Paste P6507

naughty_detector.py
ActivePublic

Authored by zhuyifei1999 on Dec 31 2017, 5:19 AM.
1#! /usr/bin/env python3
2
3import datetime
4import os
5import time
6
7os.chdir('/proc')
8
9next_data = set()
10
11while True:
12last_data, next_data = next_data, set()
13
14for proc in os.listdir():
15try:
16int(proc)
17except ValueError:
18continue
19
20try:
21with open(os.path.join(proc, 'stat'), 'rb') as f:
22data = f.read().split(b' ')
23except OSError:
24continue
25
26if data[2] == b'D':
27try:
28with open(os.path.join(proc, 'cmdline'), 'rb') as f:
29cmdline = repr(f.read().rstrip(b'\x00').split(b'\x00'))
30except OSError:
31cmdline = '(Unknown)'
32
33v = proc, cmdline
34next_data.add(v)
35
36if v in last_data:
37print('[%s] PID %s: %s' % ((datetime.datetime.now().isoformat(),) + v))
38
39time.sleep(10)
bd808 added a subscriber: bd808.Dec 31 2017, 5:20 AM
zhuyifei1999 updated the paste's language from autodetect to python.Jan 1 2018, 5:58 AM
zhuyifei1999 edited the content of this paste. (Show Details)
zhuyifei1999 edited the content of this paste. (Show Details)Jan 25 2018, 5:13 PM