/*
 * @(#)BasicScanner.java 1.0 08/06/21
 *
 * You can modify the template of this file in the
 * directory ..\JCreator\Templates\Template_1\Project_Name.java
 *
 * You can also create your own project template by making a new
 * folder in the directory ..\JCreator\Template\. Use the other
 * templates as examples.
 *
 */
 
import java.awt.*;
import java.io.*;
import java.util.*;
import javax.swing.*;
import java.awt.event.*;

class BasicScanner extends JFrame implements Runnable,ActionListener
{

  private static final String COPYRIGHT="BasicScanner\nThis scanner scans bytes from harddisk\nSecuritytool for finding files with certain byte contents\n\nWritten by RJHM van den Bergh\nAll rights reserved june 2008\n\nDistribution allowed in unchanged form\nPlease visit my site http://www.comweb.nl for updates\nSuggestion are welcome sales@comweb.nl\n\n";	
  public static final String[] BYTES=
  {
    "00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F",
    "10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F",
    "20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F",
    "30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F",
    "40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F",
    "50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F",
    "60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F",
    "70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F",
    "80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F",
    "90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F",
    "A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF",
    "B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF",
    "C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF",
    "D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF",
    "E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF",
    "F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF"
  };

  // Collected statisitcs:
  double statcount=6553600; //bytes counted
  int[] stats=
  {
    2304607,80884,41350,34177,38516,17450,20453,22283,33189,13594,54685,10387,23739,51814,12785,18371,
    31998,11156,8570,8800,15401,24848,10095,7838,14462,4931,5423,5842,9748,5177,6722,6335,
    224024,8826,36426,8572,19291,20002,9239,6721,12672,8028,6584,7756,102793,14005,29961,10181,
    146923,38503,32339,28993,22729,17056,17641,13020,17040,15464,10087,11531,23339,21613,17803,7727,
    24699,24197,12201,37858,27055,44954,21930,8945,21744,24494,3588,16109,20300,25566,26354,18428,
    36639,9184,37711,34298,24665,16551,18841,17915,8828,3720,3947,10309,19811,11872,8638,17573,
    10265,55218,11723,40335,42150,125363,34538,21806,26387,73211,14300,8854,61450,25775,70067,74847,
    37487,3182,72963,79990,97198,46334,19166,19108,12944,18687,3199,3248,5582,7025,4210,3910,
    22044,5382,3938,22607,7113,14510,3391,2903,8938,21549,6460,50066,3340,17861,2842,2245,
    5320,1680,1867,1446,2760,1489,1966,1337,3545,1829,2722,1160,2562,1237,1754,1578,
    4311,3924,2000,2580,3053,2640,1529,1556,4035,1709,2289,2287,2694,1167,2229,1191,
    4317,1255,9119,1804,3248,1281,3153,2579,7582,3027,2731,2621,2720,1632,2636,2834,
    24967,5141,7099,6143,8676,1659,6446,10743,4400,3125,2747,1896,13281,2133,2015,1906,
    4125,3182,2819,1754,3899,1526,2516,1652,5270,1766,2037,3419,3480,1526,1696,1700,
    7674,2719,2089,1523,4421,3274,1893,2382,18216,6551,1950,9652,10200,1794,2283,2004,
    12755,3005,3072,4080,6861,1715,5881,4351,12411,3817,3411,3317,12310,5358,10791,223957
  };
    
	Container contentPane;
	JScrollPane scrollPane;
	JTextArea result;
	JButton start,stop;
	JTextField progres;
	JTextField textField1; // maxFileSize
  long maxFileSize=30000; //Skip files bigger than maxFileSize bytes
	JTextField textField2; // bytes to search
	byte[] bytesToSearch;
	JTextField textField3; // startPlace
  String startPlace="C:\\";
	Thread runner=null;
	boolean setExit=false;
	
		
	public BasicScanner()
	{
		addWindowListener
		(
			new WindowAdapter()
			{
			  public void windowClosing(WindowEvent e)
			  {
				  dispose();
				  System.exit(0);
			  }
		  }
		);
		
		result=(new JTextArea());
		result.setText(BasicScanner.COPYRIGHT);
		result.setEditable(false);
	  scrollPane=new JScrollPane(result);

		contentPane=getContentPane();
		contentPane.setLayout(new BorderLayout());
		contentPane.add(scrollPane,BorderLayout.CENTER);

