java实现U盘插入监控以及上传下载行为记录
时间: 2023-04-10 17:04:53 浏览: 103
可以使用Java提供的JNA库来实现U盘插入监控,同时使用Java的IO流来记录上传下载行为记录。具体实现可以参考以下代码:
import com.sun.jna.platform.win32.*;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import com.sun.jna.platform.win32.WinNT.HANDLEByReference;
import com.sun.jna.platform.win32.WinNT.PVOID;
import com.sun.jna.platform.win32.WinNT.ULONG_PTR;
import com.sun.jna.platform.win32.WinUser.*;
public class USBMonitor {
private static final int WM_DEVICECHANGE = 0x0219;
private static final int DBT_DEVICEARRIVAL = 0x8000;
private static final int DBT_DEVICEREMOVECOMPLETE = 0x8004;
private static final int DBT_DEVTYP_VOLUME = 0x00000002;
private static final int DBT_DEVNODES_CHANGED = 0x0007;
private static final int FILE_SHARE_READ = 0x00000001;
private static final int FILE_SHARE_WRITE = 0x00000002;
private static final int FILE_SHARE_DELETE = 0x00000004;
private static final int OPEN_EXISTING = 3;
private static final int GENERIC_READ = 0x80000000;
private static final int GENERIC_WRITE = 0x40000000;
private static final int FILE_ATTRIBUTE_NORMAL = 0x80;
private static final int FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private static final String DRIVE_LETTER_PREFIX = "\\\\?\\";
private static final String VOLUME_GUID_PREFIX = "\\\\?\\Volume{";
private static final String VOLUME_GUID_SUFFIX = "}\\";
private static final String LOG_FILE_PATH = "C:\\usb_log.txt";
private static HANDLE hLogFile = null;
public static void main(String[] args) {
hLogFile = Kernel32.INSTANCE.CreateFile(LOG_FILE_PATH, GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, null, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, null);
if (hLogFile == WinBase.INVALID_HANDLE_VALUE) {
System.err.println("Failed to open log file: " + LOG_FILE_PATH);
return;
}
WndProc usbWndProc = new WndProc() {
@Override
public LRESULT callback(HWND hWnd, int uMsg, WPARAM wParam, LPARAM lParam) {
if (uMsg == WM_DEVICECHANGE) {
switch (wParam.intValue()) {
case DBT_DEVICEARRIVAL:
DEV_BROADCAST_VOLUME vol = new DEV_BROADCAST_VOLUME(lParam);
if (vol.dbcv_devicetype == DBT_DEVTYP_VOLUME) {
String driveLetter = getDriveLetter(vol.dbcv_unitmask);
String volumeGuid = getVolumeGuid(driveLetter);
log("U盘插入: " + volumeGuid);
}
break;
case DBT_DEVICEREMOVECOMPLETE:
DEV_BROADCAST_VOLUME vol2 = new DEV_BROADCAST_VOLUME(lParam);
if (vol2.dbcv_devicetype == DBT_DEVTYP_VOLUME) {
String driveLetter = getDriveLetter(vol2.dbcv_unitmask);
String volumeGuid = getVolumeGuid(driveLetter);
log("U盘拔出: " + volumeGuid);
}
break;
case DBT_DEVNODES_CHANGED:
log("设备节点变化");
break;
}
}
return User32.INSTANCE.DefWindowProc(hWnd, uMsg, wParam, lParam);
}
};
String className = "USBMonitor";
WNDCLASS wc = new WNDCLASS();
wc.lpfnWndProc = usbWndProc;
wc.hInstance = Kernel32.INSTANCE.GetModuleHandle("");
wc.lpszClassName = className;
User32.INSTANCE.RegisterClass(wc);
HWND hWnd = User32.INSTANCE.CreateWindowEx(0, className, className, 0, 0, 0, 0, 0, null, null, null, null);
if (hWnd == null) {
System.err.println("Failed to create window");
return;
}
DEV_BROADCAST_DEVICEINTERFACE notificationFilter = new DEV_BROADCAST_DEVICEINTERFACE();
notificationFilter.dbcc_size = notificationFilter.size();
notificationFilter.dbcc_devicetype = DBT_DEVTYP_DEVICEINTERFACE;
GUID guid = new GUID();
guid.guidData1 = 0xA5DCBF10;
guid.guidData2 = 0x6530;
guid.guidData3 = 0x11D2;
guid.guidData4 = new byte[]{(byte) 0x90, 0x1F, 0x00, (byte) 0xC0, 0x4F, (byte) 0xB9, 0x51, (byte) 0xED};
notificationFilter.dbcc_classguid = guid;
HDEVNOTIFY hDevNotify = User32.INSTANCE.RegisterDeviceNotification(hWnd, notificationFilter, DEVICE_NOTIFY_WINDOW_HANDLE);
if (hDevNotify == null) {
System.err.println("Failed to register device notification");
return;
}
MSG msg = new MSG();
while (User32.INSTANCE.GetMessage(msg, hWnd, 0, 0) > 0) {
User32.INSTANCE.TranslateMessage(msg);
User32.INSTANCE.DispatchMessage(msg);
}
User32.INSTANCE.UnregisterDeviceNotification(hDevNotify);
User32.INSTANCE.DestroyWindow(hWnd);
Kernel32.INSTANCE.CloseHandle(hLogFile);
}
private static String getDriveLetter(int unitmask) {
for (char c = 'A'; c <= 'Z'; c++) {
if ((unitmask & 0x01) != 0) {
return DRIVE_LETTER_PREFIX + c + ":";
}
unitmask >>>= 1;
}
return null;
}
private static String getVolumeGuid(String driveLetter) {
char[] volumeGuid = new char[1024];
int length = Kernel32.INSTANCE.QueryDosDevice(driveLetter, volumeGuid, volumeGuid.length);
if (length == 0) {
return null;
}
String volumeGuidStr = new String(volumeGuid, 0, length);
if (!volumeGuidStr.startsWith(VOLUME_GUID_PREFIX) || !volumeGuidStr.endsWith(VOLUME_GUID_SUFFIX)) {
return null;
}
return volumeGuidStr.substring(VOLUME_GUID_PREFIX.length(), volumeGuidStr.length() - VOLUME_GUID_SUFFIX.length());
}
private static void log(String message) {
String logMessage = String.format("[%s] %s\n", new Date(), message);
byte[] logBytes = logMessage.getBytes(StandardCharsets.UTF_8);
ULONG_PTR bytesWritten = new ULONG_PTR();
Kernel32.INSTANCE.WriteFile(hLogFile, logBytes, logBytes.length, bytesWritten, null);
}
}
注意:这段代码只能在Windows操作系统上运行。