def GithubMonitor():
try:
headers = {
'Accept-Encoding':
'gzip, deflate',
'Accept':
'*/*',
'User-Agent':
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36",
}
GitCveApi = requests.get(
"https://api.github.com/search/repositories?q=" +
github_cve_monitor_key + "&sort=updated&order=desc",
headers=headers,
timeout=10)
GitCveApiJson = json.loads(GitCveApi.text)
DataExtraction = GitCveApiJson["items"]
for i in DataExtraction:
GithubId = i["id"]
Name = i["name"]
HtmlUrl = i["html_url"]
Created = i["created_at"]
Updated = i["updated_at"]
Pushed = i["pushed_at"]
ForksCount = i["forks_count"]
WatchersCount = i["watchers_count"]
GithubCveSekect = ClassCongregation.GithubCveApi(
id=GithubId,
name=Name,
html_url=HtmlUrl,
created_at=Created,
updated_at=Updated,
pushed_at=Pushed,
forks_count=ForksCount,
watchers_count=WatchersCount).Judgment() #先查询数据库
if GithubCveSekect:
ClassCongregation.GithubCveApi(
id=GithubId,
name=Name,
html_url=HtmlUrl,
created_at=Created,
updated_at=Updated,
pushed_at=Pushed,
forks_count=ForksCount,
watchers_count=WatchersCount).Update() #如果存在就更新
else:
ClassCongregation.GithubCveApi(
id=GithubId,
name=Name,
html_url=HtmlUrl,
created_at=Created,
updated_at=Updated,
pushed_at=Pushed,
forks_count=ForksCount,
watchers_count=WatchersCount).Write() #如果不存在就写入
except Exception as e:
ClassCongregation.ErrorLog().Write(
"Web_CommonVulnerabilitiesAndExposuresMonitor_VulnerabilityUtilizationMonitoring_Github_GithubMonitor(def)",
e)
def GithubMonitor():
try:
headers = {
'Accept-Encoding':
'gzip, deflate',
'Accept':
'*/*',
'User-Agent':
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36",
}
GitCveApi = requests.get(
"https://api.github.com/search/repositories?q=CVE-&sort=updated&order=desc",
headers=headers,
timeout=10)
con = GitCveApi.text
GitCveApiJson = json.loads(con)
DataExtraction = GitCveApiJson["items"]
for i in DataExtraction:
GithubCveSekect = ClassCongregation.GithubCveApi(
i).Judgment() #先查询数据库
if GithubCveSekect:
ClassCongregation.GithubCveApi(i).Update(
str(int(time.time()))) #如果存在就更新
else:
ClassCongregation.GithubCveApi(i).Write() #如果不存在就写入
#写完后对数据进行分析
except Exception as e:
ClassCongregation.ErrorLog().Write(
"Web_CommonVulnerabilityDetection_GithubMonitor(def)", e)
async def GithubCveApiSend():
CveGroupMessage = ""
CveEmailMessage = ""
try:
headers = {
'Accept-Encoding':
'gzip, deflate',
'Accept':
'*/*',
'User-Agent':
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Safari/537.36",
}
GitCveApi = requests.get(
"https://api.github.com/search/repositories?q=CVE-20&sort=updated&order=desc",
headers=headers,
timeout=10)
con = GitCveApi.text
GitCveApiJson = json.loads(con)
DataExtraction = GitCveApiJson["items"]
for i in DataExtraction:
GithubCveSekect = ClassCongregation.GithubCveApi(
i).Sekect() #先查询数据库
if GithubCveSekect:
ClassCongregation.GithubCveApi(i).Update(int(
time.time())) #如果存在就更新
else:
ClassCongregation.GithubCveApi(i).Write() #如果不存在就写入
#写完后对数据进行分析
GithubProjectCreatedTime = i["created_at"] #github项目创建时间
GithubProjectCreatedDate, cccccc = GithubProjectCreatedTime.strip(
"Z").split("T") #对数据分割
GithubProjectCreatedYear, GithubProjectCreatedMonth, GithubProjectCreatedDay = GithubProjectCreatedDate.split(
"-") #对日期分割
#获取美国时间,因为github项目创建是基于美国时间的
data = int(time.time())
data = datetime.utcfromtimestamp(data)
utc_tz = timezone('UTC')
data = data.replace(tzinfo=utc_tz)
USDate, aaaa = str(data.astimezone(
timezone('US/Eastern'))).split(" ")
AmericanTimeYear, AmericanTimeMonth, AmericanTimeDay = USDate.split(
"-")
#判断是不是当天创建的项目
if GithubProjectCreatedYear == AmericanTimeYear and AmericanTimeMonth == GithubProjectCreatedMonth:
#LocaltimeHour = time.localtime(time.time()).tm_hour#获取当前小时
cve_list.append(i) #发送到列表中
for cve in cve_list: #如果不是就对容器封装然后发送给群
regular_match_results = re.search(r'CVE-\d{4,4}-\d{4,10}',
str(cve["name"]), re.I)
if regular_match_results != None:
CveGroupMessage = CveGroupMessage + "项目名称:" + str(
cve["name"]) + "\r\n" + "项目地址:" + str(
cve["html_url"]) + "\r"
if config.bot_email_send: # 判断是否开启该功能
for cve_email in cve_list: #用于发送给邮箱的数据
CveEmailMessage = CveEmailMessage + "项目名称:" + str(
cve_email["name"]
) + "<br>" + "项目地址:" + str(
cve_email["html_url"]
) + "<br>" + "使用项目前请验证准确性,谨防钓鱼[CQ:emoji,id=128153]" + "<br>"
cve_list.clear() #接着清空容器
if len(CveGroupMessage) > 10:
for group_monitor_id in config.monitor_group_list:
await bot.send_group_msg(
group_id=group_monitor_id,
message='[CQ:emoji,id=127918]来自莎酱最新CVE推送,请查收瞄~\r\n' +
CveGroupMessage + "\r\n" +
"使用项目前请验证准确性,谨防钓鱼[CQ:emoji,id=128153]\r\n") # 对管理的群发送
if len(CveEmailMessage) > 10:
SendEamil(CveEmailMessage)
except:
pass
