I've finally had some time to sit down and work on an MD5 scanner script which I posted last week (
http://www.perlmonks.org/?node_id=685695), and I'm trying to use suggestions that were given to me to go through it and write it correctly.
I now have two hashes, one containing a list of known bad filenames and their associated MD5 values, and the other containing a list of all files on a given system and their paths (note that both hashes can have multiple values per key).
What I need to do now, is get the intersect of the keys of each hash so that I have a list of files from the system that match the list of files that are known to be bad. My confusion is how correctly get the intersect so that I can easily use the values of each key from both hashes(because I'll need the paths and the known bad md5 values to do the actual MD5 check).
Any suggestions or direction is appreciated.
#!C:\perl\bin\perl.exe -w
use strict;
my @known_bad; #eac
+h element is a line within the knownbad.txt file
open(FILE, "knownbad.txt") or die("Unable to open file");
@known_bad = <FILE>;
close(FILE);
my $bad_data;
my $bad_file;
my $bad_md5;
my $bad_file_array_element;
my %bad_file_md5;
foreach $bad_data (@known_bad) {
+ #take data from knownbad.txt file and parse it into a hash
chomp($bad_data);
($bad_file, $bad_md5) = split(/\,/, $bad_data);
push(@{ $bad_file_md5{"$bad_file"} }, "$bad_md5");
}
my $system_file_location;
my $system_file;
my %system_file_data;
#open FILES, "psexec.exe -n 2 \\\\192.168.1.10 cmd.exe \/C dir C\:\\ \
+/S \/B |" or die;
open FILES, "cmd.exe \/C dir C\:\\ \/S \/B |" or die;
+ #take data from directory listing and parse it into a
+hash
while ( <FILES> ) {
( $system_file_location, $system_file ) = m/(.*)[\\\/](.+)/ ?
+( $1, $2 ) : ( undef, $_ );
# print "$system_file is in the directory $system_file_location
+\n";
push(@{ $system_file_data{"$system_file"} }, "$system_file_loc
+ation");
}
close FILES;
$VAR1 = {
'arbies.dll' => [
'388B8FBC36A8558587AFC90FB23A3B99'
],
'psexec.exe' => [
'78A2C9D79C21DDFCB7CED32F5EBEC618',
'388B8FBC36A8558587AFC90FB23A3B99'
],
'notepad.exe' => [
'388B8FBC36A8558587AFC90FB23A3B99'
],
'angelfood.txt' => [
'388B8FBC36A8558587AFC90FB23A3B99'
]
};