CVE Slack Bot

more personal alert stuff

• added commands to list the alerts you have set for products and vendors
• added commands to remove yourself from the alert list of a vendor or product
• some other background cleanup stuff

Changelog (ive decided to use this for the final devlog lmao)

• can now remove alerts. added checks for blanks in commands that change the db
• added commands to list alerts (hopefully works in prod)

dm notifications work!

this was a pita

• fought with mysql a bunch because it just doesnt like to work
• had to write functions to check for product and vendor notifs in the database, and then had to make sure there were no repeats
• had to re structure some stuff so i could have a proper socket mode slackbot in addition to the normal cve scanning

its been a minute

• Fought with slack blocks to make the formatting nicer.
• Switched from cron job to just using the python schedule library
• wrote a maybe functional dockerfile for it (havent had time to test yet, will tomorrow

Making an installer for a program is really hard apparently lol.
I started by writing it in python, then decided to switch to bash for some reason I can’t remember now.
I started with the basic logic (whats your bot token, what channel), and then moved on to installing dependencies. Apparently this is kind of annoying to do in an automated capacity, and doesn’t like to be consistent.
Things I had to fix and work around:

• Some distros don’t have Python Venv installed, had to add that to the installer
• Had to fix the apt command several times
• Echo doesn’t support formatting, had to change to printf
• Had to fix a pip requirement I missed
• Had to fix the .env file creator like 3 times (I needed to use ai for this, sorry)
• Had to fix the crontab creator twice (also needed ai help with this)

Moral of the story is that I don’t know what I’m doing in bash and I should’ve just made the thing in python.
Also because the fastest way I can get the new versions of the installer to my linux machine was to commit them to github, there are like 10 extra commits from this madness.

updated the readme, fixed a bunch of bugs. Added proper and nice formatting to the messages. Attached the slack part to the main script, so it is now in a functional state. Updated the readme with install instructions, despite them being mostly useless to other people, because the slack channel is currently not configurable. I think my next task is to make a nice-ish installer, so people can run it themselves. (even though I also plan to add dm notifications in the future as well)
(sorry for no photo of bot working, need to get back to working on this, aswell as annoying install things I fixed)

Made the CVE parser and maybe have a functional change scanner. I literally have to wait for a new critical CVE to get published to test it though.
I rewrote the slack part of it to let me just send messages whenever.
The part that checks for new CVEs is pretty simple. It checks if there is any difference between the stored previous list, and the current list. It then checks how many new CVEs there are by looking for the old first CVE in the new list. It then gets all the data from the new CVEs, and posts them to slack. This is all in theory as I can’t really test it until a new critical CVE is published.
Also the CVE data extraction hasn’t been implemented yet. I’m almost finished, but I want to format it with nice markdown.

Got the setup done for the slack bot. I found a source that provided CVE data in a very simple format, literally just json directly from a webpage. (its json.securityvulnerability.io. the root url there also has more interesting CVE stuff)
I started on the logic that pulls the CVE data and checks if it has changed. My current plan is to use cronjob and check every 20 minutes. Currently I’m working on finding the total number of changes in the cve list.
Also because Python is Python, the requests module outputs the json as a string, with single quotes. That’s technically not allowed, and as such the json module doesn’t work on it. So I store json in plaintext and parse it as a dict. Also I discovered ast.literal_eval and its amazing.