使用Python制作一個(gè)惡意軟件刪除工具

更新時(shí)間：2024年02月06日 08:44:27 作者：白客小李666

這篇文章主要為大家詳細(xì)介紹了如何使用Python制作一個(gè)惡意軟件刪除工具,文中的示例代碼講解詳細(xì),感興趣的小伙伴可以跟隨小編一起學(xué)習(xí)一下

查殺流程圖

對(duì)，就這些，已經(jīng)具備了殺毒軟件的功能

判斷文件是否為病毒

要查殺病毒，先要判斷文件是不是病毒（不然刪錯(cuò)了咋辦），這里我們用獲取文件的哈希值來(lái)判斷文件是不是病毒

這里我們用os、hashlib庫(kù)

import os,hashlib

獲取哈希值代碼

def GetFileMD5(filename):
    file = open(filename, 'rb') #用二進(jìn)制方式讀取文件
    file_content = file.read()
    file.close()
    file_md5 = hashlib.md5(file_content)
    return file_md5.hexdigest()   #返回文件的哈希值

啊對(duì)，就這樣，文件的哈希值就被拿到了

我們測(cè)試一下代碼，先編個(gè)病毒

就是無(wú)限循環(huán)執(zhí)行cmd

病毒庫(kù)

每個(gè)殺毒軟件都有自己的病毒庫(kù)，那我們也搞一個(gè)（就是把一些病毒哈希值整理成一個(gè)列表）

Virus_Reservoirs=[
                 '40d8911754a4d6cd8d4c732f96eb3016',#無(wú)限cmd彈窗
                 '0d686bf04da1a4d11ea197375b99a48b',#無(wú)限cmd彈窗
                 'eda588c0ee78b585f645aa42eff1e57a',#中華黑豹升級(jí)版
                 '0a456ffff1d3fd522457c187ebcf41e4',#蠕蟲(chóng)
                 '1aa4c64363b68622c9426ce96c4186f2',#BIOS、MBR病毒
                 'd214c717a357fe3a455610b197c390aa',#Virus.Win32.disttrackA類(lèi)型病毒
                 'b14299fd4d1cbfb4cc7486d978398214',#Virus.Win32.disttrackA類(lèi)型病毒
                 'dffe6e34209cb19ebe720c457a06edd6',#無(wú)盡黑洞木馬病毒
                 '512301c535c88255c9a252fdf70b7a03',#熊貓燒香
                 'd4a05ada747a970bff6e8c2c59c9b5cd',#WormOrg.Viking.A -->蠕蟲(chóng)
                 'ad41ec81ab55c17397d3d6039752b0fd',#WormOrg.Win32.Fujack.A  -->蠕蟲(chóng)
                 'a57db79f11a8c58d27f706bc1fe94e25',#Virus.Win32.Viking.A類(lèi)型病毒
                 'fc14eaf932b76c51ebf490105ba843eb',#沖擊波
                 '2a92da4b5a353ca41de980a49b329e7d',#蠕蟲(chóng)
                 '68abd642c33f3d62b7f0f92e20b266aa',#蠕蟲(chóng)
                 'ff5e1f27193ce51eec318714ef038bef',#蠕蟲(chóng)
                 '4c36884f0644946344fa847756f4a04e',#磁碟機(jī)
                 '2391109c40ccb0f982b86af86cfbc900',#AV終結(jié)者——>Pabug
                 '84c82835a5d21bbcf75a61706d8ab549',#WannaCry永恒之藍(lán)
                 'db349b97c37d22f5ea1d1841e3c89eb4',#WannaCry永恒之藍(lán)
                 '1de73f49db23cf5cc6e06f47767f7fda',#WannaRen
                 'af2379cc4d607a45ac44d62135fb7015',#Petya
                 '71b6a493388e7d0b40c83ce903bc6b04',#Petya組件
                 'e81139675ac1b806d689fb17789e2f99',#斯大林病毒
                 '915178156c8caa25b548484c97dd19c1',#可刪除文件的蠕蟲(chóng)
                 'dac5f1e894b500e6e467ae5d43b7ae3e',#可刪除文件的蠕蟲(chóng)
                 '849da18699ea2332494e431c66be0ca6',#WindowsCrazyError
                 '56975ae355acb292220921ad61c58f2a',#MBR破壞
                 '44d88612fea8a8f36de82e1278abb02f',#引擎測(cè)試程序
                 '297de74cb20a975efaf20cd88fddf270',#鬼影木馬
                 'c729d940eb78e927afcba4046543d8f8',#可讓系統(tǒng)藍(lán)屏的病毒
                 '8c71f2a4b3079332d4f8078eddb9974a',#小豬佩奇病毒
                 '19dbec50735b5f2a72d4199c4e184960',#MEMZ彩虹貓
                 '815b63b8bc28ae052029f8cbdd7098ce',#滑稽病毒
                 'c71091507f731c203b6c93bc91adedb6',#盧本偉病毒
                 "8c689f65508e1353fb3df35df87ba5c7",#'假藍(lán)屏'病毒
                 ]

