python 恢复回收站的内容

!/usr/bin/python

coding=utf-8

import os import optparse from _winreg import *

逐一测试回收站的目录是否存在，并返回第一个找到的回收站目录

def returnDir(): dirs=['C:\Recycler\', 'C:\Recycled\', 'C:\$Recycle.Bin\'] for recycleDir in dirs: if os.path.isdir(recycleDir): return recycleDir return None

操作注册表来获取相应目录属主的用户名

def sid2user(sid): try: key = OpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" + '\' + sid) (value, type) = QueryValueEx(key, 'ProfileImagePath') user = value.split('\')[-1] return user except: return sid

def findRecycled(recycleDir): dirList = os.listdir(recycleDir) for sid in dirList: files = os.listdir(recycleDir + sid) user = sid2user(sid) print '\n[*] Listing Files For User: ' + str(user) for file in files: print '[+] Found File: ' + str(file)

def main(): recycledDir = returnDir() findRecycled(recycledDir)

if name == 'main': main()