前天在准备ctf线下赛的时候,想到了需要防止用户上传文件,所以打算用python写一个,因为用的vnc链接只能在默认的python2.7的环境底下来写,好多包没有,所以只采用了一个OS包,且只有十分钟加固时间,代码也不敢写长,最终代码如下:
#!/usr/bin/env python # -*- coding:utf-8 -*- import os import time iff=1 def getlist(rlist,path): for dir,folder,file in os.walk(path): for i in file: t="%s/%s"%(dir,i) rlist.append(t) def getnlist(nlist,path): for dir,folder,file in os.walk(path): for i in file: t="%s/%s"%(dir,i) nlist.append(t) path="/var/ww/" rlist=[] nlist=[] if(iff==1): getlist(rlist,path) for i in rlist: print "one:"+i iff=iff+1 while(True): nlist=[] getnlist(nlist,path) for t in nlist: if t not in rlist: print "\n-----------------\n"+t tt=time.asctime(time.localtime(time.time())) os.popen("mv "+t+" \'/var/"+tt+".txt\'") time.sleep(1)
将有人上传到这个文件夹的文件改个名放到var目录下面