SYS440 Project 4: Ransomware - zacharylongo/Tech-Journals GitHub Wiki

Watchdog / Python

import os
import time
import shutil
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandler

# Event handler for file system events
class MyHandler(FileSystemEventHandler):
    def on_created(self, event):
        if event.is_directory:
            return

        file_path = event.src_path
        print(f"File '{file_path}' has been created.")

        # Check if the file already has a .backup extension
        if not file_path.lower().endswith('.backup'):
            # Create a backup folder on the desktop if it doesn't exist
            desktop_path = os.path.join(os.path.expanduser("~"), "Desktop")
            backups_folder = os.path.join(desktop_path, "Backups")
            os.makedirs(backups_folder, exist_ok=True)

            # Create a backup of the original file in the Backups folder
            backup_file_name = os.path.splitext(os.path.basename(file_path))[0]
            backup_path = os.path.join(backups_folder, backup_file_name + '.backup')
            original_file_path = file_path[:-len('.encrypted')]
            shutil.copy2(original_file_path, backup_path)
            print(f"Backup created: '{backup_path}'")

# Directory to monitor for changes
directory_path = "C:\\Users\\micah\\Desktop\\EncryptMe"

# Set up the watchdog observer and event handler
event_handler = MyHandler()
observer = Observer()
observer.schedule(event_handler, directory_path, recursive=True)

# Start the observer
observer.start()

try:
    while True:
        time.sleep(1)
except KeyboardInterrupt:
    observer.stop()

observer.join()