在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
using System; using System.IO; using System.Text.RegularExpressions; using System.Threading; using System.Windows.Forms; using System.Net; namespace TrojanScanning { public partial class Form1 : Form { public Form1() { InitializeComponent(); } delegate void SetTextCallback(string text); delegate void SetTextCallback2(bool b); delegate void SetTextCallback3(ListViewItem item); private string fname, code; private Thread thr; private string[] sArray; private void button1_Click(object sender, EventArgs e) { if (folderBrowserDialog1.ShowDialog() == DialogResult.OK) { scanpath.Text = folderBrowserDialog1.SelectedPath; } } private void startbtn_Click(object sender, EventArgs e) { list.Items.Clear(); fname = scanpath.Text; thr = new Thread(new ThreadStart(scan)); thr.IsBackground = true; thr.Start(); } private void scan(){ FileSystemInfo s = GetFileSystemInfo(fname); if (s != null) { scanbtn(false); ListFiles(s); scantext("扫描完成"); scanbtn(true); } else { MessageBox.Show("请先选择要扫描的目录"); } } public FileSystemInfo GetFileSystemInfo(string path){ if (File.Exists(path)) return new FileInfo(path); else if (Directory.Exists(path)) return new DirectoryInfo(path); else return null; } private void ListFiles(FileSystemInfo info){ if (info.Exists){ DirectoryInfo dir = info as DirectoryInfo; if (dir == null) return; try{ FileSystemInfo[] files = dir.GetFileSystemInfos(); for (int i = 0; i < files.Length; i++){ FileInfo file = files[i] as FileInfo; if (file != null && (file.Extension.ToLower() == ".asp" || file.Extension.ToLower() == ".php" || file.Extension.ToLower() == ".aspx" || file.Extension.ToLower() == ".master")) { scantext("扫描 " + file.FullName); chkfile(file.FullName,file.Length); }else{ ListFiles(files[i]); } } } catch{} } } private void chkfile(string filepath,long filesize) { try{ if (IsFileInUse(filepath)) { System.Threading.Thread.Sleep(2000); chkfile(filepath,filesize); } StreamReader sr = new StreamReader(filepath); string content = sr.ReadToEnd(); sr.Close(); string chkr=chkcontent(content); if (chkr!=""){ ListViewItem item = new ListViewItem("可疑"); item.SubItems.Add(File.GetLastAccessTime(filepath).ToString()); item.SubItems.Add(chkr); item.SubItems.Add(filepath); item.SubItems.Add((filesize/1024).ToString() + " kb"); addtiem(item); } } catch { } } private string downurl(string url) { WebClient client = new WebClient(); string result = client.DownloadString(url); return result; } private void addtiem(ListViewItem item) { if (this.list.InvokeRequired){ SetTextCallback3 d = new SetTextCallback3(addtiem); this.Invoke(d, new object[] { item }); }else{ this.list.Items.Add(item); } } private void scantext(string text) { if (this.scanstate.InvokeRequired) { SetTextCallback d = new SetTextCallback(scantext); this.Invoke(d, new object[] { text }); }else{ this.scanstate.Text=text; } } private void scanbtn(bool b){ if (this.startbtn.InvokeRequired){ SetTextCallback2 d = new SetTextCallback2(scanbtn); this.Invoke(d, new object[] { b }); }else{ this.startbtn.Enabled = b; this.scanpath.Enabled = b; this.button1.Enabled = b; } } private string chkcontent(string content){ string returnval = ""; content = content.ToLower(); foreach (string i in sArray) { if (content.IndexOf(i)> -1){ returnval+=i+","; } } if (returnval != "") { returnval=returnval.Substring(0, returnval.Length - 1); } return returnval; } bool IsFileInUse(string fileName) { bool inUse = true; if (File.Exists(fileName)) { FileStream fs = null; try { fs = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.None); inUse = false; } catch { } finally { if (fs != null)fs.Close(); } return inUse; } else { return false; } } private void Form1_Load(object sender, EventArgs e) { try{ code = downurl("http://www.cqeh.com/txt/trojan.txt"); sArray = code.ToLower().Split('|'); } catch (Exception ex) { MessageBox.Show("错误:" + ex.Message, "无法启动程序!", MessageBoxButtons.OK); Application.Exit(); } } private void list_DoubleClick(object sender, EventArgs e) { System.Diagnostics.Process.Start("NOTEPAD.EXE", list.SelectedItems[0].SubItems[3].Text); } } } |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论