首页
Sign in Sign up
avatar
tiancai

python提取System32路径下的文件的文件描述 

import os
import filetype
import pefile
import pprint

def is_pe_file(filename):
    if os.path.isfile(filename):
        kind = filetype.guess(filename)
        if kind == None:
            return False
        if kind.extension == 'exe':
            return True
    else:
        return False

string_version_info = {}
def main():
    fd = os.open('log.txt', os.O_RDWR | os.O_CREAT)
    path='C:\\Windows\\System32\\'
    files = os.listdir(path)
    for filename in files:
        if is_pe_file(path+filename):
            # 提取详细信息->文件说明
            pe = pefile.PE(path+filename)
            try:
                for fileinfo in pe.FileInfo[0]:
                    if fileinfo.Key.decode() == 'StringFileInfo':
                        for st in fileinfo.StringTable:
                            for entry in st.entries.items():
                                string_version_info[entry[0].decode()] = entry[1].decode()
                #os.write(fd, '%s : %s' %(path+filename,string_version_info['FileDescription'].encode()))
                data = '%s : %s' %(path+filename,string_version_info['FileDescription'])
                os.write(fd,data.encode())
                os.write(fd,b'\n')
            except:
                continue
    os.close(fd)
    return
if __name__ == '__main__':
    main()
1
avatar
计算机天才
@tiancai
加入
2 关注中 0 关注者
更多来自 计算机天才
github代码搜索功能排除指定仓库 retdec项目源代码阅读部分记录 LLVM调试技巧之Value类