  	JFrame inputFrame=new JFrame();
  	Container inputFrameContainer=inputFrame.getContentPane();
  	inputFrameContainer.setLayout(new GridLayout(3,3));
  	JLabel label1=new JLabel("Max. file size [bytes] ");
  	inputFrameContainer.add(label1);
  	textField1=new JTextField("30000");
  	inputFrameContainer.add(textField1);
  	JLabel label2=new JLabel("Bytes to search ");
  	inputFrameContainer.add(label2);
  	textField2=new JTextField("208,66,193,71");
  	inputFrameContainer.add(textField2);
  	JLabel label3=new JLabel("Start ");
  	inputFrameContainer.add(label3);
  	textField3=new JTextField("C:\\");
  	inputFrameContainer.add(textField3);  	
    contentPane.add(inputFrameContainer,BorderLayout.NORTH);		

 	  JFrame outputFrame=new JFrame();
  	Container outputFrameContainer=outputFrame.getContentPane();
  	outputFrameContainer.setLayout(new GridLayout(3,1));     
    progres=new JTextField("");
    progres.setEditable(false);
  	outputFrameContainer.add(progres);    
    start=new JButton("Start");
    start.addActionListener(this);
  	outputFrameContainer.add(start);
    stop=new JButton("Stop");
    stop.addActionListener(this);
  	outputFrameContainer.add(stop);
    contentPane.add(outputFrameContainer,BorderLayout.SOUTH);
				
	}
	
	public Dimension getPreferredSize()
	{
		return new Dimension(800,600);
	}
	
	public static void main(String args[])
	{
		System.out.println("Starting BasicScanner...");
		BasicScanner mainFrame = new BasicScanner();
		mainFrame.setSize(mainFrame.getPreferredSize());
		mainFrame.setTitle("BasicScanner");		
		mainFrame.setVisible(true);
//		new Thread(mainFrame).start();				
	}		
	
	public void run()
	{
    try 
    {
	    File file=new File(startPlace,".");
	    if (file.exists()) dir(file.getPath(),file.list());
	    else {result.append("Check start place"); textField3.setText("ERROR "+textField3.getText());return;}
    } catch (Exception e) 
    { 
      e.printStackTrace(); 
    } finally
    {
    	System.out.println("Finished");
    	setExit=false;
    	runner=null;
    }
	}
	
	private void dir(String path,String[] files)	
	{
		/* 
		   funtion is called with the content of a directory
		   if it finds a directory among the content it will call itself
		*/ 
		if (setExit) return;
		for(int i=0;i<files.length;i++)
		{
			try
			{
			  File file=new File(path,files[i]);
				if (file.isDirectory())
				{
				  // directory recursive
					try
					{
					  dir( file.getPath(),file.list());
					} catch(Exception e)
					{
					  e.printStackTrace();
					}
				} else
				{
				  // file
				  if (file.length()<=maxFileSize && file.length()>=bytesToSearch.length)
				  {
    			  progres.setText(""+file);
				    if (file.canRead())
				    {
				  	  try
				  	  {
				  		  FileInputStream fileInputStream=new FileInputStream(file);                
				  		  if (fileInputStream.available()>=bytesToSearch.length)
				  		  {
  				  		  byte[] readBuffer=new byte[bytesToSearch.length];
				  		  	fileInputStream.read(readBuffer);
				  		  	int readBufferPointer=0;
				  		  	boolean found=checkBuffer(readBuffer,readBufferPointer,bytesToSearch);	
// result.append(""+file+"\n");				  		  	
				  		  	byte[] oneByte=new byte[1];
				  		    while(fileInputStream.available()>0 && !found)
				  		    {
				  		  	  int red=fileInputStream.read(oneByte);
//byte b=oneByte[0];collectStatistics(b);				  		  	  
				  		  	  readBuffer[readBufferPointer]=oneByte[0];
// result.append(""+oneByte[0]+",");				  		  	  
				  		  	  readBufferPointer++; if (readBufferPointer>=readBuffer.length) readBufferPointer-=readBuffer.length;
				  		  	  found=checkBuffer(readBuffer,readBufferPointer,bytesToSearch);
				  		    }				  		    
				  		    if (found) 
				  		    {
				  		    	result.append("\nMATCH "+file+"\n");
				  		    	result.append("File size = "+file.length()+"\n"); 
				  		    	result.append(calculateChance(bytesToSearch,file.length())+"\n");
				  		    	result.append("\n");
				  		    }
// result.append("\n");
                  try {fileInputStream.close();} catch(Exception e2){}
				  		  } else
				  		  {
				  		  	// can't read enough data to start (blocking)
   	              result.append("Skipped "+file+" didn't succeed start reading (blocking stream)\n");				    	
				  		  }
				  	  } catch(Exception e) 
				  	  {
   	             result.append("Error ("+e.getMessage()+") on "+file+"\n");	
//e.printStackTrace();			    	
				  	  }
				    } else
				    {
				    	// can't read file
				  		result.append("Skipped (can't read) "+file+"\n");				    	
				    }

