使用sigcheck工具将流阅读器数据输出到csv

时间:2018-12-04 23:52:58

标签: c#

我正在尝试创建一个可执行文件来运行sigcheck并将结果输出到CSV。但是,这段代码只是从streamreader输出到csv到单列中。我希望针对每个特定文件在csv中的单独列中更新此输出。请就此建议如何做?

static void Main(string[] args)
{
    Console.Write("Please provide the folder path to scan : ");
    string dir = Console.ReadLine();
    Console.Write("Where do you want to save the output CSV : ");
    string outputdir = Console.ReadLine();
    OutputSigned(dir, outputdir);
}

public static void OutputSigned(string dir, string outputdir)
{
    Process sigCheckProcess = new Process();
    sigCheckProcess.StartInfo.FileName = @"C:\Sigcheck\sigcheck64.exe";
    sigCheckProcess.StartInfo.Arguments = "-a -h -i -l -s " + dir;
    sigCheckProcess.StartInfo.RedirectStandardOutput = true;
    sigCheckProcess.StartInfo.UseShellExecute = false;
    sigCheckProcess.StartInfo.CreateNoWindow = true;

    sigCheckProcess.Start();

    StreamReader streamReader = sigCheckProcess.StandardOutput;
    string line;
    while ((line = streamReader.ReadLine()) != null)
    {
        StreamWriter CSVOutput = new StreamWriter(outputdir + "\\Sigcheckoutput_" + DateTime.Now.ToString("yyyy_MM_dd_HHmmss") + ".csv", append: true);
        CSVOutput.WriteLine(streamReader.ReadToEnd());
    }
}

我目前从csv获得的示例输出:

Sigcheck v2.70 - File version and signature viewer
Copyright (C) 2004-2018 Mark Russinovich
Sysinternals - www.sysinternals.com

c:\sigcheck\testing\Check.vshost.exe:
"   Verified:   Signed"
"   Signing date:   11:34 PM 7/6/2015"
"   Signing date:   11:34 PM 7/6/2015"
"   Catalog:    c:\sigcheck\testing\Check.vshost.exe"
"   Signers:"
"      Microsoft Corporation"
"       Cert Status:    This certificate or one of the certificates in the certificate chain is not time valid."
"       Valid Usage:    Code Signing"
"       Cert Issuer:    Microsoft Code Signing PCA"
"       Serial Number:  33 00 00 01 0A 2C 79 AE D7 79 7B A6 AC 00 01 00 00 01 0A"
"       Thumbprint: 3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC"
"       Algorithm:  sha1RSA"
"       Valid from: 9:42 AM 6/4/2015"
"       Valid to:   9:42 AM 9/4/2016"
"      Microsoft Code Signing PCA"
"       Cert Status:    Valid"
"       Valid Usage:    All"

1 个答案:

答案 0 :(得分:0)

我能够掌握这一点,如果有人需要参考,下面是代码:

            string content = streamReader.ReadToEnd();
            var stringList = content.Split(new string[] { "\r\n" }, StringSplitOptions.None);
            Dictionary<string, List<string>> file = new Dictionary<string, List<string>>();

            for (var i = 0; i < stringList.Count(); i++)
            {
                string line = stringList[i];
                string path = line.Replace("\r\n", "");
                path = path.Replace(" ", "");
                path = path.TrimEnd(':');

                if (File.Exists(path))
                {
                    file[path] = file.ContainsKey(path) ? file[path] : new List<string>();
                    for (var j = i + 1; j < stringList.Count(); j++)
                    {
                        string line2 = stringList[j];
                        string path2 = line2.Replace("\r\n", "");
                        path2 = path2.Replace(" ", "");
                        path2 = path2.TrimEnd(':');

                        if (File.Exists(path2))
                        {
                            i = j - 1;
                            break;
                        }
                        else
                        {
                            file[path].Add(listValue);
                        }
                    }
                }
            }
相关问题
最新问题