Merge pull request #22 from wuyoukm/patch-11

增加黑名单功能,防止恶意批量创建CVE导致CVE推送误报
This commit is contained in:
yhy 2021-09-03 16:13:23 +08:00 committed by GitHub
commit f61ffdde72
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -49,6 +49,12 @@ github_headers = {
'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new 'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new
} }
#读取黑名单用户
def black_user():
with open('config.yaml', 'r') as f:
config = yaml.load(f, Loader=yaml.FullLoader)
black_user = config['all_config']['black_user']
return black_user
#初始化创建数据库 #初始化创建数据库
def create_database(): def create_database():
@ -93,6 +99,7 @@ def getNews():
today_date = datetime.date.today() today_date = datetime.date.today()
for i in range(20): for i in range(20):
cve_url = json_str['items'][i]['html_url'] cve_url = json_str['items'][i]['html_url']
if cve_url.split("/")[-2] not in black_user():
try: try:
cve_name_tmp = json_str['items'][i]['name'].upper() cve_name_tmp = json_str['items'][i]['name'].upper()
cve_name = re.findall('(CVE\-\d+\-\d+)', cve_name_tmp)[0].upper() cve_name = re.findall('(CVE\-\d+\-\d+)', cve_name_tmp)[0].upper()
@ -107,6 +114,8 @@ def getNews():
else: else:
print("[-] 该{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at)) print("[-] 该{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at))
logging.info("[-] 该{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at)) logging.info("[-] 该{}的更新时间为{}不属于今天的CVE".format(cve_name,pushed_at))
else:
logging.info("{},属于黑名单用户{}提交的CVE".format(cve_name,cve_url.split("/")[-2]))
today_cve_info = OrderedDict() today_cve_info = OrderedDict()
for item in today_cve_info_tmp: for item in today_cve_info_tmp:
today_cve_info.setdefault(item['cve_name'], {**item, }) today_cve_info.setdefault(item['cve_name'], {**item, })