一个简单的文件完整性hash验证脚本

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import os
import hashlib
import json

#网站目录所有文件列表
path_list=[]
#静态文件可以不做hash效验
White_list=['.js','.jpg','.png','.html','.htm']

def GetFile(path):
    for dirpath, dirnames, filenames in os.walk(path):
        for dirname in dirnames:  
            dir=os.path.join(dirpath, dirname)
            #print dir
            path_list.append(dir)
        for filename in filenames:
            file=os.path.join(dirpath, filename)
            if os.path.splitext(file)[1] not in White_list:
                #print file
                path_list.append(file)
    return path_list

#使用文件迭代器,循环获取数据
def md5sum(file):
    m=hashlib.md5()
    if os.path.isfile(file):
        f=open(file,'rb')
        for line in f:
            m.update(line)
        f.close
    else:
        m.update(file)
    return (m.hexdigest())

def Get_md5result(webpath):
    pathlist=GetFile(webpath)
    md5_file={}
    for file in pathlist:
        md5_file[file]=md5sum(file)
    json_data=json.dumps(md5_file)
    fileObject = open('result.json', 'w')  
    fileObject.write(json_data)  
    fileObject.close()

def load_data(json_file):
    model={}
    with open(json_file,'r') as json_file:
        model=json.load(json_file)
    return model

def Analysis_dicts(dict1,dict2):
    keys1 = dict1.keys()
    keys2 = dict2.keys()
    ret1 = [ i for i in keys1 if i not in keys2]
    ret2 = [ i for i in keys2 if i not in keys1]
    print u"可能被删除的文件有:"
    for i in ret1:
        print i
    print u"新增的文件有:"
    for i in ret2:
        print i
    print u"可能被篡改的文件有:"
    ret3=list((set(keys1).union(set(keys2)))^(set(keys1)^set(keys2)))
    for key in ret3:
        if key in keys1 and key in keys2:
            if dict1[key] == dict2[key]:
                pass
            else:
                print key
            
  
    
if __name__ == '__main__':

    webpath = raw_input("Please enter your web physical path, for example, c:\\wwww]. ").lower()
    Get_md5result(webpath)
    dict2=load_data("result.json")

    methodselect= raw_input("[?] Check the integrity of the file: [Y]es or [N]O (Y/N): ").lower()
    if methodselect == 'y':
        file=raw_input("Please enter the hash file path to be compared: ").lower()
        dict1=load_data(file)
        Analysis_dicts(dict1,dict2)
    elif methodselect == 'n':
        exit()

 

文件完整性hash验证demo(python脚本)_微信公众号

 

关于我:一个网络安全爱好者,致力于分享原创高质量干货,欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。

文件完整性hash验证demo(python脚本)_微信公众号_02

本文由Bypass整理发布,转载请保留出处。 欢迎关注我的个人微信公众号:Bypass--,浏览更多精彩文章。