Skip to content

Commit

Permalink
update V2.0
Browse files Browse the repository at this point in the history
  • Loading branch information
ry4nnnn committed Mar 6, 2024
1 parent 5516451 commit 1674469
Show file tree
Hide file tree
Showing 34 changed files with 411 additions and 638 deletions.
176 changes: 97 additions & 79 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
![Github stars](https://img.shields.io/github/stars/leesinz/crush.svg)

## CRUSH是一款漏洞监控工具,用来爬取历史数据并获取每日更新
## CRUSH是一款漏洞监控工具,用来监控每日漏洞更新并通过邮件推送

```
Expand All @@ -15,19 +15,21 @@ a8" "" 88P' "Y8 88 88 I8[ "" 88P' "8a
```
## 功能
## 🎯功能

* [x] 爬取exploit-db历史数据并监控更新
* [x] 爬取seebug漏洞库历史数据并监控更新
* [x] 监控metasploit每日更新
* [x] 监控vulhub每日更新
* [x] 监控github每日更新
* [x] github历史poc存档
* [x] exploit-db历史poc存档
* [x] 每日更新数据通过邮件推送
* [ ] ~~代码优化-----能跑就行 : )~~
监控多个漏洞平台每日更新,将数据存储到本地数据库,并通过邮件进行推送。

## 安装
### 漏洞源

* [x] Exploit-db
* [x] Vulhub
* [x] Github
* [x] Seebug
* [x] Metasploit
* [x] 0day.today(V2.0新增)
* [x] PacketStorm(V2.0新增)

## 🪄安装

工具只能在linux上运行,建议为海外VPS,防止出现github等连接不通的情况。

Expand All @@ -44,43 +46,41 @@ go build
./crush or go run main.go
```

## 配置
## 🔧配置

#### config.yml
#### config.yaml

```yaml
database:
db_username: "" // 数据库 username
db_password: "" // 数据库 password
name: "" // 数据库名
db_port: 3306
db_username: "root"
db_password: "password"
name: "db_name"

github:
github_token: ghp_xxx // github token,利用 token 提高 API 访问次数
start_year: 2018 # from CVE-[start_year] // 如果爬取 GitHub 信息,指从 start_year 开始爬取
end_year: 2023 # till CVE-[end_year] // 如果爬取 GitHub 信息,指爬取到 end_year 为止
poc_dir: "/root/vul_info/github/" // github 上爬取到的 poc 保存地址
blacklist: // github 用户黑名单
- xxx
github_token: ghp_xxx
blacklist:
- aaa
- bbb

msf:
msf_dir: "/root/vul_info/msf/" // metasploit git clone 到本地的地址
#the folder used for git pull msf
msf_dir: "/root/vul_info/msf/"

vulhub:
vulhub_dir: "/root/vul_info/vulhub/" // vulhub git clone 到本地的地址

exploitdb:
exploitdb_dir: "/root/vul_info/exploitdb/" // exploit-db poc 本地存放地址

email: // 推送邮件配置
smtp_server: smtp.163.com // smtp 服务器地址
smtp_port: 25 // smtp 端口
username: // 发件人用户名
password: // 发件人密码(授权码)
from: // 发件人用户名
to: // 收件人列表
- test1@163.com
- test2@163.com
#the folder used for git pull vulhub
vulhub_dir: "/root/vul_info/vulhub/"

