On 03/25/2015 03:43 PM, Gregg Dotoli wrote:
This basic script will help to find
evidence of CryptoWall on a slave drive. Although it is
just a string, more complex regex patterns can be
replaced with the string. It is incredible how fast Python is and
how easy it has helped in quickly assessing a pool of slave drives.
I'm improving it as we speak.
Thanks for your help and patience. I'm new with Python.
import os
import re
# From the Root
topdir = "."
# Regex Pattern
pattern="DECRYPT_I"
regexp=re.compile(pattern)
for dirpath,dirnames, files in os.walk(topdir):
for name in files:
result=regexp.search(name)
print(os.path.join(dirpath,name))
print (result)
Any reason you started a new thread?
And I thought (from the other thread) that you were trying to search the
contents of the files. Right now you're just looking for a file name
containing the pattern.
That could explain why it's so fast.
--
DaveA
--
https://mail.python.org/mailman/listinfo/python-list
