2025年2月14日 星期五 甲辰(龙)年 腊月十四 设为首页 加入收藏
rss
您当前的位置:首页 > 计算机 > 编程开发 > Python

python 常用系统操作

时间:04-01来源:作者:点击数:38

一、监听系统目录

  • import os
  • import win32file
  • import datetime
  • import win32con
  • """
  • 监听某目录的文件,如果文件有增删改查,则输出变动文件路径
  • """
  • def jtwj(path_to_watch=None):
  • if path_to_watch is None:
  • path_to_watch = 'D:\\' # 要监听文件的路径, 默认为D盘
  • ACTIONS = {
  • 1: "Created",
  • 2: "Deleted",
  • 3: "Updated",
  • 4: "Renamed from something",
  • 5: "Renamed to something"
  • }
  • FILE_LIST_DIRECTORY = win32con.GENERIC_READ | win32con.GENERIC_WRITE
  • hDir = win32file.CreateFile(
  • path_to_watch,
  • FILE_LIST_DIRECTORY,
  • win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE,
  • None,
  • win32con.OPEN_EXISTING,
  • win32con.FILE_FLAG_BACKUP_SEMANTICS,
  • None
  • )
  • while 1:
  • results = win32file.ReadDirectoryChangesW(
  • hDir, # handle(句柄):要监视的目录的句柄。这个目录必须用 FILE_LIST_DIRECTORY 访问权限打开。
  • 1024, # size(大小): 为结果分配的缓冲区大小。
  • True, # bWatchSubtree: 指定 ReadDirectoryChangesW 函数是否监视目录或目录树。
  • win32con.FILE_NOTIFY_CHANGE_FILE_NAME |
  • win32con.FILE_NOTIFY_CHANGE_DIR_NAME |
  • win32con.FILE_NOTIFY_CHANGE_ATTRIBUTES |
  • win32con.FILE_NOTIFY_CHANGE_SIZE |
  • win32con.FILE_NOTIFY_CHANGE_LAST_WRITE |
  • win32con.FILE_NOTIFY_CHANGE_SECURITY,
  • None,
  • None)
  • for action, file in results:
  • full_filename = os.path.join(path_to_watch, file)
  • status = ACTIONS.get(action, "Unknown")
  • print(full_filename, status)
  • if __name__ == '__main__':
  •     folders = "D:\\"
  •     jtwj(folders)
  • 输出结果:D:\tools\Tools\June_2018\2018-6-6\2018-6-6.txt Updated

1.1、监控系统目录---并输出文件内容:

