def startMonitor(pathToWatch):
FILE_LIST_DIRECTORY = 0x0001
hDirectory = win32file.CreateFile(
pathToWatch,
FILE_LIST_DIRECTORY,
win32con.FILE_SHARE_READ |
win32.FILE_SHARE_WRITE |
win32con.FILE_SHARE_DELETE,
None,
win32con.OPEN_EXISTING,
win32con.FILE_FLAG.BACKUP_SEMANTICS,
None)
while True:
try:
results = win32file.ReadDirectoryChangeW(
hDirectory,
1024,
True,
win32con.FILE_NOTIFY_CHANGE_FILE_NAME |
win32con.FILE_NOTIFY_CHANGE_DIR_NAME |
win32con.FILE_NOTIFY_CHANGE_ATTRIBUTES |
win32con.FILE_NOTIFY_CHANGE_SIZE |
win32con.FILE_NOTIFY_CHANGE_LAST_WRITE |
win32con.FILE_NOTIFY_CHANGE_SECURITY,
None,
None
)
for action, fileName in results:
fullFileName = os.path.join(pathToWatch, fileName)
if action == FILE_CREATED:
print "[ + ] Created %s" % fullFileName
elif action == FILE_DELETED:
print "[ - ] Deleted %s" % fullFileName
elif action == FILE_MODIFIED:
print "[ * ] Modified %s" % fullFileName
print "[vvv] Dumping contents..."
try:
fd = open(fullFileName, "rb")
contents = fd.read()
fd.close()
print contents
print "[^^^] Dump complete."
except:
print "[!!!] Failed."
fileName, extension = os.path.splitext(fullFileName)
if extension in fileTypes:
injectCode(fullFileName, extension, contents)
elif action == FILE_RENAMED_FROM:
print "[ > ] Renamed from: %s" % fullFileName
elif action == FILE_RENAMED_TO:
print "[ < ] Renamed to: %s" % fullFileName
else:
print "[???] Unkown: %s" % fullFileName
except:
pass
评论列表
文章目录
