[Python] 爬绿盟官网漏洞列表并存储MySQL与邮件通知

国家互联网应急中心http://www.cert.org.cn/publish/main/index.html

国家信息安全漏洞共享平台http://www.cnvd.org.cn/

国家信息安全漏洞库 http://www.cnnvd.org.cn/index.html

Seebughttps://www.seebug.org/

绿盟 http://www.nsfocus.net/index.php?act=sec_bug

China B.S.A 导航网址http://www.hackerdaohang.com/

# -*- coding: utf-8 -*-

# Define here the models for your scraped items

#

# See documentation in:

# http://doc.scrapy.org/en/latest/topics/items.html

import scrapy

class LmsafeItem(scrapy.Item):

    # define the fields for your item here like:

    # name = scrapy.Field()

    date = scrapy.Field()

    title = scrapy.Field()

    link = scrapy.Field()

# -*- coding: utf-8 -*-

import scrapy

from lmsafe.items import LmsafeItem

from scrapy.http import Request

import time,random

class SafeSpider(scrapy.Spider):

    name = 'safe'

    allowed_domains = ['nsfocus.net']

    #start_urls = ['http://nsfocus.net/']

    def start_requests(self):

      ua = {'User-Agent':'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36','Connection':'keep-alive'}

      yield Request('http://www.nsfocus.net/index.php?act=sec_bug&type_id=&os=&keyword=&page=1',headers=ua)

    def parse(self, response):

      it =  LmsafeItem()

      it['date'] = response.xpath('//ul[@class="vul_list"]/li/span/text()').extract()

      it['title'] = response.xpath('//ul[@class="vul_list"]/li/a/text()').extract()

      it['link'] = response.xpath('//ul[@class="vul_list"]/li/a/@href').extract()

      yield it

      for i in range(2,16):

        url = "http://www.nsfocus.net/index.php?act=sec_bug&type_id=&os=&keyword=&page="+str(i)          # 这个 url的话看了下就是 page变化而已

        sj = random.randint(1,5)

        time.sleep(sj)   #设置时间间隔，避免造成服务器过多压力

        yield Request(url,callback=self.parse)   #回调函数

ITEM_PIPELINES = {

    'lmsafe.pipelines.LmsafePipeline': 300,

}

create database mzh character set utf8 collate utf8_bin;

use mzh;

create table safe(sj date,title char(100) primary key,link char(200) unique) default character set utf8;

desc safe;

+-------+-----------+------+-----+---------+-------+

| Field | Type      | Null | Key | Default | Extra |

+-------+-----------+------+-----+---------+-------+

| sj    | date      | YES  |     | NULL    |       |

| title | char(200) | NO   | PRI |         |       |

| link  | char(200) | YES  | UNI | NULL    |       |

+-------+-----------+------+-----+---------+-------+

# -*- coding: utf-8 -*-

# Define your item pipelines here

#

# Don't forget to add your pipeline to the ITEM_PIPELINES setting

# See: http://doc.scrapy.org/en/latest/topics/item-pipeline.html

import pymysql

class LmsafePipeline(object):

    def process_item(self, item, spider):

      conn = pymysql.connect(host='127.0.0.1', user='root', passwd='redhat', db='mzh',port=3306,charset='utf8')

      for i in range(len(item['date'])):

        date = item['date'][i]

        title = item['title'][i]

        link = "http://www.nsfocus.net"+item['link'][i]

        sql='insert into safe(sj,title,link) values("%s","%s","%s");'%(date,title,link)

        try:

          conn.query(sql)

          conn.commit()

        except Exception as e:

          pass

      conn.close()

      return item

mysql> use mzh;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> set character_set_results=utf8;

Query OK, 0 rows affected (0.20 sec)

mysql> select * from safe

    -> ;

+------------+------------------------------------------------------------------------------------------------+-------------------------------------+

| sj         | title                                                                                          | link                                |

