Programming/Python
Python - Volatility pslist 에서 특정 프로세스만 추출하기
pental
2019. 11. 21. 21:57
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
#Written by Pental
# 특정 프로세스 정보 추출
import re
import string
import sys
# Function
#Find Unique Word
def findSentence(fileName, findText):
file = open(fileName, mode="r", encoding="utf8")
result = []
data = file.read()
data = data.splitlines()
for line in data:
sentences = line.split(". ")
for sentence in sentences:
sentence = sentence.strip(".")
if findText in sentence:
result.append(sentence + ".")
file.close()
return result
#Delete Special Text
def cleanText(readData):
text = re.sub('[(),:]','',readData)
return text
#---------------Find Image--------------
#Find Unique Word (Win)
print ("Source by Pental / Please input Accurate Process Name!!")
unique = input("Find Unique Process Information : ")
result = findSentence('pslist.txt',unique)
for sentence in result:
result = sentence
name = result[10:30]
pid = result[35:39]
ppid = result[42:46]
thds = result[49:53]
hand = result[58:62]
time = result[76:105]
print ('Process Name : ' + name)
print ('Pid : ' + pid)
print ('Ppid : ' + ppid)
print ('Threads : ' + thds)
print ('Handle : ' + hand)
print ('Time : ' + time)
|
cs |