  • import os
  • import tempfile
  • import threading
  • import win32file
  • import win32con
  • # 这些是典型的临时文件所在的路径
  • dirs_to_monitor = ["C:\\WINDOWS\\temp",tempfile.gettempdir()]
  • # 文件修改行为对应的常量
  • FILE_CREATED = 1
  • FILE_DELETED = 2
  • FILE_MODIFIED = 3
  • FILE_RENAMED_FROM = 4
  • FILE_RENAMED_T0 = 5
  • def start_monitor(path_to_watch):
  • # 为每一个监控起一个线程
  • FILE_LIST_DIRECTORY = 0x0001
  • h_directory = win32file.CreateFile(
  • path_to_watch,
  • FILE_LIST_DIRECTORY,
  • win32con.FILE_SHARE_READ | win32con.FILE_SHARE_WRITE | win32con.FILE_SHARE_DELETE,
  • None,
  • win32con.OPEN_EXISTING,
  • win32con.FILE_FLAG_BACKUP_SEMANTICS,
  • None)
  • while 1:
  • try:
  • results = win32file.ReadDirectoryChangesW(
  • h_directory,
  • 1024,
  • True,
  • win32con.FILE_NOTIFY_CHANGE_FILE_NAME |
  • win32con.FILE_NOTIFY_CHANGE_DIR_NAME |
  • win32con.FILE_NOTIFY_CHANGE_ATTRIBUTES |
  • win32con.FILE_NOTIFY_CHANGE_SIZE |
  • win32con.FILE_NOTIFY_CHANGE_LAST_WRITE |
  • win32con.FILE_NOTIFY_CHANGE_SECURITY,
  • None,
  • None
  • )
  • for action,file_name in results:
  • full_filename = os.path.join(path_to_watch,file_name)
  • if action == FILE_CREATED:
  • print('[ + ] Created %s'%full_filename)
  • elif action == FILE_DELETED:
  • print('[ - ] Deleted %s'%full_filename)
  • elif action == FILE_MODIFIED:
  • print('[ * ] Modified %s'%full_filename)
  • # 输出文件内容
  • print('[vvv] Dumping contents...')
  • try:
  • with open(full_filename,'rb') as f:
  • contents = f.read()
  • print(contents.decode('gbk'))
  • print("[^^^] Dump complete.")
  • except:
  • print("[!!!] Failed.")
  • elif action == FILE_RENAMED_FROM:
  • print("[ > ] Renamed from: %s"%full_filename)
  • elif action == FILE_RENAMED_T0:
  • print("[ < ] Renamed to: %s"%full_filename)
  • else:
  • print("[???] Unknown: %s"%full_filename)
  • except:
  • pass
  • if __name__ == '__main__':
  • for path in dirs_to_monitor:
  • monitor_thread = threading.Thread(target=start_monitor,args=(path,))
  • print("Spawning monitoring thread for path: %s"%path)
  • monitor_thread.start()
  • 执行结果:
  • Spawning monitoring thread for path: C:\WINDOWS\temp
  • Spawning monitoring thread for path: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
  • >>> [ * ] Modified C:\WINDOWS\temp\秘密.txt
  • [vvv] Dumping contents...
  • 告诉你一个秘密
  • [^^^] Dump complete.
  • [ * ] Modified C:\WINDOWS\temp\秘密.txt
  • [vvv] Dumping contents...
  • 告诉你一个秘密
  • [^^^] Dump complete.
  • [ + ] Created C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_rhug6Wh45c6YmKL
  • [ - ] Deleted C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\etilqs_rhug6Wh45c6YmKL

二、查询本机mac地址,本机名称,本机IP

  • def get_mac_name_ip():
  •     """ 获得本机计算机名称,mac地址,内网IP地址 """
  •     import socket,uuid
  •     # 获取Mac地址
  •     mac = uuid.UUID(int = uuid.getnode()).hex[-12:]
  •     mac = ":".join([mac[e:e+2] for e in range(0,11,2)])
  •     #获取本机电脑名
  •     name = socket.getfqdn(socket.gethostname())
  •     #获取本机ip
  •     ip = socket.gethostbyname(name)
  •     return mac,name,ip
  • print(get_mac_name_ip())
  • 输出结果:('88:d8:f6:c8:b5:d2', 'computerName', '192.168.1.18')

三,查询局域网内的计算机名称与对应的IP地址

  • import os
  • import re
  • import threading
  • """
  • 局域网内IP地址查询
  • """
  • NAME_IP = {}
  • def get_local_name():
  •     n = os.popen('net view')
  •     n = n.read()
  •     n = n.split()
  •     name = [i.replace('\\','') for i in n if '\\' in i]
  •     return name
  • def get_local_ip(name):
  •     a = os.popen('ping -4 %s'%name).read()
  •     ip = re.findall(r'\[(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\]',a)[0]
  •     global NAME_IP
  •     NAME_IP[name] = ip
  • def get_local():
  •     names = get_local_name()
  •     name_tdg = []
  •     for i in names:
  •         name_tdg.append(threading.Thread(target=get_local_ip,args=(i,)))
  •     for i in range(len(name_tdg)):
  •         name_tdg[i].start()
  •     for i in range(len(name_tdg)):
  •         name_tdg[i].join()
  •     print(NAME_IP)
  • if __name__ == '__main__':
  •     get_local()
  • 输出结果:{'computerName': '192.168.1.18'}