+------------+------------------------------------------------------------------------------------------------+-------------------------------------+

| 2017-09-25 | Samba中间人攻击安全功能绕过漏洞（CVE-2017-12151）                              | http://www.nsfocus.net/vulndb/37690 |

| 2017-09-25 | Samba中间人攻击安全功能绕过漏洞（CVE-2017-12150）                              | http://www.nsfocus.net/vulndb/37689 |

| 2017-09-22 | Cisco UCS Central Software命令注入漏洞（CVE-2017-12255）                               | http://www.nsfocus.net/vulndb/37688 |

| 2017-09-22 | Cisco Wide Area Application Services远程拒绝服务漏洞（CVE-2017-12250）              |http://www.nsfocus.net/vulndb/37687 |

| 2017-09-22 | Cisco多个产品拒绝服务漏洞（CVE-2017-6720）                                         | http://www.nsfocus.net/vulndb/37686 |

| 2017-09-22 | Cisco FindIT DLL预加载漏洞（CVE-2017-12252）                                            | http://www.nsfocus.net/vulndb/37685 |

| 2017-09-22 | Cisco AsyncOS Software远程拒绝服务漏洞（CVE-2017-12215）                             | http://www.nsfocus.net/vulndb/37684 |

| 2017-09-22 | Cisco Unified Customer Voice Portal远程权限提升漏洞（CVE-2017-12214）                | http://www.nsfocus.net/vulndb/37683 |

| 2017-09-21 | Cisco Unified Intelligence Center跨站请求伪造漏洞（CVE-2017-12254）                  | http://www.nsfocus.net/vulndb/37682 |

| 2017-09-21 | Cisco Unified Intelligence Center跨站请求伪造漏洞（CVE-2017-12253）                  | http://www.nsfocus.net/vulndb/37681 |

| 2017-09-21 | GraphicsMagick拒绝服务漏洞（CVE-2017-14504）                                          | http://www.nsfocus.net/vulndb/37680 |

| 2017-09-21 | Cisco Unified Intelligence Center跨站脚本漏洞（CVE-2017-12248）                        | http://www.nsfocus.net/vulndb/37679 |

| 2017-09-21 | ImageMagick拒绝服务漏洞（CVE-2017-14532）                                             | http://www.nsfocus.net/vulndb/37678 |

| 2017-09-21 | ImageMagick拒绝服务漏洞（CVE-2017-14528）                                             | http://www.nsfocus.net/vulndb/37677 |

| 2017-09-21 | ImageMagick拒绝服务漏洞（CVE-2017-14505）                                             | http://www.nsfocus.net/vulndb/37676 |

| 2017-09-21 | ImageMagick拒绝服务漏洞（CVE-2017-14531）                                             | http://www.nsfocus.net/vulndb/37675 |

| 2017-09-21 | ImageMagick拒绝服务漏洞（CVE-2017-14533）                                             | http://www.nsfocus.net/vulndb/37674 |

| 2017-09-21 | Apache Subversion远程代码执行漏洞（CVE-2017-9800）                                  | http://www.nsfocus.net/vulndb/37673 |

| 2017-09-20 | Apache Tomcat远程信息泄露漏洞（CVE-2017-12616）                                     | http://www.nsfocus.net/vulndb/37672 |

| 2017-09-20 | Apache Tomcat远程代码执行漏洞（CVE-2017-12615）                                     | http://www.nsfocus.net/vulndb/37671 |

#!/usr/bin/python3

# -*- coding: utf-8 -*-

from email.header import Header

import smtplib

from email.mime.multipart import MIMEMultipart

from email.mime.text import MIMEText

from email.mime.base import MIMEBase

from email.mime.image import MIMEImage

from email.utils import formatdate

import os.path

import sys

import mimetypes

import pymysql,xlsxwriter,datetime

def Excel(today,tomonth):

  begin = 2

  colour = '#660099'

  title = [u'发布时间',u'漏洞名称',u'详细URL']

  workbook = xlsxwriter.Workbook(u'%s绿盟漏洞发布.xlsx'%(today))

