akfourtyseven Posted February 16, 2010 Posted February 16, 2010 Hey everyone, oh it feels like forever, it has been more than 1 year since I last posted here. Anyways, coming to the problem... What I want to do is search for an executable (or any binary file, that doesn't matter) with out using names but by comparing it to the copy of the executable file I have. For example, lets say that I have an executable, A.exe and copied it and renamed the copied one to B.exe and placed B.exe to someplace, so what I want to do is search for B.exe using A.exe since they are the same files but with different names. I'm not asking anyone to write the script for me, I just want to know what to take into consideration and if this is possible on autoit or not, any help will be greatly appreciated. Thanks in Advance There are 10 kinds of people, those who understand me and those who don't.
Developers Jos Posted February 16, 2010 Developers Posted February 16, 2010 (edited) Only one question comes to mind: When would you really need this? Edited February 16, 2010 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past.
kaotkbliss Posted February 16, 2010 Posted February 16, 2010 It would be useful to find all my copies of au3 files that I have copied and renamed, saved in other locations etc. lol 010101000110100001101001011100110010000001101001011100110010000 001101101011110010010000001110011011010010110011100100001 My Android cat and mouse gamehttps://play.google.com/store/apps/details?id=com.KaosVisions.WhiskersNSqueek We're gonna need another Timmy!
Moderators Melba23 Posted February 16, 2010 Moderators Posted February 16, 2010 akfourtyseven, Not that difficult to do I would hazard. Ther are plenty of recursive file searchers on the forum to enable you to search in subfolders to any depth. A first check might well be for equal file sizes, followed by a comparison of a suitable hash of the file to confirm. Happy to go into more detail if required. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Reveal hidden contents ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
akfourtyseven Posted February 16, 2010 Author Posted February 16, 2010 On 2/16/2010 at 7:12 PM, 'Melba23 said: akfourtyseven,Not that difficult to do I would hazard. Ther are plenty of recursive file searchers on the forum to enable you to search in subfolders to any depth. A first check might well be for equal file sizes, followed by a comparison of a suitable hash of the file to confirm.Happy to go into more detail if required. M23Thanks everyone for your reply, and M23, I need it to search for a specific malware that copies itself to many folders, and your idea is great and specially if I combine it to search for equal file sizes and then check the hash. But the problem is that since most of the infected PCs already have some kind of PE infecting virus, wouldn't it change the hash of the malware if it gets infected with a PE infecter virus? There are 10 kinds of people, those who understand me and those who don't.
Moderators Melba23 Posted February 16, 2010 Moderators Posted February 16, 2010 akfourtyseven, Rather out of my comfort zone now, but if only the PE is affected why not just take a hash of the rest of the file? M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Reveal hidden contents ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
akfourtyseven Posted February 16, 2010 Author Posted February 16, 2010 M23, thanks. Your first post helped me to come up with an idea so is there a function to get the hash of a file on Autoit? Thanks once again. There are 10 kinds of people, those who understand me and those who don't.
Moderators Melba23 Posted February 16, 2010 Moderators Posted February 16, 2010 akfourtyseven, A quick search produced this. M23 Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind Open spoiler to see my UDFs: Reveal hidden contents ArrayMultiColSort ---- Sort arrays on multiple columnsChooseFileFolder ---- Single and multiple selections from specified path treeview listingDate_Time_Convert -- Easily convert date/time formats, including the language usedExtMsgBox --------- A highly customisable replacement for MsgBoxGUIExtender -------- Extend and retract multiple sections within a GUIGUIFrame ---------- Subdivide GUIs into many adjustable framesGUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView itemsGUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeViewMarquee ----------- Scrolling tickertape GUIsNoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxesNotify ------------- Small notifications on the edge of the displayScrollbars ----------Automatically sized scrollbars with a single commandStringSize ---------- Automatically size controls to fit textToast -------------- Small GUIs which pop out of the notification area
akfourtyseven Posted February 16, 2010 Author Posted February 16, 2010 On 2/16/2010 at 7:40 PM, 'Melba23 said: akfourtyseven, A quick search produced this. M23 Thanks M23, you are a life saver! There are 10 kinds of people, those who understand me and those who don't.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now