Jump to content
Sign in to follow this  
rajeshontheweb

File Information Lister

Recommended Posts

rajeshontheweb

This is a primitive version of a script i started using to detect the file MD5 and some very basic information about the file.

this module was employed to detect info about certain viruses which our symantec product didnt detect sometimes but was known as malicious (of course i used to research on the internet to ensure it is malicious)

#include "md5.au3"

#compiler_plugin_funcs = MD5Hash

Global $BufferSize = 0x20000
Global $FullFilename 
Global $FileMD5 , $FileNameOnly, $FileSize, $tmp , $FileLocation, $LogFileName

$FullFileName = FileOpenDialog("Open file", "", "Any file (*.*)")

If $FullFilename = "" Then Exit


$FileMD5 = GetFileMD5($FullFileName)
$FileNameOnly = GetNameFromPath($FullFileName)
$FileSize = FileGetSize($FullFileName)
$FileLocation = StringLeft($FullFileName , StringLen($FullFileName) - STringLEn($FileNameOnly))


    $str = "FileName=" & $FileNameOnly & @LF
    $str = $str & "FileMD5=" & $FileMD5 & @LF 
    $str = $str & "FileSize=" & $FileSize &@LF
    $str = $str & "FileLocation=" & $FileLocation & @LF 


If CreateIni() = 1 Then

    $tmp = IniReadSectionNames($LogFileName)
    
    IF @ERROR Then
        IniWriteSection($LogFileName, "FileInfo1",$str)
    Else        
        IniWriteSection($LogFileName, "FileInfo"& $tmp[0]+1 ,$str)
    EndIf
    
Else 
    
EndIf


Msgbox(4096,"FileInfo",$str)


Func CreateIni()
; v2.0 05 Jan 09 
; Creates a log file in the name of the executable file and current logged on user name if possible , extension changed to log.
; v1.1 last modified 31 dec 2008
; creates a log file in current working directory if not found creates a log in c:\

Local $FName 
    
            $LogFileName = "C:\FileInfo.ini" 
            
            $FileHandle = FileOpen($LogFileName,1)
        

                If $FileHandle Then
    ; File Was successfully created, proceed now.
                    Return 1
                Else
    ; file could not be created, exit now
                    Return 0
                    Exit
                EndIf
                
            FileClose($FileHandle)

EndFunc


Func GetFileMd5($FileName)
; needs md5hash.dll in current directory
; use a md5hashl.dll searcher function in the start of application to avoid errors
Local $MD5Hasher = @WorkingDir & "\MD5Hash.dll"

If FileExists($Md5Hasher) Then
        
        Dim $PHandle, $FHash

            $pHandle = PluginOpen($MD5Hasher)
                
                    IF @error Then
                        $StatusText = "Fatal Error: MD5 Signature Verification Failed! - Terminating Application"
                        Exit
                    EndIf
                        
                    $FHash = MD5Hash($MD5Hasher,1,True)

            PluginClose($PHandle)

            Return $FHash


    Else
    
        Local $BufferSize = 0x20000
        Local $FileHandle = FileOpen($Filename, 16)
        
        $MD5CTX = _MD5Init()

        For $i = 1 To Ceiling(FileGetSize($Filename) / $BufferSize)
            _MD5Input($MD5CTX, FileRead($FileHandle, $BufferSize))
        Next

        $Hash = _MD5Result($MD5CTX)
        
        
        FileClose($FileHandle)

        Return $Hash

    EndIf


EndFunc



Func GetNameFromPath($FullPath)
; Version 1 : created 30 Dec 2008
; Purpose : Get File Name only from a full path given
; Usage: GetNameFromPath(Full File name with path) will return only the file or folder name at the end 

    Local $DirLen , $FindSlash, $FName

; Clear Trailing Slash "\" 
    If StringRight($FullPath,1) = "\" Then $FullPath = StringTrimRight($FullPath,1)

    $DirLen = StringLen($FullPath)

    $FindSlash = StringInStr( $FullPath, "\" ,0 , -1 )
        
    $FName = StringRight($FullPath ,$DirLen - $FindSlash)
    
    IF @ERROR Then Exit

    Return $FName 

EndFunc

Code uses MD5.au3 (from Hash Function Collection) from http://www.autoitscript.com/forum/index.php?showtopic=76976 in case of non availability of MD5Hash.dll available in the forums. (I didnt want to go into the file install procedure and all which would involve user rights and various issues :-) - too lazy to do that when i started.)

Edited by rajeshontheweb

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×