Python instance sharing: quickly find the file that is being hung

  • 2020-04-02 13:44:45
  • OfStack

Train of thought

The implementation needs to prepare an uninfected copy of the source code and a potentially infected copy of the source code, and then run the following script to find out exactly which files were killed.

Among them, it is mainly based on comparing the md5 value of the two files to filter the files that may be hung (specifically, the files that should be modified).

Python scripts


__author__ = 'Flying'
#coding:utf-8
#Date:2014.6.5
# Detect modified files 
import os,sys,hashlib,datetime
global_DirOld = ""
global_DirNew = ""
global_FilesList = []
# Enter the file path to compare 
def InputDirPath():
    global global_DirOld,global_DirNew
    global_DirOld = unicode(raw_input(" Please enter the directory where the backup files are located: "),"utf-8")
    while not os.path.exists(global_DirOld):
        print  u" The specified path does not exist. Please enter it again "
        global_DirOld = unicode(raw_input(" Please enter the directory where the backup files are located: "),"utf-8")
    global_DirNew = unicode(raw_input(" Please enter the directory of the file to be detected: "),"utf-8")
    while not os.path.exists(global_DirNew):
        print  u" The specified path does not exist. Please enter it again "
        global_DirNew = unicode(raw_input(" Please enter the directory of the file to be detected: "),"utf-8")
# Save the data to a file 
def SaveToFile(filePath,content):
    try:
        f = open(filePath,"a+")
        f.write(content.encode("utf-8") + "n")
        f.close()
    except Exception,ex:
        print "Error:" + str(ex)
# Computational file MD5 value 
def CalcMD5(filepath):
    try:
        # Open in binary form 
        with open(filepath,'rb') as f:
            md5obj = hashlib.md5()
            md5obj.update(f.read())
            hash = md5obj.hexdigest()
            return hash
    except Exception,ex:
        print "Error:" + str(ex)
        return None
# Walk through all the files in the directory 
def GetAllSubFiles():
    global global_FilesList
    for dir in os.walk(global_DirNew):
        for file in dir[2]:
            filePath = dir[0] + os.sep + file
            global_FilesList.append(filePath[len(global_DirNew)+1:])
# List new and changed files 
def ListChangedFiles():
    global global_DirOld,global_DirNew,global_FilesList
    print u" Documents changed or added: "
    for file in global_FilesList:
        filePathOld = global_DirOld + os.sep + file
        filePathNew = global_DirNew + os.sep + file
        if not os.path.exists(filePathOld) or CalcMD5(filePathOld)!=CalcMD5(filePathNew):
            content = "[" + datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')+ "]" + filePathNew
            print content
            SaveToFile("ChangedFiles.txt",content)
if __name__=="__main__":
    InputDirPath()
    GetAllSubFiles()
    ListChangedFiles()

Script execution result

< img border = 0 id = theimg onclick = window. The open this. (SRC) SRC = "/ / files.jb51.net/file_images/article/201406/20146893616956.png? 20145893629 ">
 


Related articles: