# Hello, this is a script written in Python. See http://www.pyhon.org # # Snapper 1.2 p # # This script will walk a directory (and its subdirectories) and compute # SHA (Secure Hash Algorithm) for specific files (according to their # Extensions) and ouput a CSV file (suited for loading into a spreadsheet # Editor, a database or simply comparing with diff or ExamDiff .). # # You can redirect the output of this script to a file. # Eg. python snapper. py> todayCheck.csv # # This script can be usefull to check system files tampering. # # This script is public domain. Feel free to reuse it. # The author is: # Sebastien SAUVAGE # <Sebsauvage at sebsauvage dot net> # Http://sebsauvage.net # # More quick & dirty scripts are available at http://sebsauvage.net/python/ # # Directory to scan and extensions are hardcoded below: DirectoryStart = r'c: \ Windows' Extensionlistparts using '.exe ','. dll ','. ini ','. ocx ','. cpl ','. vxd ','. drv ','. vbx ','. com ','. bat ','. src ', '. Sys ','. 386 ','. acm ','. ax ','. bpl ','. bin ','. cab ','. olb ','. mpd ','. pdr ','. jar'] Import OS, string, sha, stat, sys Def snapper (directoryStart, extensionList ): OS. path. walk (directoryStart, snapper_callback, extensionList) Def snapper_callback (extensionList, directory, files ): Sys. stderr. write ('scanning' + directory + '\ n ') For fileName in files: If OS. path. isfile (OS. path. join (directory, fileName )): If string. lower (OS. path. splitext (fileName) [1]) in extensionList: Filelist. append (fileSHA (OS. path. join (directory, fileName ))) Def fileSHA (filepath ): Sys. stderr. write ('reading' + OS. path. split (filepath) [1] + '\ n ') File = open (filepath, 'rb ') Digest = sha. new () Data = file. read (1, 65536) While len (data )! = 0: Digest. update (data) Data = file. read (1, 65536) File. close () Return '"' + filepath + '",' + str (OS. stat (filepath) [6]) + ', "' + digest. hexdigest () + '"' Sys. stderr. write ('snapper 1.1 p-http://sebsauvage.net/python/#n ') Filelist = [] Snapper (directoryStart, extensionList) Sys. stderr. write ('sorting... \ n ') Filelist. sort () Filelist. insert (0, '"File path", "File size", "SHA "') Sys. stderr. write ('printing... \ n ') For line in filelist: Print line Sys. stderr. write ('all done. \ n ') |