require 'FileUtils'
require_relative 'searchUtil'


class Cryptowallfinder	

	attr_accessor :outputFile, :path

	@search = Searchutil.new

	def infectedFiles(decryptFile)
		infectedPath = File.dirname("#{decryptFile}")
		infectedFiles = Dir["#{infectedPath}/*.*"]
		return infectedFiles
	end

	def infectedFileExpandedPath(file)
		infectedFileExpandedPath = File.expand_path(file.to_s)
		return infectedFileExpandedPath
	end

	def decryptFiles(path)
		decryptFiles = Dir["#{path}/**/DECRYPT_INSTRUCTION.TXT"]
		return decryptFiles
	end

	def writeMyFile(whatToWrite)
		if !isDecryptInstructions(whatToWrite) && !isTorInstructions(whatToWrite)
			whatToWrite = infectedFileExpandedPath(whatToWrite)
			whatToWrite = whatToWrite.gsub("/","\\")
			@openFile = self.outputFile.open
			@openFile.puts(whatToWrite)
			@openFile.close
		end
	end

	def deleteInstructions(file)
		if isTorInstructions(file) or isDecryptInstructions(file)
			FileUtils.rm(File.expand_path(file.to_s))
		end
	end

	def isTorInstructions(file)
		if file.include? "TOR"
			return true
		else
			return false
		end
	end

	def isDecryptInstructions(file)
		if file.include? "DECRYPT"
			return true
		else 
			return false
		end
	end

	def findInfectedFiles
		decryptFiles(self.path).each do |f|
			infectedFiles(f).each do |returnedFiles|
				writeMyFile(returnedFiles)
				deleteInstructions(returnedFiles)
			end
		end

	end
end