无需服务器的GitHub实时漏洞利用工具监听器，目前支持微信/TG推送，中文版 Github-CVE-Listener

原创

用户4073486

发布于 2023-01-02 21:08:58

7690

发布于 2023-01-02 21:08:58

文章被收录于专栏：996技术站

推荐理由：无需服务器的GitHub实时漏洞利用工具监听器，目前支持微信/TG推送，中文版(，) Github-CVE-Listener，Get latest CVE EXP/POC from GitHub in WeChat!，Tips，The Program runs with Github Actions, no need to use your own server，Chinese Version，Usage，preparations，GitHub，fork my repo，Sign up or log into your GitHub account and click the "fork" button on the page，After that, a repo with

适用人群：漏洞

推荐指数：31

项目名称：Github-CVE-Listener

996station正文分割线=================================

Github-CVE-Listener

 _______   ________  _________  ___   ___  __  __   _______                                                   /______/\ /_______/\/________/\/__/\ /__/\/_/\/_/\/_______/\                                                  \::::__\/_\__.::._\/\__.::.__\/\::\ \\  \ \:\ \:\ \::: _  \ \                                                  \:\ /____/\ \::\ \    \::\ \   \::\/_\ .\ \:\ \:\ \::(_)  \/_                                                  \:\\_  _\/ _\::\ \__  \::\ \   \:: ___::\ \:\ \:\ \::  _  \ \                                                  \:\_\ \ \/__\::\__/\  \::\ \   \: \ \\::\ \:\_\:\ \::(_)  \ \                                                  \_____\/\________\/   \__\/    \__\/ \::\/\_____\/\_______\/                                               ______  __   __  ______       __        ________  ______  _________  ______  ___   __   ______  ______       /_____/\/_/\ /_/\/_____/\     /_/\      /_______/\/_____/\/________/\/_____/\/__/\ /__/\/_____/\/_____/\      \:::__\/\:\ \\ \ \::::_\/_    \:\ \     \__.::._\/\::::_\/\__.::.__\/\::::_\/\::\_\\  \ \::::_\/\:::_ \ \      \:\ \  _\:\ \\ \ \:\/___/\    \:\ \       \::\ \  \:\/___/\ \::\ \   \:\/___/\:. `-\  \ \:\/___/\:(_) ) )_     \:\ \/_/\:\_/.:\ \::___\/_    \:\ \____  _\::\ \__\_::._\:\ \::\ \   \::___\/\:. _    \ \::___\/\: __ `\ \     \:\_\ \ \ ..::/ /\:\____/\    \:\/___/\/__\::\__/\ /____\:\ \::\ \   \:\____/\. \`-\  \ \:\____/\ \ `\ \ \     \_____\/\___/_(  \_____\/     \_____\/\________\/ \_____\/  \__\/    \_____\/\__\/ \__\/\_____\/\_\/ \_\/

Get latest CVE EXP/POC from GitHub in WeChat!

Tips

The Program runs with Github Actions, no need to use your own server
Chinese Version Usage
preparations
- GitHub
  - fork my repo Sign up or log into your GitHub account and click the "fork" button on the page
  Fork
  After that, a repo with the same name will show up in your account. Follow the steps below in your repository
  - Create a new GitHub Personal Access Token 1）Go to the New Token Page 2）Set note to GH_TOKEN , select "repo"，set expiration to no expiration，click Generate token ，and remember to COPY AND SAVE your token Attention! Once you leave the page, you won`t able to see your token any more!
  Fork
  - Create a new repository secret
    1. Go to Setting -> Secrets -> New repository secret，Create 6 secrets：GH_TOKEN SCKEY TOTAL_COUNT OPTION TG_CHAT_ID TG_TOKEN Don`t create the secrets you don`t need
    2. Update the values The value of OPTION: 1 for pushing to WeChat, 2 for using Telegram bot, 3 for using all of them The value of GH_TOKEN: Your GitHub Personal Access Token The value of TOTAL_COUNT: 0
      - If you want to sent message to WeChat The value of SCKEY: Your SendKey If you are using multiple SendKeys, please include them all in the value of the secret,separated by commas and without any line breaks or leading/trailing commas. For example: key1,key2,key3,...
      - If you want to sent message to Telegram The value of TG_CHAT_ID: Your ID or the group`s ID The value of TG_TOKEN: The bot`s token
    No spaces or line breaks is allowed at either the start or the end
  Secret
  - WeChat ”Server-Chan“
  - Log in Notice: If the QR Code doesn`t load, try to open the image in a new tab
  image
  - Copy your SendKey for later use
  SendKey
  - Telegram Bot
  - Get Your ID
  - Get Your Token
Run the program
- Go to the Action Tab，Click the green button（I understand my workflow...) in the middle
image
- After refreshing the page，you`ll see a workflow called CVE-Monitor.
- Select the CVE-Monitor workflow，You`ll see a notice（this schedule was disabled......）
image
- Press enable workflow button （If you didn`t experience the problem, just ignore what I`ve just said = = ）
- Click star twice to start the workflow
- Go to Action tab -> CVE-Monitor workflow -> build -> Monitor CVE You`ll see the logs of each workflow run, just check if there`re any errors
- Normally, you`ll receive a message now
- Last，if the program functioned correctly, secret TOTAL_COUNT should be updated

Other info

The workflow is currently configured to run every 10 minutes，if you want to change that，go to AutoRun.yml, be sure to read the GitHub Docs. Attention! Actions schedules run at most every 5 minutes.
Tip: GitHub will tell you the meaning of the schedule expression while you are changing it