A slack bot that will post high risk CVEs to a slack channel.
Some Github Copilot for help with some more advanced JSON processing, and for help with some bash magic in the installer. I don’t like relying on it, but it works.
This was admittedly more work than expected. I had to find a parseable CVE source, and had to fight with Slacks SDK. I learned a bunch about slack bots, that I am using for more personal projects, and learned about the suffering that is building an installer for a program. And this was a simple installer too.
I may update this in the future, with features like DM support, but that’s the future, and I want to work on other things right now.
Making an installer for a program is really hard apparently lol.
I started by writing it in python, then decided to switch to bash for some reason I can’t remember now.
I started with the basic logic (whats your bot token, what channel), and then moved on to installing dependencies. Apparently this is kind of annoying to do in an automated capacity, and doesn’t like to be consistent.
Things I had to fix and work around:
Moral of the story is that I don’t know what I’m doing in bash and I should’ve just made the thing in python.
Also because the fastest way I can get the new versions of the installer to my linux machine was to commit them to github, there are like 10 extra commits from this madness.
Log in to leave a comment
Wait
The photo of it working didn’t upload. Sorry everyone, the bot works check the slack channel listed in the demo
updated the readme, fixed a bunch of bugs. Added proper and nice formatting to the messages. Attached the slack part to the main script, so it is now in a functional state. Updated the readme with install instructions, despite them being mostly useless to other people, because the slack channel is currently not configurable. I think my next task is to make a nice-ish installer, so people can run it themselves. (even though I also plan to add dm notifications in the future as well)
(sorry for no photo of bot working, need to get back to working on this, aswell as annoying install things I fixed)
Log in to leave a comment
Made the CVE parser and maybe have a functional change scanner. I literally have to wait for a new critical CVE to get published to test it though.
I rewrote the slack part of it to let me just send messages whenever.
The part that checks for new CVEs is pretty simple. It checks if there is any difference between the stored previous list, and the current list. It then checks how many new CVEs there are by looking for the old first CVE in the new list. It then gets all the data from the new CVEs, and posts them to slack. This is all in theory as I can’t really test it until a new critical CVE is published.
Also the CVE data extraction hasn’t been implemented yet. I’m almost finished, but I want to format it with nice markdown.
Log in to leave a comment
Got the setup done for the slack bot. I found a source that provided CVE data in a very simple format, literally just json directly from a webpage. (its json.securityvulnerability.io. the root url there also has more interesting CVE stuff)
I started on the logic that pulls the CVE data and checks if it has changed. My current plan is to use cronjob and check every 20 minutes. Currently I’m working on finding the total number of changes in the cve list.
Also because Python is Python, the requests module outputs the json as a string, with single quotes. That’s technically not allowed, and as such the json module doesn’t work on it. So I store json in plaintext and parse it as a dict. Also I discovered ast.literal_eval and its amazing.
Log in to leave a comment