有點(diǎn)少。。。。。

大家發(fā)現(xiàn)一些病毒可以把他的哈希值發(fā)給我哈

編寫(xiě)殺毒界面

代碼太多了，不容易講，直接上代碼了。界面用了滾動(dòng)滑桿，用的是tkinter庫(kù)

import tkinter as tk
from tkinter.ttk import *
import tkinter.filedialog as filedialog
filles=filedialog.askopenfilenames(title='選擇文件',filetypes=[("All Files","*.*")]) #選擇文件
viruses=[]
try:
    for i in filles:
        fileMD5=getFileMD5(i)
        print(i+"文件哈希值:"+fileMD5)
        if fileMD5 in Virus_Reservoirs:
            viruses. Append(i)
    show_viruses_win=tk.Tk()
    if len(viruses) == 0:
        show_viruses_win.withdraw()
        messagebox.showinfo("查殺結(jié)果","此次查殺未發(fā)現(xiàn)風(fēng)險(xiǎn)項(xiàng)")
        show_viruses_win.destroy()
    else:
        kills=[]
        fail_kills=[]
        def getlujing(event):
            str=""
            index1=viruss.curselection()
            for item in index1:
                str+=viruss.get(item)+"、"
                kills.append(viruss.get(item))    #選擇要清理的病毒
            llabel.config(text="你選擇了"+str)
        def killthem():
            for i in kills:
                kills.remove(i)
                try:
                    os.unlink(i)
                except:
                    fail_kills.append(i)
            show_viruses_win.destroy()
            jieguo_win=tk.Tk()
            jieguo_win.withdraw()
            if len(fail_kills) == 0:
                messagebox.showinfo("yeah","全部清除成功!")
            else:
                messagebox.showinfo("error",f"{fail_kills}清除失敗，請(qǐng)手動(dòng)清除!")
            jieguo_win.destroy()
        show_viruses_win.geometry("480x480") #界面
        show_viruses_win.title("請(qǐng)選擇您想清理的病毒")
        show_viruses_win.configure(bg="#F5D7C4")
        llabel=tk.Label(show_viruses_win,height=5,wraplength=190,justify="left",bg="#F1DAA1",relief="groove")
        llabel.pack(side="top",fill="x",padx="10",pady="10")
        sc1=tk.Scrollbar(show_viruses_win)
        viruss=tk.Listbox(show_viruses_win,height=20,yscrollcommand=sc1.set,selectmode="multiple",justify='center',width=30)
        for i in viruses:
            viruss.insert(tk.END,i)
        viruss.pack(side='left',fill='x')
        viruss.bind("<<ListboxSelect>>",getlujing)
        sc1.pack(side="left",fill="y")
        sc1.config(command=viruss.yview)
        tk.Button(show_viruses_win,text="選擇完畢，開(kāi)始?xì)⒍荆?,relief='groove',fg='white',bg='blue',cursor='hand2',command=killthem).pack()
        show_viruses_win.mainloop()
except:
    show_error_win=tk.Tk()
    show_error_win.withdraw()
    messagebox.showerror("error","無(wú)法查殺病毒或初始化殺毒引擎,請(qǐng)重試")
    show_error_win.destroy()

