一个简单的文件完整性hash验证脚本
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os
import hashlib
import json
#网站目录所有文件列表
path_list=[]
#静态文件可以不做hash效验
White_list=['.js','.jpg','.png','.html','.htm']
def GetFile(path):
for dirpath, dirnames, filenames in os.walk(path):
for dirname in dirnames:
dir=os.path.join(dirpath, dirname)
#print dir
path_list.append(dir)
for filename in filenames:
file=os.path.join(dirpath, filename)
if os.path.splitext(file)[1] not in White_list:
#print file
path_list.append(file)
return path_list
#使用文件迭代器,循环获取数据
def md5sum(file):
m=hashlib.md5()
if os.path.isfile(file):
f=open(file,'rb')
for line in f:
m.update(line)
f.close
else:
m.update(file)
return (m.hexdigest())
def Get_md5result(webpath):
pathlist=GetFile(webpath)
md5_file={}
for file in pathlist:
md5_file[file]=md5sum(file)
json_data=json.dumps(md5_file)
fileObject = open('result.json', 'w')
fileObject.write(json_data)
fileObject.close()
def load_data(json_file):
model={}
with open(json_file,'r') as json_file:
model=json.load(json_file)
return model
def Analysis_dicts(dict1,dict2):
keys1 = dict1.keys()
keys2 = dict2.keys()
ret1 = [ i for i in keys1 if i not in keys2]
ret2 = [ i for i in keys2 if i not in keys1]
print u"可能被删除的文件有:"
for i in ret1:
print i
print u"新增的文件有:"
for i in ret2:
print i
print u"可能被篡改的文件有:"
ret3=list((set(keys1).union(set(keys2)))^(set(keys1)^set(keys2)))
for key in ret3:
if key in keys1 and key in keys2:
if dict1[key] == dict2[key]:
pass
else:
print key
if __name__ == '__main__':
webpath = raw_input("Please enter your web physical path, for example, c:\\wwww]. ").lower()
Get_md5result(webpath)
dict2=load_data("result.json")
methodselect= raw_input("[?] Check the integrity of the file: [Y]es or [N]O (Y/N): ").lower()
if methodselect == 'y':
file=raw_input("Please enter the hash file path to be compared: ").lower()
dict1=load_data(file)
Analysis_dicts(dict1,dict2)
elif methodselect == 'n':
exit()
关于我:一个网络安全爱好者,致力于分享原创高质量干货,欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。
本文由Bypass整理发布,转载请保留出处。 欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。