Helper code to find replace string in directory recursively

batchStringRepl.py

malCfile="maliciousOnly.txt"
baseDir="back_up_dir/websites"
replCfile="disInfectedComment.txt"
workext="js,php"
import sys,os,time,json
if sys.version_info[0] < 3:
    input=raw_input

print("Current Directory:")
print(os.path.abspath(os.getcwd()))

print("\n--Note: To use default values just press Enter\n")

print("(Find What) Enter txtfile path which contains malicious Code Only")
malCfile=input("Default:[{}] Input:".format(malCfile)).strip() or malCfile

print("\n-----It is suggested to keep a backup copy of infected directory, in case this script goes wrong-----")
print("\n(Find Where) Enter dir path which contains infected code")
baseDir=input("Default:[{}] Input:".format(baseDir)).strip() or baseDir
baseDir=os.path.abspath(baseDir)

print("(Replace With) Enter txtfile path which contains replacement code")
replCfile=input("Default:[{}] Input:".format(replCfile)).strip() or replCfile

#read the malCfile to malC
input("Press enter and view the malicious code here once")
malC="~default-mal-code~"
with open(malCfile,'r',encoding='latin-1') as f:malC=f.read().strip()
if len(malC)>50:print("{}{}{}".format(malC[:25],'.'*9,malC[-25:]))
else:print(malC)

#read the replCfile to replC
input("Press enter and view the replacement code here once")
replC=""
with open(replCfile,'r',encoding='latin-1') as f:replC=f.read().strip()
if len(replC)>50:print("{}{}{}".format(replC[:25],'.'*9,replC[-25:]))
else:print(replC)


input("Press enter to scan the following directory for infected code: {}".format(baseDir))

#scan the dir
allfiles=[]
for root,dirs,files in os.walk(baseDir):
    for file in files:
        allfiles.append(os.path.join(root,file))

print("Scanned. Found {} files.".format(len(allfiles)))

#count malC
extCntr,malCntr,totoccr,T={},{},0,len(allfiles)
for i,fp in enumerate(allfiles):
    fpext=fpext=os.path.splitext(fp)[-1][1:].lower()
    extCntr[fpext]=extCntr.get(fpext,0)+1
    with open(fp,'r',encoding='latin-1') as f:
        cnt=f.read().count(malC)
        totoccr+=cnt
        malCntr[fpext]=malCntr.get(fpext,0)+int(bool(cnt))
    if not i%(T//10):print("Analyzing: {}/{}".format(i,T))

print("Analyzed all files and found {} infections in:".format(totoccr))
print("\t{:>7} : {:>5}/{:>6}".format("ext","malC","total"))
for k in extCntr:
    print("\t{:>7} : {:>5}/{:>6}".format(k,malCntr.get(k,0),extCntr.get(k,0)))

print("(Work only on ext) Enter comma separated extensions on which replacement should be done")
workext=input("Default:[{}] Input:".format(workext)).strip() or workext

workext=list(map(lambda x:x.strip().lower(),workext.split(',')))
tot_=sum(map(lambda x:malCntr.get(x,0),workext))
print("Started replacement job on {} files of {} extensions".format(tot_,workext))


#replaceAllifinExt
replog,T,stT={},len(allfiles),time.time()
for i,fp in enumerate(allfiles):
    fpext=fpext=os.path.splitext(fp)[-1][1:].lower()
    if fpext not in workext:continue
    with open(fp,'r',encoding='latin-1') as f:fr=f.read()
    replog[fp]=fr.count(malC)
    fr=fr.replace(malC,replC)
    with open(fp,'w',encoding='latin-1') as f:f.write(fr)
    if not i%(T//10):print("Progress: {}/{}".format(i,T))

print("Completed job in {:.2f} secs".format(time.time()-stT))
logfile="disInfector.jsonlog.txt"
with open(logfile,'a') as f:
    f.write("\n{}\nJsonLog for Replacement job completed at {:.2f}\n\n{}".format("-"*25,time.time(),json.dumps(replog)))

print("Replacement log dumped at {}".format(os.path.abspath(logfile)))

if input("Do you want to delete unaffected files? (y/n):")=='y':
    for i,fp in enumerate(allfiles):
        if not i%(T//10):print("Delete Progress: {}/{}".format(100*i//T,100))
        if replog.get(fp,0):continue
        #delete fp
        os.remove(fp)

input("Press enter to exit")

A py code to help do mass string find replace jobs

Specially designed to remove malicious codes from the infected static/dynamic site backups