd031590453dfc2 Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 23:09:10 +0800
Subject: [PATCH 6/9] Update github_cve_monitor.py

---
 github_cve_monitor.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/github_cve_monitor.py b/github_cve_monitor.py
index 2c56d74..89b24d2 100644
--- a/github_cve_monitor.py
+++ b/github_cve_monitor.py
@@ -42,7 +42,7 @@ def load_config():
             app_name = config['all_config']['tgbot'][3]['app_name']
             return app_name,github_token,tgbot_token,tgbot_group_id
         elif int(config['all_config']['tgbot'][0]['enable']) == 0 and int(config['all_config']['feishu'][0]['enable']) == 0 and int(config['all_config']['server'][0]['enable']) == 0 and int(config['all_config']['dingding'][0]['enable']) == 0:
-            print("[-] 配置文件有误，三个社交软件的enable不能为0")
+            print("[-] 配置文件有误，四个社交软件的enable不能为0")
 
 github_headers = {
     'Authorization': "token {}".format(load_config()[1])  # 替换自己的github token     https://github.com/settings/tokens/new

From 22f6edfdc3d9f92f967e1bf75dc37cbd38a9833b Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 23:15:36 +0800
Subject: [PATCH 7/9] Update README.md
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

更新了飞书捷径配置
---
 README.md | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index f0a7d2a..6d369bb 100644
--- a/README.md
+++ b/README.md
@@ -8,12 +8,22 @@
 
 
 ![image](https://user-images.githubusercontent.com/29257678/136410980-302be028-3817-447c-9bad-e3d63045060d.png)
-![image](https://user-images.githubusercontent.com/29257678/136411130-217a2ae4-c422-48a4-8866-944176120087.png)
-> 配置和测试效果
-
-
+注意参数这里：
+![image](https://user-images.githubusercontent.com/29257678/136413189-f393dfa2-4874-4fea-b8be-7b5892d65fcf.png)
+添加下列json信息
+```php
+{"at":{},"msgtype":"text","text":{"content":"有新的CVE送达！\r\nCVE编号：CVE-2021-41773\r\nGithub地址：https://github.com/iilegacyyii/PoC-CVE-2021-41773\r\nCVE描述：\r\n在Apache HTTP Server 2.4.49的路径规范化更改中发现了一个缺陷。攻击者可以使用路径遍历攻击将url映射到预期文档根之外的文件。如果文档根目录之外的文件没有被“require all denied”保护，这些请求就可以成功。此外，这个缺陷可能会泄露解释文件(如CGI脚本)的源代码。众所周知，这个问题是在野外被利用的。此问题仅影响Apache 2.4.49，不影响Apache 2.4.49之前的版本。"}}
+```
 ![image](https://user-images.githubusercontent.com/29257678/136411286-99c2e4db-0d8a-4b61-8613-96e3ebad8e44.png)
-![image](https://user-images.githubusercontent.com/29257678/136411333-0f233245-5c4e-40f4-8a59-e0baef6f1d2b.png)
+
+> 选择json里面的模块
+
+
+![image](https://user-images.githubusercontent.com/29257678/136413413-48417c13-285d-47ff-9fba-c78bed592430.png)
+
+> 查看效果
+
+![image](https://user-images.githubusercontent.com/29257678/136413553-48c2100b-8f2d-4f81-8b8b-74351bde0456.png)
 
 
 [修复钉钉通知小bug](https://github.com/yhy0/github-cve-monitor/issues/4)，修复cve编号推送错误

From 75fdccccfa01fae386701784e543d72c8f943e9a Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Thu, 7 Oct 2021 23:16:49 +0800
Subject: [PATCH 8/9] Update README.md

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6d369bb..e0e87df 100644
--- a/README.md
+++ b/README.md
@@ -9,11 +9,13 @@
 
 ![image](https://user-images.githubusercontent.com/29257678/136410980-302be028-3817-447c-9bad-e3d63045060d.png)
 注意参数这里：
-![image](https://user-images.githubusercontent.com/29257678/136413189-f393dfa2-4874-4fea-b8be-7b5892d65fcf.png)
 添加下列json信息
 ```php
 {"at":{},"msgtype":"text","text":{"content":"有新的CVE送达！\r\nCVE编号：CVE-2021-41773\r\nGithub地址：https://github.com/iilegacyyii/PoC-CVE-2021-41773\r\nCVE描述：\r\n在Apache HTTP Server 2.4.49的路径规范化更改中发现了一个缺陷。攻击者可以使用路径遍历攻击将url映射到预期文档根之外的文件。如果文档根目录之外的文件没有被“require all denied”保护，这些请求就可以成功。此外，这个缺陷可能会泄露解释文件(如CGI脚本)的源代码。众所周知，这个问题是在野外被利用的。此问题仅影响Apache 2.4.49，不影响Apache 2.4.49之前的版本。"}}
 ```
+
+![image](https://user-images.githubusercontent.com/29257678/136413189-f393dfa2-4874-4fea-b8be-7b5892d65fcf.png)
+
 ![image](https://user-images.githubusercontent.com/29257678/136411286-99c2e4db-0d8a-4b61-8613-96e3ebad8e44.png)
 
 > 选择json里面的模块

From 0bbcb8269571192689e0b225d16d28d05c7e963d Mon Sep 17 00:00:00 2001
From: sodme <beige576@gmail.com>
Date: Sat, 16 Oct 2021 16:22:40 +0800
Subject: [PATCH 9/9] =?UTF-8?q?python=E4=BE=9D=E8=B5=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

python依赖
---
 requirements.txt | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 requirements.txt

diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..d79ca1f
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,4 @@
+requests
+dingtalkchatbot
+pyyaml
+lxml