Basic Python V3 Search Tool using RE module
Dave Angel
davea at davea.name
Thu Mar 26 13:23:56 EDT 2015
On 03/26/2015 01:11 PM, Gregg Dotoli wrote:
> On Wednesday, March 25, 2015 at 3:43:38 PM UTC-4, Gregg Dotoli wrote:
>> This basic script will help to find
>> evidence of CryptoWall on a slave drive. Although it is
>> just a string, more complex regex patterns can be
>> replaced with the string. It is incredible how fast Python is and
>> how easy it has helped in quickly assessing a pool of slave drives.
>> I'm improving it as we speak.
>>
>>
>> Thanks for your help and patience. I'm new with Python.
>>
>>
>> import os
>> import re
>> # From the Root
>> topdir = "."
>>
>> # Regex Pattern
>> pattern="DECRYPT_I"
>> regexp=re.compile(pattern)
>> for dirpath,dirnames, files in os.walk(topdir):
>> for name in files:
>> result=regexp.search(name)
>> print(os.path.join(dirpath,name))
>> print (result)
>>
>>
>>
>>
>>
>> Gregg Dotoli
>
> I posted this because I thought it may be of help to others. This does grep through all the files and is very fast because the regex is compiled in Python , rather than sitting in some directory as an external command.
> That is where the optimization comes in.
>
> Let's close this thread.
>
>
It "grep"s through all the filenames, but there's no open() call or
equivalent there at all. it does not look inside a single file.
We can stop posting to the thread, but that won't fix the bug in the code.
--
DaveA
More information about the Python-list
mailing list