				  }		      			
				}
			} catch(Exception e)
			{
				e.printStackTrace();
			}
		}
		return;
	}
	
	private boolean checkBuffer(byte[] readBuffer,int readBufferPointer, byte[] bytesToSearch)
	{
		// this methods checks if the bytesTosearch matchess inside the readBuffer
    int pointer=readBufferPointer;
		for (int i=0;i<bytesToSearch.length;i++)
		{
			pointer=readBufferPointer+i; while (pointer>=readBuffer.length) pointer-=readBuffer.length;
			if (readBuffer[pointer]!=bytesToSearch[i]) return false;			
		}
		return true;		
	}
	
  private String calculateOneMatch(byte[] bytesToSearch)
  {
      double teller=1;
      for(int i=0;i<bytesToSearch.length;i++)
      {
      	int index=bytesToSearch[i]; if (index<0) index=256+index;
      	teller*=(stats[index]);
      }
      double noemer=Math.pow(statcount,bytesToSearch.length);
		  double changeOfFindingOneGues=teller/noemer;
	    return ""+changeOfFindingOneGues*100;
  }	
 
	private String calculateChance(byte[] bytesToSearch,long fileSize)
	{
		/* 
		   Calculates the change that the sequential byte is contained in the file
		*/

		try
		{
		  long numberOfGuesses=fileSize-bytesToSearch.length+1;
      double teller=1;
      for(int i=0;i<bytesToSearch.length;i++)
      {
      	int index=bytesToSearch[i]; if (index<0) index=256+index;
      	teller*=(stats[index]);
      }
      double noemer=Math.pow(statcount,bytesToSearch.length);
		  double changeOfNotFindingOneGues=1-teller/noemer;
		  double changeOfNotFinding=Math.pow(changeOfNotFindingOneGues,numberOfGuesses);
		  double changeOfFinding=1-changeOfNotFinding;
// 69,82,83,73
	    return "Normal change that this file contains this byte sequence "+(changeOfFinding*100)+" percent. (ESTIMATED)";	    
	  } catch (Exception e)
	  {
	  	e.printStackTrace();
	  	return "random change = not calculated. (error)";
	  }						
	}
	
	public void actionPerformed(ActionEvent e)
	{

		if (e.getActionCommand()=="Start")
		{
		  if (runner==null)
		  {
		  	//new start
		  	try
		  	{
    		  maxFileSize=Long.parseLong(textField1.getText());
    		  result.append("Max. file size to scan: "+maxFileSize+"\n");
		  	} catch(NumberFormatException e2)
		  	{
		  		textField1.setText("ERROR "+textField1.getText());
		  		return;
		  	}
		  	try
		  	{
		  		StringTokenizer tokenizer=new StringTokenizer(textField2.getText(),",");
		  		if (tokenizer.countTokens()<2)
		  		{
		  			throw(new Exception("Must have more than one byte to search.\nOtherwise to much matches."));
		  		}
		  		bytesToSearch=new byte[tokenizer.countTokens()];
		  		String visualByteSequence="";
		  		for(int i=0;i<bytesToSearch.length;i++)
		  		{
		  			String token=tokenizer.nextToken();
		  			int value=Integer.parseInt(token);
		  			visualByteSequence=visualByteSequence+BasicScanner.BYTES[value]; //hexdeciaml representation in a String
		  			if (value>128) { value-=(2*128); token=""+value; }		  					  					  			
            bytesToSearch[i]=(Byte.decode(token)).byteValue();
		  		}
		  		result.append("BYTES to search: "+visualByteSequence+"\n");
		  		result.append("One gues matching change "+calculateOneMatch(bytesToSearch)+" percent. (ESTIMATED)\n");
		  		