email:
smtp_server: smtp.163.com
smtp_port: 25
username: test@163.com
#授权码,不是邮箱密码
password: xxxxxxxx
from: test@163.com
to:
- test1@xxx.com
- test2@xxx.com

```

Expand Down Expand Up @@ -120,100 +120,118 @@ Google Chrome 121.0.6167.139

##### 环境配置

config.yml&&go环境&&mysql环境&&google-chrome配置
- go环境
- mysql环境
- config.yaml配置
- google-chrome配置

##### go run main.go init
配置完成后即可开始使用。

初次使用时,先使用 init 参数,进行历史数据爬取,数据库创建等操作
![image-20240306100930140](assets/image-20240306100930140.png)

![image-20240201165636642](assets/image-20240201165636642.png)
##### 初始化

##### 导入github和seebug历史db数据
初次使用时,先使用 init 参数,进行数据库创建,msf&vulhub的本地git pull等操作。

github和seebug由于反爬或api速率限制,进行全量历史信息爬取速度较慢,.sql文件在sql文件夹下,直接导入即可,语句如下:
`go run main.go init`

mysql -u username -p database_name < /path/to/your/file.sql
![image-20240306101027776](assets/image-20240306101027776.png)

##### go run main.go monitor
##### 更新监控

后续直接使用 monitor 参数即可,会监控每天更新内容并通过邮件进行推送
在完成初始化后,后续使用monitor参数监控更新即可,会通过邮件将更新内容进行推送

![image-20240201171922551](assets/image-20240201171922551.png)
`go run main.go monitor`

![image-20240306101404474](assets/image-20240306101404474.png)

**crontab请自行配置,代码中未设置定时任务或循环等。**

## 匹配逻辑
例如:

`0 9 * * * cd /root/crush/src && /usr/local/go/bin/go run main.go monitor`

会在每天9点推送前一天的更新内容。

##### 导入历史数据(可选)

在V2.0版本中不再爬取历史数据,如果需要历史数据,可以直接通过.sql文件(存放在sql文件夹下)将历史数据导入数据库。

**exploit_db.sql,seebug_db.sql为全量历史数据,github_db.sql为2018至今的CVE数据,每个CVE最多五条。**

以exploit-db为例,命令如下:

`mysql -u username -p database_name < exploit_db.sql`

## 💡匹配逻辑

#### github

![image-20240201144746994](assets/image-20240201144746994.png)
![Drawing2024-02-01 14.36.27.excalidraw](assets/Drawing2024-02-01 14.36.27.excalidraw.png)

#### metasploit&vulhub

![image-20240124120435006](assets/image-20240124120435006.png)

## Else...

#### 历史poc数据
#### else

**exploit-db**
其他几个漏洞平台匹配逻辑类似,直接访问exploit页面,进行日期匹配,并且解析poc,cve等等信息写入数据库。

爬取历史poc时速率太快会被封,截止2024-1-31所有历史poc数据已爬取打包到pocs目录下。
## 😎运行演示

**github**
#### 邮件模板

github api访问有速率限制,爬取了CVE-2018-2023的历史数据,经过筛选处理后,存档到本地,详见pocs目录。
![image-20240306103108572](assets/image-20240306103108572.png)

#### 运行结果示例
在V1.0的基础上新增了两个漏洞源,github部分格式保留,防止同一个CVE有多个不同POC时影响观感,其他数据源的漏洞名称加上了超链接,点击即可跳转到漏洞POC网站,更加方便。

![image-20240201153344545](assets/image-20240201153344545.png)
#### 数据库结构

#### 数据库结构展示
##### exploit-db

**exploit-db**
包含了edb官网存储的所有属性值:

![image-20240201155206379](assets/image-20240201155206379.png)
![image-20240306103449636](assets/image-20240306103449636.png)

**github**
##### github

![image-20240201155455928](assets/image-20240201155455928.png)
存储了CVE编号,nvd官网的漏洞描述,CVSS2,CVSS3,CNA评分,更新时间以及poc地址:

**seebug**
![image-20240306103541496](assets/image-20240306103541496.png)

![image-20240201155548821](assets/image-20240201155548821.png)
##### seebug

存储了官网ID,提交时间,漏洞严重程度,漏洞名称,CVE号以及是否有POC:

![image-20240306103707659](assets/image-20240306103707659.png)

#### poc结构展示
##### 0day.today

**exploit-db**
存储了官网ID,漏洞名称,CVE号,POC地址等信息:

数字即为漏洞编号,与官网、数据库中相对应。
![image-20240306103833045](assets/image-20240306103833045.png)

![image-20240201161617848](assets/image-20240201161617848.png)
##### packetstorm

**github**
存储了官网ID,名称,CVE号,POC地址以及漏洞描述等等:

github poc文件夹名称为CVE号,并且以作者名命名不超过5个子文件夹来保存poc信息。
![image-20240306103940175](assets/image-20240306103940175.png)

![image-20240201161856442](assets/image-20240201161856442.png)

## 鸣谢
## 🎉鸣谢

感谢以下优秀的项目:

[github_cve_monitor](https://github.com/yhy0/github-cve-monitor)

## 免责声明
## 🕵️免责声明

本工具仅能在取得足够合法授权的企业安全建设中使用,在使用本工具过程中,您应确保自己所有行为符合当地的法律法规。
