diff --git a/File_Carving/Images/Output.PNG b/File_Carving/Images/Output.PNG new file mode 100644 index 0000000..26e711a Binary files /dev/null and b/File_Carving/Images/Output.PNG differ diff --git a/File_Carving/Images/test_image.jpg b/File_Carving/Images/test_image.jpg new file mode 100644 index 0000000..88d6a95 Binary files /dev/null and b/File_Carving/Images/test_image.jpg differ diff --git a/File_Carving/README.MD b/File_Carving/README.MD new file mode 100644 index 0000000..3a453c8 --- /dev/null +++ b/File_Carving/README.MD @@ -0,0 +1,28 @@ +# File Carving +> **Note:** This version only supports jpg/jpeg file carving. + +This script recursively finds files in the folder and carves files with jpg/jpeg file signature. + +## Usage + +1. Clone this repository + ``` + git clone https://github.com/hastagAB/Awesome-Python-Scripts.git + ``` +2. Move to File_Carving directory + ``` + cd File_Carving + ``` +3. Install reqired package + ``` + pip install -r requirements.txt + ``` +5. Run carving.py + ``` + python carving.py + ``` + +## Example +![Output](https://user-images.githubusercontent.com/76420409/139208797-b4417848-f184-4f65-869f-1c6e061cf3c8.PNG) + + diff --git a/File_Carving/carving.py b/File_Carving/carving.py new file mode 100644 index 0000000..15c2bb0 --- /dev/null +++ b/File_Carving/carving.py @@ -0,0 +1,93 @@ +import os +import binascii + +# var: jpeg signature header +# var: jpeg signature footer +header = "\\xff\\xd8\\xff" +footer = "\\xff\\xd9" + +global file_cnt +file_cnt = 0 +global dir_cnt +dir_cnt = 0 + +# dir read +def fileSearch(dir_path, cnt): + global file_cnt + global dir_cnt + filelist = [] + + for _ in range(cnt): + print("\t", end=" ") + print("[>] Directory: %s" % dir_path) + for files in os.listdir(dir_path): + if os.path.isfile(dir_path+files): + filelist.append(dir_path+files) + for _ in range(cnt): + print("\t", end=" ") + print("[+] File Name: %s" % files) + file_cnt+=1 + elif os.path.isdir(dir_path+files): + for i in range(cnt): + print("\t", end=" ") + print("[!] SubDirectory: \"%s\" found. Start file search in this directory." % files) + filelist.extend(fileSearch(dir_path+files+"/", cnt+1)) + dir_cnt+=1 + + return filelist + +# file open and store carved file +def Carving(file_list): + cnt = 0 + carv_list = [] + print("====================Carving Start====================") + for i in range(len(file_list)): + file = open(file_list[i], 'rb') + carv_cont = findSignature(file) + print("[-] ", file_list[i], " File passed") + + if (len(carv_cont) != 0): + carv = open('carv'+str(cnt)+'.jpeg', 'wb') + for j in range(len(carv_cont)): + carv.write(carv_cont[j]) + print('[*] carv',str(cnt),'.jpeg is created!') + carv_list.append('carv'+str(cnt)+'.jpeg') + cnt+=1 + carv.close + + file.close + return carv_list + +# find signature +def findSignature(file): + flag = 0 + contents = [] + + while(1): + buf = file.read(0x200) + file.tell() + if(len(buf)==0): break + if(flag != 1): + ishead = (str(buf[:3]).split('\'')[1]) + if (header == ishead) and (flag == 0): + contents.append(buf) + flag = 1 + else: + if(footer in (str(buf[-2:]).split('\'')[1])): + contents.append(buf) + return contents + else: + contents.append(buf) + return contents + + +# main +if __name__ == "__main__": + print("==================File Search Start==================") + fl = fileSearch("./", 0) + print(f'\nSEARCH RESULT: %d Files. %d Directory.' % (file_cnt, dir_cnt)) + print("Filelist: %s\n" % fl) + c1 = Carving(fl) + print("Carvlist: %s\n" % c1) + + print("Exit...") \ No newline at end of file diff --git a/File_Carving/requirements.txt b/File_Carving/requirements.txt new file mode 100644 index 0000000..2f5c8c6 --- /dev/null +++ b/File_Carving/requirements.txt @@ -0,0 +1,2 @@ +os +binascii \ No newline at end of file diff --git a/README.md b/README.md index 976f470..76c8cb6 100644 --- a/README.md +++ b/README.md @@ -187,6 +187,7 @@ So far, the following projects have been integrated to this repo: |[Steg_Tool](https://github.com/hastagABAwesome-Python-Scripts/Steg_Tool/)|[Shankar JP](https://github.com/shankarjp)| | [Directory Tree Visualizer](https://github.com/hastagAB/Awesome-Python-Scripts/tree/master/Directory_Tree_Generator) | [Harpreet Singh Saluja](https://github.com/hssaluja25/) | |[Pressure_Converter](https://github.com/E-wave112/Awesome-Python-Scripts/tree/master/Pressure_Converter)|[E-Wave](https://github.com/E-wave112)| +| [File Carving](https://github.com/hastagAB/Awesome-Python-Scripts/tree/master/File_Carving) | [Yeryeong Kim](https://github.com/icarusicarus/) | ## How to use :