Data Storage and Config

AdvancedFIM_DataStorage.py

import os,hashlib,time,base64,sqlite3,configparser

db = sqlite3.connect('FileIntegrityMonitor.db')
db.row_factory = sqlite3.Row
cur=db.cursor()
conf = configparser.ConfigParser()
conf.read('FileIntegrityMonitor.ini')
def configureDatabase():
  db.execute('CREATE TABLE IF NOT EXISTS Monitor (ID INTEGER PRIMARY KEY AUTOINCREMENT, Path TEXT NOT NULL, Recursive BIT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS File (ID INTEGER PRIMARY KEY AUTOINCREMENT, FilePath TEXT NOT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS Hash (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Hash TEXT NOT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS Recovery (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Base64 TEXT NOT NULL)')
def initializeFiles():
  for fimFile in getFiles():
    ID=cur.execute('SELECT ID FROM File WHERE FilePath=?',(fimFile,)).fetchone()
    if ID == None:
      cur.execute('INSERT INTO File(FilePath) VALUES(?)',(fimFile,))
      newID = cur.lastrowid
      cur.execute('INSERT INTO Hash(FileID,Hash) VALUES(?,?)',(newID,getHash(fimFile),))
      cur.execute('INSERT INTO Recovery(FileID,Base64) VALUES(?,?)',(newID,getBase64(fimFile),))
    else:
      cur.execute('UPDATE Hash SET Hash=? WHERE FileID=?',(getHash(fimFile),ID[0],))
      cur.execute('UPDATE Recovery SET Base64=? WHERE FileID=?',(getBase64(fimFile),ID[0],))
  db.commit()
def getFiles():
  filesList=[]
  for x in cur.execute('SELECT * FROM Monitor').fetchall():
    if os.path.isdir(x['Path']):
      if x['Recursive']:
        filesList.extend([os.path.join(root, f) for (root, dirs, files) in os.walk(x['Path']) for f in files])
      else:
        filesList.extend([item for item in os.listdir(x['Path']) if os.path.isfile(item)])
    elif os.path.isfile(x['Path']):
      filesList.append(x['Path'])
  return filesList
def getHash(fimFile):
  with open(fimFile,"rb") as f:
    bytes = f.read()
  return hashlib.sha256(bytes).hexdigest()
def getBase64(fimFile):
  return base64.b64encode(open(fimFile, "rb").read())
configureDatabase()
initializeFiles()
files=getFiles()

while True:
  for fimFile in files:
    hash=getHash(fimFile)
    storedFile=cur.execute('SELECT * FROM File F LEFT JOIN Hash H ON F.ID=H.FileID WHERE FilePath=?',(fimFile,)).fetchone()
    if storedFile != None and hash != storedFile['Hash']:
      print('%s\t%s has been changed!'%(time.strftime("%Y-%m-%d %H:%M:%S") , fimFile))
  time.sleep(int(conf.get('Timer', 'Wait')))

ConfigParser.py

import configparser

conf = configparser.ConfigParser()
conf.read('FileIntegrityMonitor.ini')

print(int(conf.get('Timer', 'Wait')))

ConfigureDatabase.py

import sqlite3

db = sqlite3.connect('FileIntegrityMonitor.db')
db.row_factory = sqlite3.Row
cur=db.cursor()

def configureDatabase():
  db.execute('CREATE TABLE IF NOT EXISTS Monitor (ID INTEGER PRIMARY KEY AUTOINCREMENT, Path TEXT NOT NULL, Recursive BIT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS File (ID INTEGER PRIMARY KEY AUTOINCREMENT, FilePath TEXT NOT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS Hash (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Hash TEXT NOT NULL)')
  db.execute('CREATE TABLE IF NOT EXISTS Recovery (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Base64 TEXT NOT NULL)')
  
configureDatabase()

FileIntegrityMonitor.INI

[Timer]
Wait: 1

InitializeFiles.py

def initializeFiles():
  for fimFile in getFiles():
    ID=cur.execute('SELECT ID FROM File WHERE FilePath=?',(fimFile,)).fetchone()
    if ID == None:
      cur.execute('INSERT INTO File(FilePath) VALUES(?)',(fimFile,))
      newID = cur.lastrowid
      cur.execute('INSERT INTO Hash(FileID,Hash) VALUES(?,?)',(newID,getHash(fimFile),))
      cur.execute('INSERT INTO Recovery(FileID,Base64) VALUES(?,?)',(newID,getBase64(fimFile),))
    else:
      cur.execute('UPDATE Hash SET Hash=? WHERE FileID=?',(getHash(fimFile),ID[0],))
      cur.execute('UPDATE Recovery SET Base64=? WHERE FileID=?',(getBase64(fimFile),ID[0],))
  db.commit()
def getFiles():
  filesList=[]
  for x in cur.execute('SELECT * FROM Monitor').fetchall():
    if os.path.isdir(x['Path']):
      if x['Recursive']:
        filesList.extend([os.path.join(root, f) for (root, dirs, files) in os.walk(x['Path']) for f in files])
      else:
        filesList.extend([item for item in os.listdir(x['Path']) if os.path.isfile(item)])
    elif os.path.isfile(x['Path']):
      filesList.append(x['Path'])
  return filesList

InsertData.sql

INSERT INTO Monitor([Path],[Recursive]) VALUES('C:\Users\Ryan\Dropbox\SVL\Projects\AdvancedFIM_GatherFiles',1);
INSERT INTO Monitor([Path],[Recursive]) VALUES('C:\Users\Ryan\Dropbox\SVL\Projects',0);
INSERT INTO Monitor([Path],[Recursive]) VALUES('C:\Users\Ryan\Dropbox\SVL\Projects\BasicFIM\BasicFIM.py',null);