測(cè)試代碼

先把代碼匯總一下

總代碼

import os,hashlib
import tkinter as tk
import tkinter.messagebox as messagebox
from tkinter.ttk import *
import tkinter.filedialog as filedialog
def GetFileMD5(filename):
    file = open(filename, 'rb') #用二進(jìn)制方式讀取文件
    file_content = file.read()
    file.close()
    file_md5 = hashlib.md5(file_content)
    return file_md5.hexdigest()   #返回文件的哈希值
Virus_Reservoirs=[
                 '40d8911754a4d6cd8d4c732f96eb3016',#無(wú)限cmd彈窗
                 '0d686bf04da1a4d11ea197375b99a48b',#無(wú)限cmd彈窗
                 'eda588c0ee78b585f645aa42eff1e57a',#中華黑豹升級(jí)版
                 '0a456ffff1d3fd522457c187ebcf41e4',#蠕蟲(chóng)
                 '1aa4c64363b68622c9426ce96c4186f2',#BIOS、MBR病毒
                 'd214c717a357fe3a455610b197c390aa',#Virus.Win32.disttrackA類(lèi)型病毒
                 'b14299fd4d1cbfb4cc7486d978398214',#Virus.Win32.disttrackA類(lèi)型病毒
                 'dffe6e34209cb19ebe720c457a06edd6',#無(wú)盡黑洞木馬病毒
                 '512301c535c88255c9a252fdf70b7a03',#熊貓燒香
                 'd4a05ada747a970bff6e8c2c59c9b5cd',#WormOrg.Viking.A -->蠕蟲(chóng)
                 'ad41ec81ab55c17397d3d6039752b0fd',#WormOrg.Win32.Fujack.A  -->蠕蟲(chóng)
                 'a57db79f11a8c58d27f706bc1fe94e25',#Virus.Win32.Viking.A類(lèi)型病毒
                 'fc14eaf932b76c51ebf490105ba843eb',#沖擊波
                 '2a92da4b5a353ca41de980a49b329e7d',#蠕蟲(chóng)
                 '68abd642c33f3d62b7f0f92e20b266aa',#蠕蟲(chóng)
                 'ff5e1f27193ce51eec318714ef038bef',#蠕蟲(chóng)
                 '4c36884f0644946344fa847756f4a04e',#磁碟機(jī)
                 '2391109c40ccb0f982b86af86cfbc900',#AV終結(jié)者——>Pabug
                 '84c82835a5d21bbcf75a61706d8ab549',#WannaCry永恒之藍(lán)
                 'db349b97c37d22f5ea1d1841e3c89eb4',#WannaCry永恒之藍(lán)
                 '1de73f49db23cf5cc6e06f47767f7fda',#WannaRen
                 'af2379cc4d607a45ac44d62135fb7015',#Petya
                 '71b6a493388e7d0b40c83ce903bc6b04',#Petya組件
                 'e81139675ac1b806d689fb17789e2f99',#斯大林病毒
                 '915178156c8caa25b548484c97dd19c1',#可刪除文件的蠕蟲(chóng)
                 'dac5f1e894b500e6e467ae5d43b7ae3e',#可刪除文件的蠕蟲(chóng)
                 '849da18699ea2332494e431c66be0ca6',#WindowsCrazyError
                 '56975ae355acb292220921ad61c58f2a',#MBR破壞
                 '44d88612fea8a8f36de82e1278abb02f',#引擎測(cè)試程序
                 '297de74cb20a975efaf20cd88fddf270',#鬼影木馬
                 'c729d940eb78e927afcba4046543d8f8',#可讓系統(tǒng)藍(lán)屏的病毒
                 '8c71f2a4b3079332d4f8078eddb9974a',#小豬佩奇病毒
                 '19dbec50735b5f2a72d4199c4e184960',#MEMZ彩虹貓
                 '815b63b8bc28ae052029f8cbdd7098ce',#滑稽病毒
                 'c71091507f731c203b6c93bc91adedb6',#盧本偉病毒
                 "8c689f65508e1353fb3df35df87ba5c7",#'假藍(lán)屏'病毒
                 ]
filles=filedialog.askopenfilenames(title='選擇文件',filetypes=[("All Files","*.*")]) #選擇文件
print(filles)
viruses=[]
try:
    for i in filles:
        fileMD5=GetFileMD5(i)
        print(i+"文件哈希值:"+fileMD5)
        if fileMD5 in Virus_Reservoirs:
            viruses.append(i)
    show_viruses_win=tk.Tk()
    if len(viruses) == 0:
        show_viruses_win.withdraw()
        messagebox.showinfo("查殺結(jié)果","此次查殺未發(fā)現(xiàn)風(fēng)險(xiǎn)項(xiàng)")
        show_viruses_win.destroy()
    else:
        kills=[]
        fail_kills=[]
        def getlujing(event):
            str=""
            index1=viruss.curselection()
            for item in index1:
                str+=viruss.get(item)+"、"
                kills.append(viruss.get(item))    #選擇要清理的病毒
            llabel.config(text="你選擇了"+str)
        def killthem():
            for i in kills:
                kills.remove(i)
                try:
                    os.unlink(i)
                except:
                    fail_kills.append(i)
            show_viruses_win.destroy()
            jieguo_win=tk.Tk()
            jieguo_win.withdraw()
            if len(fail_kills) == 0:
                messagebox.showinfo("yeah","全部清除成功!")
            else:
                messagebox.showinfo("error",f"{fail_kills}清除失敗，請(qǐng)手動(dòng)清除!")
            jieguo_win.destroy()
        show_viruses_win.geometry("480x480") #界面
        show_viruses_win.title("請(qǐng)選擇您想清理的病毒")
        show_viruses_win.configure(bg="#F5D7C4")
        llabel=tk.Label(show_viruses_win,height=5,wraplength=190,justify="left",bg="#F1DAA1",relief="groove")
        llabel.pack(side="top",fill="x",padx="10",pady="10")
        sc1=tk.Scrollbar(show_viruses_win)
        viruss=tk.Listbox(show_viruses_win,height=20,yscrollcommand=sc1.set,selectmode="multiple",justify='center',width=30)
        for i in viruses:
            viruss.insert(tk.END,i)
        viruss.pack(side='left',fill='x')
        viruss.bind("<<ListboxSelect>>",getlujing)
        sc1.pack(side="left",fill="y")
        sc1.config(command=viruss.yview)
        tk.Button(show_viruses_win,text="選擇完畢，開(kāi)始?xì)⒍荆?,relief='groove',fg='white',bg='blue',cursor='hand2',command=killthem).pack()
        show_viruses_win.mainloop()
except:
    show_error_win=tk.Tk()
    show_error_win.withdraw()
    messagebox.showerror("error","無(wú)法查殺病毒或初始化殺毒引擎,請(qǐng)重試")
    show_error_win.destroy()