This script can be used to locally search through stored files for any Credit/Debit card details. It is portable and requires no additional Python (built with 2.7 in mind) libraries to operate.
cardscan4linux.py [-h] [-o] [-D DEPTH] [-d MINDEPTH] [-l LINES] [-p PATH] -e EXTENSIONS [EXTENSIONS ...] [-x EXCLUDE_DIR [EXCLUDE_DIR ...]] [-max MAXSIZE] [-min MINSIZE] [-mount] [-v]
-D command flags are used to specify the minimum scan depth, and also the maximum scan depth. This is useful for instances where too many symlinked directories result in
- Default Min: 0
- Default Max: 3
Remote Scanning via Mounting
By mounting a remote file system to the local (i.e. where the script will be run) Linux system you can effectively scan the remote host by using the
-mount command flag when running the tool. By default remote mounted systems are not scanned.
- Default: False (Off)
It is possible to exclude certain directories from being scanned by using the
-x/--exclude command flag when running the script. Multiple directories can be excluded, which includes the use of wildcards using the asterisk character
*. An example is as follows:
-x /var */adam/* /tmp.
Note: It is not neccessary to include wildcards, however if you are using a child-directory as the exclusions then the wildcards will be necessary either side of the forward slashes.
- Default: NONE
Min Size / Max Size
-max/--max-size command flags are used when performing the file discovery. Specifically each are used to set the minimum and maximum file sizes, respectively, of the files that will be audited for payment card-data.
Sizes are denoted within 'bytes', c = bytes, k = Kilobytes, M = Megabytes, G = Gigabytes
- Default Min: 16c
- Default Max: 100k
To specify the targeted file-extensions use the
-e/--extensions command flag, with one or more extension types separated by spaces. For example:
-e txt doc xlsx csv. There is no limit to the amount of extensions that can be used for the search, however bear in mind that the more extensions that are specified then the longer the scan could possibly take to complete. Be weary whilst scaning file-storage servers.
- Default: NONE
Max Number of Lines to Audit
By default the maximum number of lines that will be audited within each file will be '50'. Specifying more will perform a more thorough scan for card data, but more resources will be used and the total scan time will increase. Example:
- Default: 50
-h, --help Show this help message and exit
-o, --output Output data to a file instead of the Terminal.
-D DEPTH, --max-depth DEPTH Enter the max depth that the scanner will search from the given directory (Default is 3).
-d MINDEPTH, --min-depth MINDEPTH Enter the min depth that the scanner will search from the given directory (No Default).
-l LINES, --lines LINES Enter the number of lines from the file to cycle through (Default is 50)
-p PATH, --path PATH Input the directory path that you want to recursively search through, e.g. /var (Default is /)
-e EXTENSIONS [EXTENSIONS ...], --extensions EXTENSIONS [EXTENSIONS ...] Input the file extensions that should be searched for, separated by spaces.
-x EXCLUDE_DIR [EXCLUDE_DIR ...], --exclude EXCLUDE_DIR [EXCLUDE_DIR ...] Input the directories to exclude, separated by spaces. Wildcards can be used, e.g. /var/*
-max MAXSIZE, --max-size MAXSIZE Enter the maximum file-size to search for (Default 100 Kilobytes). Units: "c" for bytes, "k" for Kilobytes, "M" for Megabytes
-min MINSIZE, --min-size MINSIZE Enter the minimum file-size to search for (Default 16 Bytes). Units: "c" for bytes, "k" for Kilobytes, "M" for Megabytes
-mount, --scan-mount Enable to scan the mounted remote file systems (Default is off.)
-v, --verbose Display verbose messages (Warning: output can be huge).
[root@sc ~]# ./cardscan4linux.py -e txt -d 8
[ Root Path ]______________/
[ Max Size ]_______________100k
[ Min Size ]_______________16c
[ Extensions ]_____________['txt']
[ Lines per file ]_________50
[ Depth of search ]________8
[ Scan Mounted Dirs ]______False
[ Exclusions ]_____________/var
[*] Starting file-system scan. This may take a while...
[*] File-system search complete. 24855 files to check for card-data.
[*] Card scanning complete. 24855 total files were scanned in 8 seconds.
- Create some sort of progress bar for the 'find' subprocess