一个简单的文件完整性hash验证脚本
#!/usr/bin/env python # -*- coding: utf-8 -*- import os import hashlib import json #网站目录所有文件列表 path_list=[] #静态文件可以不做hash效验 White_list=['.js','.jpg','.png','.html','.htm'] def GetFile(path): for dirpath, dirnames, filenames in os.walk(path): for dirname in dirnames: dir=os.path.join(dirpath, dirname) #print dir path_list.append(dir) for filename in filenames: file=os.path.join(dirpath, filename) if os.path.splitext(file)[1] not in White_list: #print file path_list.append(file) return path_list #使用文件迭代器,循环获取数据 def md5sum(file): m=hashlib.md5() if os.path.isfile(file): f=open(file,'rb') for line in f: m.update(line) f.close else: m.update(file) return (m.hexdigest()) def Get_md5result(webpath): pathlist=GetFile(webpath) md5_file={} for file in pathlist: md5_file[file]=md5sum(file) json_data=json.dumps(md5_file) fileObject = open('result.json', 'w') fileObject.write(json_data) fileObject.close() def load_data(json_file): model={} with open(json_file,'r') as json_file: model=json.load(json_file) return model def Analysis_dicts(dict1,dict2): keys1 = dict1.keys() keys2 = dict2.keys() ret1 = [ i for i in keys1 if i not in keys2] ret2 = [ i for i in keys2 if i not in keys1] print u"可能被删除的文件有:" for i in ret1: print i print u"新增的文件有:" for i in ret2: print i print u"可能被篡改的文件有:" ret3=list((set(keys1).union(set(keys2)))^(set(keys1)^set(keys2))) for key in ret3: if key in keys1 and key in keys2: if dict1[key] == dict2[key]: pass else: print key if __name__ == '__main__': webpath = raw_input("Please enter your web physical path, for example, c:\wwww]. ").lower() Get_md5result(webpath) dict2=load_data("result.json") methodselect= raw_input("[?] Check the integrity of the file: [Y]es or [N]O (Y/N): ").lower() if methodselect == 'y': file=raw_input("Please enter the hash file path to be compared: ").lower() dict1=load_data(file) Analysis_dicts(dict1,dict2) elif methodselect == 'n': exit()
关于我:一个网络安全爱好者,致力于分享原创高质量干货,欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。