如您在使用本工具的过程中存在任何非法行为,您将自行承担所有后果,本工具所有开发者和所有贡献者不承担任何法律及连带责任。
除非您已充分阅读、完全理解并接受本协议所有条款,否则,请您不要安装并使用本工具。
您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。

## Star History

[![Star History Chart](https://api.star-history.com/svg?repos=leesinz/crush&type=Date)](https://star-history.com/#leesinz/crush&Date)
## ⭐Star History

[![Star History Chart](https://api.star-history.com/svg?repos=leesinz/crush&type=Date)](

![qrcode](assets/qrcode.jpg)
Binary file added assets/Drawing2024-02-01 14.36.27.excalidraw.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306100930140.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306101027776.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306101404474.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103108572.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103449636.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103541496.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103707659.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103833045.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added assets/image-20240306103940175.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed pocs/edb_poc.tar.gz
Binary file not shown.
2 changes: 0 additions & 2 deletions pocs/github_poc.txt

This file was deleted.

62 changes: 62 additions & 0 deletions sql/exploit_db.sql

Large diffs are not rendered by default.

56 changes: 56 additions & 0 deletions sql/github_db.sql

Large diffs are not rendered by default.

59 changes: 59 additions & 0 deletions sql/seebug_db.sql

Large diffs are not rendered by default.

14 changes: 1 addition & 13 deletions src/config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,34 +11,22 @@ var configPath = filepath.Join(getConfigDir(), "config", "config.yaml")

type Config struct {
Database struct {
DBPort int `yaml:"db_port"`
DBUsername string `yaml:"db_username"`
DBPassword string `yaml:"db_password"`
Name string `yaml:"name"`
}
Github struct {
GithubToken string `yaml:"github_token"`
BlacklistUser []string `yaml:"blacklist"`
StartYear int `yaml:"start_year"`
EndYear int `yaml:"end_year"`
PocDir string `yaml:"poc_dir"`
}

MSF struct {
MsfDir string `yaml:"msf_dir"`
}

Vulhub struct {
VulhubDir string `yaml:"vulhub_dir"`
}

Exploitdb struct {
ExploitdbDir string `yaml:"exploitdb_dir"`
}

PacketStorm struct {
PacketstormDir string `yaml:"packetstorm_dir"`
}

Email struct {
SMTP_SERVER string `yaml:"smtp_server"`
SMTP_PORT string `yaml:"smtp_port"`
Expand Down
37 changes: 16 additions & 21 deletions src/config/config.yaml
Original file line number Diff line number Diff line change
@@ -1,35 +1,30 @@
database:
db_username: ""
db_password: ""
name: ""
db_port: 3306
db_username: "root"
db_password: "password"
name: "db_name"

github:
github_token:
start_year: 2018 #from CVE-[start_year]
end_year: 2023 #till CVE-[end_year]
poc_dir: ""
github_token: ghp_xxx
blacklist:
- xxx
- aaa
- bbb

msf:
msf_dir: ""
#the folder used for git pull msf
msf_dir: "/root/vul_info/msf/"

vulhub:
vulhub_dir: ""

exploitdb:
exploitdb_dir: ""

packetstorm:
packetstorm_dir: ""
#the folder used for git pull vulhub
vulhub_dir: "/root/vul_info/vulhub/"

email:
smtp_server: smtp.163.com
smtp_port: 25
username:
password:
from:
username: test@163.com
#授权码,不是邮箱密码
password: xxxxxxxx
from: test@163.com
to:
- test1
- test2
- test1@xxx.com
- test2@xxx.com
Loading

0 comments on commit 1674469

Please sign in to comment.