四、利用 WMI 监视进程

  • import win32con
  • import win32api
  • import win32security
  • import os
  • import sys
  • import wmi
  • def log_to_file(message):
  • ''' 把信息写入到日志文件 '''
  • with open('process_monitor_log.txt','ab') as f:
  • f.write(('%s\r\n'%message).encode())
  • def runs():
  • ''' 开始监视我们系统的进程 '''
  • # 创建一个日志文件的头部信息
  • log_to_file("Time,User,Executable,CommandLine,PID,Parent PID,Privileges")
  • # 初始化WMI接口
  • c = wmi.WMI()
  • # 创建进程监控器
  • process_watcher = c.Win32_Process.watch_for('creation')
  • while True:
  • try:
  • new_process = process_watcher()
  • proc_owner = new_process.GetOwner()
  • proc_owner = '%s\\%s'%(proc_owner[0],proc_owner[2])
  • create_date = new_process.CreationDate
  • executable = new_process.ExecutablePath
  • cmdline = new_process.CommandLine
  • pid = new_process.ProcessId
  • parent_pid = new_process.ParentProcessId
  • privileges = 'N/A'
  • process_log_message = '%s,%s,%s,%s,%s,%s,%s\r\n'%(create_date,
  • proc_owner,executable,cmdline,pid,parent_pid,privileges)
  • print(process_log_message)
  • log_to_file(process_log_message)
  • except Exception as exc:
  • print(exc)
  • if __name__ == '__main__':
  • runs()
  • 执行本程序,打开某个记事本后,输出结果:
  • 20180615163430.968750+480,PC1\Administrator,C:\WINDOWS\system32\NOTEPAD.EXE,"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Documents and Settings\Administrator\桌面\秘密.txt,10108,5600,N/A

五、关闭屏幕 与 锁屏

  • from ctypes import *
  • import time
  • class User32:
  • def __init__(self):
  • self.user = windll.user32
  • def box(self):
  • """ 弹出确认框,是:6,否:7,取消:2 """
  • return self.user.MessageBoxW(None,'现在已经12点了,该吃饭了!','消息提示',3)
  • def close_screen(self):
  • """ 关闭电脑屏幕 """
  • wn_syscommand = 0x0112
  • sc_monitorpower = 0xf170
  • HWND_BROAOCAST = self.user.FindWindowExA(None,None,None,None)
  • v=self.user.SendMessageA(HWND_BROAOCAST,wn_syscommand,sc_monitorpower,2)
  • print(v)
  • def lock_screen(self):
  • """ 锁屏 """
  • self.user.LockWorkStation()
  • if __name__ == '__main__':
  • u32 = User32()
  • u32.box()
  • for i in range(6):
  • u32.close_screen()
  • time.sleep(1)
  • u32.lock_screen()

六、监听键盘与鼠标

  • import pythoncom
  • import pyHook
  • def onMouseEvent(event):
  • # 监听鼠标事件
  • print("MessageName:", event.MessageName)
  • print("Message:", event.Message)
  • print("Time:", event.Time)
  • print("Window:", event.Window)
  • print("WindowName:", event.WindowName)
  • print("Position:", event.Position)
  • print("Wheel:", event.Wheel)
  • print("Injected:", event.Injected)
  • print("---")
  • # 返回 True 以便将事件传给其它处理程序
  • # 注意,这儿如果返回 False ,则鼠标事件将被全部拦截
  • # 也就是说你的鼠标看起来会僵在那儿,似乎失去响应了
  • return True
  • def onKeyboardEvent(event):
  • # 监听键盘事件
  • print("MessageName:", event.MessageName)
  • print("Message:", event.Message)
  • print("Time:", event.Time)
  • print("Window:", event.Window)
  • print("WindowName:", event.WindowName)
  • print("Ascii:", event.Ascii, chr(event.Ascii))
  • print("Key:", event.Key)
  • print("KeyID:", event.KeyID)
  • print("ScanCode:", event.ScanCode)
  • print("Extended:", event.Extended)
  • print("Injected:", event.Injected)
  • print("Alt", event.Alt)
  • print("Transition", event.Transition)
  • print("---")
  • # 同鼠标事件监听函数的返回值
  • return True
  • def main():
  • # 创建一个“钩子”管理对象
  • hm = pyHook.HookManager()
  • # 监听所有键盘事件
  • hm.KeyDown = onKeyboardEvent
  • # 设置键盘“钩子”
  • hm.HookKeyboard()
  • # 监听所有鼠标事件
  • hm.MouseAll = onMouseEvent
  • # 设置鼠标“钩子”
  • hm.HookMouse()
  • # 进入循环,如不手动关闭,程序将一直处于监听状态
  • pythoncom.PumpMessages()
  • if __name__ == "__main__":
  • main()
方便获取更多学习、工作、生活信息请关注本站微信公众号城东书院 微信服务号城东书院 微信订阅号
推荐内容
相关内容
栏目更新
栏目热门