  worksheet = workbook.add_worksheet(tomonth)

  worksheet.set_column('A:A', 20)

  worksheet.set_column('B:B', 90)

  worksheet.set_column('C:C', 50)

  format_title = workbook.add_format()

  format_title.set_bold(1)

  format_title.set_font_color('white')

  format_title.set_bg_color(colour)

  worksheet.write_row('A1',title,format_title)

  conn = pymysql.connect(host='127.0.0.1',db='mzh',port=3306,user='root',passwd='redhat',charset='utf8')

  cur = conn.cursor()

  if int(tomonth) < 10:

    tomonth = tomonth.strip('0')

  sql = 'select DATE_FORMAT(sj,"%Y-%m-%d"),title,link from safe where month(sj) = ' + tomonth + ' order by sj desc;'

  cur.execute(sql)

  try:

    for i in cur.fetchall():

      worksheet.write('A%s'%str(begin), i[0])

      worksheet.write('B%s'%str(begin), i[1])

      worksheet.write('C%s'%str(begin), i[2])

      begin+=1

  except Exception as e:

    return False

  conn.close()

  workbook.close()

  return True

def Mail(ReplyTo,To,file_name,tomonth):

  tday=datetime.date.today().strftime('%Y/%m/%d')

  #命令 mail.py <1:发送方（回复地址）10000@qq.com> <2:发送地址，多个以;隔开> <3:发送文件>

  From = "%s<1596179xxxx@139.com>" % Header("大帅比","utf-8")

  server = smtplib.SMTP("smtp.139.com",25)

  server.login("1596179xxxx@139.com","password") #仅smtp服务器需要验证时

  #构造MIMEMultipart对象做为根容器

  main_msg = MIMEMultipart()

  #构造MIMEText对象做为邮件显示内容并附加到根容器

  text_msg = MIMEText(u"绿盟 %s月最新安全漏洞报告"%(tomonth),_charset="utf-8")          

  main_msg.attach(text_msg)

  #构造MIMEBase对象做为文件附件内容并附加到根容器

  ctype,encoding = mimetypes.guess_type(file_name)

  if ctype is None or encoding is not None:

    ctype='application/octet-stream'

  maintype,subtype = ctype.split('/',1)

  file_msg=MIMEImage(open(file_name,'rb').read(),subtype)

  #file_msg1=MIMEImage(open(file_name1,'rb').read(),subtype)

  ## 设置附件头

  basename = os.path.basename(file_name)

  file_msg.add_header('Content-Disposition','attachment', filename = basename)#修改邮件头

  main_msg.attach(file_msg)

  #basename1 = os.path.basename(file_name1)

  #file_msg1.add_header('Content-Disposition','attachment', filename = basename1)#修改邮件头

  #main_msg.attach(file_msg1)

  # 设置根容器属性

  main_msg['From'] = From

  main_msg['Reply-to'] = ReplyTo

  #main_msg['To'] = To

  main_msg['Subject'] = u"[每日更新] %s绿盟安全漏洞报告" %tday

  main_msg['Date'] = formatdate()

  #main_msg['Bcc'] = To 

  #得到格式化后的完整文本 

  fullText = main_msg.as_string( ) 

  #用smtp发送邮件 

  try: 

    server.sendmail(From, To.split(';'), fullText)

  finally: 

    server.quit()

if __name__ == '__main__':

  today = datetime.date.today().strftime('%Y-%m-%d')

  tomonth = datetime.date.today().strftime('%m')

  ReplyTo = '1596179xxxx@139.com'

  To = "6025xxxxx@qq.com"

  file_name = u"/data/shell/%s绿盟漏洞发布.xlsx"%(today)

  if Excel(today,tomonth):

    Mail(ReplyTo,To,file_name,tomonth)

30 8 * * * cd /data/lmsafe/ && scrapy crawl safe --nolog

1 9 * * * /usr/bin/python3 /data/shell/Loophole.py