Created separate classes. Need to complete searchUtil class.
This commit is contained in:
68
source/cryptowallFinder.rb
Normal file
68
source/cryptowallFinder.rb
Normal file
@@ -0,0 +1,68 @@
|
||||
require 'FileUtils'
|
||||
require_relative 'searchUtil'
|
||||
|
||||
|
||||
class Cryptowallfinder
|
||||
|
||||
attr_accessor :outputFile, :path
|
||||
|
||||
@search = Searchutil.new
|
||||
|
||||
def infectedFiles(decryptFile)
|
||||
infectedPath = File.dirname("#{decryptFile}")
|
||||
infectedFiles = Dir["#{infectedPath}/*.*"]
|
||||
return infectedFiles
|
||||
end
|
||||
|
||||
def infectedFileExpandedPath(file)
|
||||
infectedFileExpandedPath = File.expand_path(file.to_s)
|
||||
return infectedFileExpandedPath
|
||||
end
|
||||
|
||||
def decryptFiles(path)
|
||||
decryptFiles = Dir["#{path}/**/DECRYPT_INSTRUCTION.TXT"]
|
||||
return decryptFiles
|
||||
end
|
||||
|
||||
def writeMyFile(whatToWrite)
|
||||
if !isDecryptInstructions(whatToWrite) && !isTorInstructions(whatToWrite)
|
||||
whatToWrite = infectedFileExpandedPath(whatToWrite)
|
||||
whatToWrite = whatToWrite.gsub("/","\\")
|
||||
@openFile = self.outputFile.open
|
||||
@openFile.puts(whatToWrite)
|
||||
@openFile.close
|
||||
end
|
||||
end
|
||||
|
||||
def deleteInstructions(file)
|
||||
if isTorInstructions(file) or isDecryptInstructions(file)
|
||||
FileUtils.rm(File.expand_path(file.to_s))
|
||||
end
|
||||
end
|
||||
|
||||
def isTorInstructions(file)
|
||||
if file.include? "TOR"
|
||||
return true
|
||||
else
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
||||
def isDecryptInstructions(file)
|
||||
if file.include? "DECRYPT"
|
||||
return true
|
||||
else
|
||||
return false
|
||||
end
|
||||
end
|
||||
|
||||
def findInfectedFiles
|
||||
decryptFiles(self.path).each do |f|
|
||||
infectedFiles(f).each do |returnedFiles|
|
||||
writeMyFile(returnedFiles)
|
||||
deleteInstructions(returnedFiles)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user