[置顶] 使用Python获取每天最新CVE漏洞信息，通过邮件进行预警发送（二）

上一篇文章提到了将CVE漏洞信息保存至数据库，但是如果还想对每天发生了什么情报进行邮件通知的话，就需要再增加功能了。本文在上一篇文章中增加了发送邮件功能。

#coding=utf8
# author:曝光黑客的那些小伎俩
# mail:sqlsec@foxmail.com
from bs4 import BeautifulSoup
import requests
import re
import pymysql
import smtplib
from email.mime.text import MIMEText
from email.header import Header

mail_host = "xxxxxxxxxx.com"
mail_user = "xx@xx.com"
mail_pass = "xxxxxxx"

sender = "xxxxxxx@xx.com"
receivers = ['xxx@xx.com','xx1@xx.com','sqlsec@xxx.com']

mail_msg = """ """

headers = {}
headers["User-Agent"] = "Mozilla/5.0 (Windows NT 5.2) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30"
headers["Accept"] = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
headers["Accept-Language"] = "zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3"
headers["Accept-Encoding"] = "gzip, deflate"
headers["Upgrade-Insecure-Requests"] = "1"

def getStr(content, start, end):#写一个函数获取网页某个范围的源码
startIndex = content.index(start)
if startIndex >= 0:
startIndex += len(start)
endIndex = content.index(end)
#print(endIndex)
#print(content[startIndex:endIndex])
return content[startIndex:endIndex]

def getCVES():# 获取最新到CVE链接，返回链接的列表
try:
url = 'https://cassandra.cerias.purdue.edu/CVE_changes/today.html'
res = requests.get(url, headers=headers, timeout=60)
CVEList_html = getStr(res.text, 'New entries:', 'Graduations')
soup = BeautifulSoup(CVEList_html, 'html.parser')
list = []
for a in soup.find_all('a'):
uri = a["href"]
list.append(uri)
#print(a['href'])
#print(a.string)
return list
except Exception as e:
print(e)

def getCVEDetail(list):
global mail_msg
try:
db = pymysql.connect("1.1.1.1","test","123456","table")
print("连接数据库成功！")
cursor = db.cursor()
print("开始采集漏洞信息入库！")
for uri in list:
print(uri)
res = requests.get(uri,headers=headers,timeout=60)
soup = BeautifulSoup(res.text,"html.parser")
CVE_ID = str(soup.find(nowrap="nowrap").find("h2").string)
table = soup.find(id = "GeneratedTable
999c
").find("table")
Description = table.find_all("tr")[3].find("td").string
Assigning_CNA = table.find_all("tr")[8].find("td").string
Data_Entry_Created = table.find_all("tr")[10].find("b").string
s = res.text
ss = getStr(s,"References","Assigning CNA")
urls=re.findall(r"<a.*?href=.*?<\/a>",ss,re.I)
Reference = []
for i in urls[1:]:
Reference.append(i.split(">")[1].split("<")[0])
Reference_url = ",".join(Reference)
args = (CVE_ID,Description,Assigning_CNA,Data_Entry_Created,Reference_url)
sql = '''INSERT INTO spider_infos(cve_id,vul_detail,Assigning_CNA,vul_date,ref_url) VALUES ("%s","%s","%s","%s","%s")''' % (CVE_ID,Description,Assigning_CNA,Data_Entry_Created,Reference_url)
try:
cursor.execute(sql)
db.commit()
except:
db.rollback()
mail_msg = mail_msg + """<p>CVE编号：%s</p><p>日期：%s</p><p>漏洞描述：%s</p><p>参考链接：%s</p>""" %(CVE_ID,Data_Entry_Created,Description,Reference_url)
print("漏洞数据采集成功！")
message = MIMEText(mail_msg, 'html', 'utf-8')
message['From'] = Header("CVE漏洞情报采集系统", 'utf-8')
message['To'] =  Header("XX情报组", 'utf-8')
subject = 'CVE漏洞情报信息'
message['Subject'] = Header(subject, 'utf-8')
try:
smtpObj = smtplib.SMTP()
smtpObj.connect(mail_host, 25)
smtpObj.login(mail_user,mail_pass)
smtpObj.sendmail(sender, receivers, message.as_string())
print("邮件发送成功")
except smtplib.SMTPException:
print("Error: 无法发送邮件")
db.close()
except Exception as e:
print(str(e))

if __name__ == "__main__":
getCVEDetail(getCVES())

运行效果图如下：



数据库内容如下：



邮件如下：



当然了，代码实际上还是可以继续优化。