logo标签列表

在Windows上检测插入的USB

pythonwindowsusb
12

我目前正在用Python编写一个安全工具,该工具在主机上运行作为守护程序。每当检测到USB存储设备时,它将把USB上的所有文件复制到主机计算机上的某个目录中。是否有简单的方法来进行此类USB检测/接口操作?提前感谢!

你使用的是哪个操作系统?对于Linux,可以使用DBus:http://redclay.altervista.org/wiki/doku.php?id=projects:hal-automount - unutbu
对于Linux,请参见https://dev59.com/OXRB5IYBdhLWcg3w6bYE#471099 - unutbu
谢谢回复!我目前正在运行Windows。我需要使用WinAPI来完成这个吗?再次感谢! - kjakeb
2个回答
12

好的,有一种更简单的方法可以在Windows机器上查找USB设备,请使用以下代码:

import win32file

def locate_usb():
    drive_list = []
    drivebits = win32file.GetLogicalDrives()
    for d in range(1, 26):
        mask = 1 << d
        if drivebits & mask:
            # here if the drive is at least there
            drname = '%c:\\' % chr(ord('A') + d)
            t = win32file.GetDriveType(drname)
            if t == win32file.DRIVE_REMOVABLE:
                drive_list.append(drname)
    return drive_list

这段代码实际上是从https://mail.python.org/pipermail/python-win32/2006-December/005406.html中获取的。

不知道这个有多可靠,但我猜对于许多用例来说这将是足够的。感谢提供简单的示例。 - Hakaishin
还可以查看底层的Windows fileapi 函数 GetLogicalDrivesGetDriveTypeA(以及 A vs W)。 - djvg
1
运行良好。此实现跳过驱动器 'A:\'(位位置 0),但是如果我们假设驱动器 'A:\' 永远不会被移除,那么这不是问题。可以使用 while mask < drivebits: ... 而不是遍历所有 26 个字符。 - djvg
11

是的,你需要使用RegisterDeviceNotification Windows API调用。据我所知,没有Python模块包装这个功能,因此你必须使用ctypes来调用此函数。

幸运的是,你不是第一个想要做到这一点的人,因此有一些代码示例在网络上流传。WxPython提供了一个代码示例,但由于你正在编写守护进程,可能对你不感兴趣。你可以尝试下面的代码示例,它依赖于ctypespywin32,从Tim Golden无耻地借鉴而来:

import win32serviceutil
import win32service
import win32event
import servicemanager

import win32gui
import win32gui_struct
struct = win32gui_struct.struct
pywintypes = win32gui_struct.pywintypes
import win32con

GUID_DEVINTERFACE_USB_DEVICE = "{A5DCBF10-6530-11D2-901F-00C04FB951ED}"
DBT_DEVICEARRIVAL = 0x8000
DBT_DEVICEREMOVECOMPLETE = 0x8004

import ctypes

#
# Cut-down clone of UnpackDEV_BROADCAST from win32gui_struct, to be
# used for monkey-patching said module with correct handling
# of the "name" param of DBT_DEVTYPE_DEVICEINTERFACE
#
def _UnpackDEV_BROADCAST (lparam):
  if lparam == 0: return None
  hdr_format = "iii"
  hdr_size = struct.calcsize (hdr_format)
  hdr_buf = win32gui.PyGetMemory (lparam, hdr_size)
  size, devtype, reserved = struct.unpack ("iii", hdr_buf)
  # Due to x64 alignment issues, we need to use the full format string over
  # the entire buffer.  ie, on x64:
  # calcsize('iiiP') != calcsize('iii')+calcsize('P')
  buf = win32gui.PyGetMemory (lparam, size)

  extra = {}
  if devtype == win32con.DBT_DEVTYP_DEVICEINTERFACE:
    fmt = hdr_format + "16s"
    _, _, _, guid_bytes = struct.unpack (fmt, buf[:struct.calcsize(fmt)])
    extra['classguid'] = pywintypes.IID (guid_bytes, True)
    extra['name'] = ctypes.wstring_at (lparam + struct.calcsize(fmt))
  else:
    raise NotImplementedError("unknown device type %d" % (devtype,))
  return win32gui_struct.DEV_BROADCAST_INFO(devtype, **extra)
win32gui_struct.UnpackDEV_BROADCAST = _UnpackDEV_BROADCAST

class DeviceEventService (win32serviceutil.ServiceFramework):

  _svc_name_ = "DevEventHandler"
  _svc_display_name_ = "Device Event Handler"
  _svc_description_ = "Handle device notification events"

  def __init__(self, args):
    win32serviceutil.ServiceFramework.__init__ (self, args)
    self.hWaitStop = win32event.CreateEvent (None, 0, 0, None)
    #
    # Specify that we're interested in device interface
    # events for USB devices
    #
    filter = win32gui_struct.PackDEV_BROADCAST_DEVICEINTERFACE (
      GUID_DEVINTERFACE_USB_DEVICE
    )
    self.hDevNotify = win32gui.RegisterDeviceNotification (
      self.ssh, # copy of the service status handle
      filter,
      win32con.DEVICE_NOTIFY_SERVICE_HANDLE
    )

  #
  # Add to the list of controls already handled by the underlying
  # ServiceFramework class. We're only interested in device events
  #
  def GetAcceptedControls(self):
    rc = win32serviceutil.ServiceFramework.GetAcceptedControls (self)
    rc |= win32service.SERVICE_CONTROL_DEVICEEVENT
    return rc

  #
  # Handle non-standard service events (including our device broadcasts)
  # by logging to the Application event log
  #
  def SvcOtherEx(self, control, event_type, data):
    if control == win32service.SERVICE_CONTROL_DEVICEEVENT:
      info = win32gui_struct.UnpackDEV_BROADCAST(data)
      #
      # This is the key bit here where you'll presumably
      # do something other than log the event. Perhaps pulse
      # a named event or write to a secure pipe etc. etc.
      #
      if event_type == DBT_DEVICEARRIVAL:
        servicemanager.LogMsg (
          servicemanager.EVENTLOG_INFORMATION_TYPE,
          0xF000,
          ("Device %s arrived" % info.name, '')
        )
      elif event_type == DBT_DEVICEREMOVECOMPLETE:
        servicemanager.LogMsg (
          servicemanager.EVENTLOG_INFORMATION_TYPE,
          0xF000,
          ("Device %s removed" % info.name, '')
        )

  #
  # Standard stuff for stopping and running service; nothing
  # specific to device notifications
  #
  def SvcStop(self):
    self.ReportServiceStatus (win32service.SERVICE_STOP_PENDING)
    win32event.SetEvent (self.hWaitStop)

  def SvcDoRun(self):
    win32event.WaitForSingleObject (self.hWaitStop, win32event.INFINITE)
    servicemanager.LogMsg (
      servicemanager.EVENTLOG_INFORMATION_TYPE,
      servicemanager.PYS_SERVICE_STOPPED,
      (self._svc_name_, '')
    )

if __name__=='__main__':
  win32serviceutil.HandleCommandLine (DeviceEventService)
当在Windows 10中使用“start”参数执行脚本时,控制台会显示以下消息: “正在启动服务DevEventHandler”, “启动服务时出错:拒绝访问”。 - Atalanttore
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接