前天在准备ctf线下赛的时候,想到了需要防止用户上传文件,所以打算用python写一个,因为用的vnc链接只能在默认的python2.7的环境底下来写,好多包没有,所以只采用了一个OS包,斌且只有十分钟加固时间,代码也不敢写长,最终代码如下:
#!/usr/bin/env python
# -*- coding:utf-8 -*-
import os
import time
iff=1
def getlist(rlist,path):
for dir,folder,file in os.walk(path):
for i in file:
t="%s/%s"%(dir,i)
rlist.append(t)
def getnlist(nlist,path):
for dir,folder,file in os.walk(path):
for i in file:
t="%s/%s"%(dir,i)
nlist.append(t)
path="/var/ww/"
rlist=[]
nlist=[]
if(iff==1):
getlist(rlist,path)
for i in rlist:
print "one:"+i
iff=iff+1
while(True):
nlist=[]
getnlist(nlist,path)
for t in nlist:
if t not in rlist:
print "\n-----------------\n"+t
tt=time.asctime(time.localtime(time.time()))
os.popen("mv "+t+" \'/var/"+tt+".txt\'")
time.sleep(1)
将有人上传到这个文件夹的文件改个名放到var目录下面