Question

我收集以下数据文件名，用户名和密码。这些数据是通过遍历每个目录来查找文档（主要是脚本）以及明文凭证来收集的。这个想法是收集系统管理员遵循的不良做法的证据。

我的脚本做得很好，但我试图了解处理数据的最佳方法。我想将该特定文件中的文件名和凭据放入字典中。所以关键是文件名和值是在该文件中找到的凭据。

我已经研究了如何向字典添加数据，但我不完全确定如何找到一种方法将2个列表放入字典中，并且字典中包含1个键的多个值。任何指针将不胜感激。根据评论的建议，当前未使用#if not m: add non matched data to un_matched list行。我想将不匹配的数据添加到另一个列表（用于调试）

代码

dirt = "~/Desktop/tmp"

def get_files():
    regs = ["(.*)((U|u)ser(.*))(\s=\s\W\w+\W)", "(.*)((U|u)ser(.*))(\s=\s\w+)", "(.*)((P|p)ass(.*))\s=\s(\W(.*)\W)", "(.*)((P|p)ass(.*))(\s=\s\W\w+\W)"]
    combined = "(" + ")|(".join(regs) + ")"
    cred_results = []
    creds = []
    un_matched = []
    filesfound = []
    for root, dirs, files in os.walk(dirt):
        for filename in files:
            if filename.endswith(('.bat', '.vbs', '.ps', '.txt')):
                readfile = open(os.path.join(root, filename), "r")
                for line in readfile:
                    m = re.match(combined, line)
                    if m:
                        creds.append(m.group(0))    
                   #if not m: add non matched data to un_matched list
                filesfound.append(os.path.join(root, filename)) 
                cred_results = [line.rstrip() for line in creds]

    print cred_results
    print filesfound

来自脚本的当前输出

['strUser = "guytom"', 'strPassword = "P@ssw0rd1"', 'strUsername = "guytom2"', 'strPass = "SECRETPASSWORD"']
['~/Desktop/tmp/Domain/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER/Scripts/Logon/logonscript1.vbs', '~/Desktop/tmp/Domain/Policies/{31B2F340-016D-11D2-945F-00C04FB984F9}/USER/Scripts/Logon/logonscript2.bat']

Answer 1

您可以在dict.setdefault中使用dict：

    d = {} # create dict 
    for root, dirs, files in os.walk(dirt):
        for filename in files:
            if filename.endswith(('.bat', '.vbs', '.ps', '.txt')):
                readfile = open(os.path.join(root, filename), "r")
                d.setdefault(filename,[]) #  set default value to a list
                for line in readfile:
                    m = re.match(combined, line)
                    if m:
                        creds.append(m.group(0))
                        d[filename].append(m.group(0).rstrip())  # append data to the key's list stripping newlines etc..

如果您想跟踪不匹配的数据，只需添加第二个字典并使用with自动关闭文件：

    for root, dirs, files in os.walk(dirt):
        for filename in files:
            if filename.endswith(('.bat', '.vbs', '.ps', '.txt')):                
                with open(os.path.join(root, filename), "r") as readfile:
                    matched_d.setdefault(filename,[])
                    unmatched_d.setdefault(filename,[])
                    for line in readfile:
                        m = re.match(combined, line)
                        if m:
                            creds.append(m.group(0))
                            d[filename].append(m.group(0).rstrip()) 
                        else:
                            unmatched_d[filename].append(add_data_here)

列出字典，但每个键有多个值

1 个答案: