Python posix_path 예제들

예제 #1

파일: inspector.py 프로젝트: noxdafox/vminspect

def extract_created_files(timeline, path, events):
    for event in (e for e in events
                  if 'FILE_CREATE' in e['changes'] and e['allocated']):
        try:
            if 'hash' in event:
                sha_hash = event['hash']
            else:
                sha_hash = timeline.checksum(event['path'])
            source = event['path']
            name = Path(posix_path(event['path'])).name
            destination = Path(path, '_'.join((sha_hash, name)))

            if not destination.exists():
                timeline.download(source, str(destination))
        except RuntimeError:
            pass

예제 #2

파일: inspector.py 프로젝트: noxdafox/vminspect

def extract_deleted_files(timeline, path, events):
    root = timeline.inspect_get_roots()[0]

    for event in (e for e in events if 'FILE_DELETE' in e['changes']):
        inode = event['file_reference_number']

        try:
            with NamedTemporaryFile(buffering=0) as tempfile:
                timeline.download_inode(root, inode, tempfile.name)

                name = Path(posix_path(event['path'])).name
                sha_hash = hashlib.sha1(tempfile.read()).hexdigest()
                destination = Path(path, '_'.join((sha_hash, name)))

                shutil.copy(tempfile.name, str(destination))

                event['hash'] = sha_hash
                event['recovered'] = True
        except RuntimeError:
            event['recovered'] = False

예제 #3

def extract_created_files(timeline, path, events):
    path = Path(path)

    if not path.exists():
        path.mkdir(parents=True)

    for event in (e for e in events
                  if 'FILE_CREATE' in e['changes'] and e['allocated']):
        try:
            if 'hash' in event:
                sha_hash = event['hash']
            else:
                sha_hash = timeline.checksum(event['path'])
            source = event['path']
            name = Path(posix_path(event['path'])).name
            destination = Path(path, '_'.join((sha_hash, name)))

            if not destination.exists():
                timeline.download(source, str(destination))
        except RuntimeError:
            pass

예제 #4

def extract_deleted_files(timeline, path, events):
    path = Path(path)
    root = timeline.inspect_get_roots()[0]

    if not path.exists():
        path.mkdir(parents=True)

    for event in (e for e in events if 'FILE_DELETE' in e['changes']):
        inode = event['file_reference_number']

        try:
            with NamedTemporaryFile(buffering=0) as tempfile:
                timeline.download_inode(root, inode, tempfile.name)

                name = Path(posix_path(event['path'])).name
                sha_hash = hashlib.sha1(tempfile.read()).hexdigest()
                destination = Path(path, '_'.join((sha_hash, name)))

                shutil.copy(tempfile.name, str(destination))

                event['hash'] = sha_hash
                event['recovered'] = True
        except RuntimeError:
            event['recovered'] = False