Merge pull request #22 from wuyoukm/patch-11
增加黑名单功能,防止恶意批量创建CVE导致CVE推送误报
This commit is contained in:
commit
f61ffdde72
@ -49,6 +49,12 @@ github_headers = {
|
||||
'Authorization': "token {}".format(load_config()[1]) # 替换自己的github token https://github.com/settings/tokens/new
|
||||
}
|
||||
|
||||
#读取黑名单用户
|
||||
def black_user():
|
||||
with open('config.yaml', 'r') as f:
|
||||
config = yaml.load(f, Loader=yaml.FullLoader)
|
||||
black_user = config['all_config']['black_user']
|
||||
return black_user
|
||||
|
||||
#初始化创建数据库
|
||||
def create_database():
|
||||
@ -93,6 +99,7 @@ def getNews():
|
||||
today_date = datetime.date.today()
|
||||
for i in range(20):
|
||||
cve_url = json_str['items'][i]['html_url']
|
||||
if cve_url.split("/")[-2] not in black_user():
|
||||
try:
|
||||
cve_name_tmp = json_str['items'][i]['name'].upper()
|
||||
cve_name = re.findall('(CVE\-\d+\-\d+)', cve_name_tmp)[0].upper()
|
||||
@ -107,6 +114,8 @@ def getNews():
|
||||
else:
|
||||
print("[-] 该{}的更新时间为{},不属于今天的CVE".format(cve_name,pushed_at))
|
||||
logging.info("[-] 该{}的更新时间为{},不属于今天的CVE".format(cve_name,pushed_at))
|
||||
else:
|
||||
logging.info("该{},属于黑名单用户{}提交的CVE".format(cve_name,cve_url.split("/")[-2]))
|
||||
today_cve_info = OrderedDict()
|
||||
for item in today_cve_info_tmp:
|
||||
today_cve_info.setdefault(item['cve_name'], {**item, })
|
||||
|
Loading…
Reference in New Issue
Block a user