		  	} catch (Exception e2)
		  	{
		  		textField2.setText("ERROR "+textField2.getText());
		  		result.append(e2.getMessage());
		  		result.append("Bytes to search must be a comma seperated list\nWith positive values ranging from 0 to 255.\n");
		  		return;
		  	}
		  	try
		  	{
		  		startPlace=textField3.getText();
		  		result.append("Starting directory "+startPlace+"\n");
		  	} catch (Exception e2)
		  	{
		  		e2.printStackTrace();
		  		return;
		  	}
	  		result.append("------------------------\n");
		  			  	
		    runner=new Thread(this);
		    runner.start();
		  }
		}		
    if (e.getActionCommand()=="Stop")
    {
    	setExit=true;
    }
	} 

}

/*
Collected statisitcs:
int[] stats={
2304607,80884,41350,34177,38516,17450,20453,22283,33189,13594,54685,10387,23739,51814,12785,18371,
31998,11156,8570,8800,15401,24848,10095,7838,14462,4931,5423,5842,9748,5177,6722,6335,
224024,8826,36426,8572,19291,20002,9239,6721,12672,8028,6584,7756,102793,14005,29961,10181,
146923,38503,32339,28993,22729,17056,17641,13020,17040,15464,10087,11531,23339,21613,17803,7727,
24699,24197,12201,37858,27055,44954,21930,8945,21744,24494,3588,16109,20300,25566,26354,18428,
36639,9184,37711,34298,24665,16551,18841,17915,8828,3720,3947,10309,19811,11872,8638,17573,
10265,55218,11723,40335,42150,125363,34538,21806,26387,73211,14300,8854,61450,25775,70067,74847,
37487,3182,72963,79990,97198,46334,19166,19108,12944,18687,3199,3248,5582,7025,4210,3910,
22044,5382,3938,22607,7113,14510,3391,2903,8938,21549,6460,50066,3340,17861,2842,2245,
5320,1680,1867,1446,2760,1489,1966,1337,3545,1829,2722,1160,2562,1237,1754,1578,
4311,3924,2000,2580,3053,2640,1529,1556,4035,1709,2289,2287,2694,1167,2229,1191,
4317,1255,9119,1804,3248,1281,3153,2579,7582,3027,2731,2621,2720,1632,2636,2834,
24967,5141,7099,6143,8676,1659,6446,10743,4400,3125,2747,1896,13281,2133,2015,1906,
4125,3182,2819,1754,3899,1526,2516,1652,5270,1766,2037,3419,3480,1526,1696,1700,
7674,2719,2089,1523,4421,3274,1893,2382,18216,6551,1950,9652,10200,1794,2283,2004,
12755,3005,3072,4080,6861,1715,5881,4351,12411,3817,3411,3317,12310,5358,10791,223957
};
int statcount= 6553600

*/

/*
	int[] stats=new int[256];
	int statcount=0;
	public void collectStatistics(byte b)
	{
		statcount++;
		int value=b;
//System.out.println("byte ="+b);		
		if (value<0) value=256+value;
    stats[value]++; 
if (value<0 || value>255) System.out.println("error statsistcs collecting");    
//		if (statcount==255*256*1000)
    if (statcount==256*256*1000 || statcount==256*256*100 || statcount==256*256*10)
				{
			result.append("\n");
			result.append("Collected statisitcs:\n");
			result.append("int[] stats={\n");
			String out="";
			int index=0;
			for(int i=0;i<=15;i++)
			{
				for(int i2=0;i2<=15;i2++)
				{
					out=out+(stats[index]);
					if (index!=255) out=out+",";
					index++;
				}
				out=out+"\n";
			}
			result.append(out+"\n}\n");
			result.append("statcount= "+statcount+"\n\n");
		}
	}
*/