January 18, 2020
How to trace file creation and modification date using C++ Programming
This script is used to collect files creation and modification date information from your system drive, we can search any date to know the results and all output will be stored in a flat file, so its easier to view the log. Before running this program, please confirm the read/write permission for the output flat file (FileList.txt).
[Download Source code]
It helps to know what all files are created/update on those given search date. Most malware programs try to inject/affect the files, so it helps to debug those affected files. I wrote this script using Borland C++ 5.5 Version under Windows Platform. You can modify or reuse the codes as per your requirement, its Free to use.
[Download Source code]
It helps to know what all files are created/update on those given search date. Most malware programs try to inject/affect the files, so it helps to debug those affected files. I wrote this script using Borland C++ 5.5 Version under Windows Platform. You can modify or reuse the codes as per your requirement, its Free to use.
Finder.cpp
1 #include<iostream.h>
2 #include<conio.h>
3 #include<dirent.h>
4 #include<dir.h>
5 #include<process.h>
6 #include<string.h>
7 #include<stdio.h>
8 #include<io.h>
9 #include<dos.h>
10 #include<sys/stat.h>
11
12 int found=0;
13 struct ffblk vfile;
14 unsigned long int udata;
15 char ch,present[MAXPATH];
16 int year,month,day;
17
18 int next_directory(char *);
19 void scan_directory(char *);
20
21 void main(int account,char *arg[],char *env[])
22 {
23 clrscr();
24 getcwd(present,MAXPATH);
25
26 DIR *dir;
27 struct dirent *temp;
28 cout<<"\nWelcome to Finder for file view";
29 cout<<"\n\nEnter drive:";
30 cin>>ch;
31
32 char base[]="X:\\";
33 base[0]=ch;
34 if ((dir = opendir(base)) == NULL)
35 {
36 clrscr();
37 cout<<"\nError : Derive not found";
38 getch();
39 exit(0);
40 }
41 else
42 {
43 if(access("FileList.txt",0)==0)
44 unlink("FileList.txt");
45 cout<<"\n\n\nScan Date Details:";
46 cout<<"\n\nEnter Year:";
47 cin>>year;
48 cout<<"\nEnter Month:";
49 cin>>month;
50 if( !(month>=1 && month<=12) )
51 {
52 clrscr();
53 cout<<"\nError:Value of month is not exist";
54 getch();
55 exit(0);
56 }
57 cout<<"\nEnter Day:";
58 cin>>day;
59 if( !(day>=1 && day<=31) )
60 {
61 clrscr();
62 cout<<"\nError:Value of day is not exist";
63 getch();
64 exit(0);
65 }
66 }
67
68 scan_directory(base);
69 while ((temp = readdir(dir)) != NULL)
70 {
71 char *directory = (char *) malloc(3+strlen(temp->d_name)+1);
72 strcpy(directory,base);
73 strcat(directory,temp->d_name);
74 next_directory(directory);
75 free(directory);
76 }
77 closedir(dir);
78
79 clrscr();
80 if(access("FileList.txt",0)==0)
81 cout<<"\n\nSystem: Successfully Find all files and stored in FileList.txt";
82 else
83 cout<<"\n\nSystem: No file has Modified on"<<day<<"//"<<month<<"//"<<year;
84 sleep(3);
85 }
86
87 int next_directory(char *path)
88 {
89 int count=0;
90 DIR *dirtemp;
91 char *hold,*temp;
92 struct dirent *ptemp;
93
94
95 hold=path;
96 if ((dirtemp = opendir(path)) != NULL)
97 scan_directory(path);
98 else
99 return 0;
100
101
102 while ((ptemp = readdir(dirtemp)) != NULL)
103 {
104 char *directory = (char *) malloc(1+strlen(ptemp->d_name)+1);
105 directory[0]='\\';
106 strcpy(directory+1,ptemp->d_name);
107 if(directory[1]!='\.')
108 {
109 count=strlen(hold);
110 temp = (char *) malloc(strlen(hold)+strlen(directory)+1);
111 strcpy(temp,hold);
112 strcat(temp,directory);
113 free(directory);
114 if(opendir(temp)!=NULL)
115 next_directory(temp);
116 temp[count]='\0';
117 free(temp+count+1);
118 hold=temp;
119 }
120 else
121 free(directory);
122 }
123 closedir(dirtemp);
124 return 0;
125 }
126
127 void scan_directory(char *tempo)
128 {
129 cout<<"\n"<<tempo;
130
131 FILE *stream;
132 struct ftime ft;
133
134 if(present[0]==tempo[0])
135 chdir(tempo);
136 else
137 {
138 setdisk(tempo[0]-65);
139 chdir(tempo);
140 }
141
142 udata = findfirst("*.*",&vfile,0x02);
143 while (!udata)
144 {
145 stream = fopen(vfile.ff_name,"r");
146 if(stream==NULL)
147 {
148 fclose(stream);
149 udata=findnext(&vfile);
150 continue;
151 }
152 else
153 {
154 getftime(fileno(stream), &ft);
155 if(year==ft.ft_year+1980 && month==ft.ft_month && day==ft.ft_day)
156 {
157 //cout<<"\n"<<tempo<<" "<<vfile.ff_name<<" Hour:"<<ft.ft_hour<<" Min:"<<ft.ft_min<<" Sec:"<<ft.ft_tsec *2;
158 if(present[0]==tempo[0])
159 system("cd\\");
160 chdir(present);
161
162 char string[25];
163 FILE *fp = fopen("FileList.txt","a+");
164
165 if(found==0)
166 {
167 fputs("Scan Date: ",fp);
168 itoa(ft.ft_day, string, 10);
169 fputs(string,fp);
170 fputc('\\',fp);
171
172 itoa(ft.ft_month, string, 10);
173 fputs(string,fp);
174 fputc('\\',fp);
175
176 itoa((ft.ft_year+1980), string, 10);
177 fputs(string,fp);
178 fputs("\n\n",fp);
179 found=1;
180 }
181
182 unsigned get;
183 _dos_getfileattr(vfile.ff_name,&get);
184 if (get & _A_HIDDEN)
185 fputs("[Hidden File] ",fp);
186
187 get=0;
188 if(ft.ft_hour<10)
189 get=1;
190 itoa(ft.ft_hour, string, 10);
191 fputs(string,fp);
192 fputc('\\',fp);
193
194 if(ft.ft_min<10)
195 get=get+1;
196 itoa(ft.ft_min, string, 10);
197 fputs(string,fp);
198 fputc('\\',fp);
199
200 if(ft.ft_tsec<10)
201 get=get+1;
202 itoa(ft.ft_tsec, string, 10);
203 fputs(string,fp);
204
205 for(int count=0;count<get;count++)
206 fputs(" ",fp);
207
208 fputs(" ",fp);
209 fputs(tempo,fp);
210 fputs(" ",fp);
211
212 fputs(vfile.ff_name,fp);
213 fputc('\n',fp);
214 fclose(fp);
215
216 if(present[0]==tempo[0])
217 chdir(tempo);
218 else
219 {
220 setdisk(tempo[0]-65);
221 chdir(tempo);
222 }
223 }
224 fclose(stream);
225 }
226 udata=findnext(&vfile);
227 }
228 if(present[0]==tempo[0])
229 system("cd\\");
230 chdir(present);
231 }
If you love this article, please share your comments or follow our social media page.
Power by Blogger
No comments:
Post a Comment