黑客意志

Python code encryption confusion

I want to see you again.
As an interpreted language, Python is inherently more difficult to encrypt. But sometimes we have to consider the encryption of the code when we release a python product to avoid source code leaks. To this end, I have reviewed some of the information and studied several common ways of python code encryption. Record it here.

Source Code Encryption

(a) py script compiled into pyc binary

Compile command:

1
python -m py_compile file.py

The pyc file is a binary file, but can be easily reversed, online decompile tool: https://tool.lu/pyc/. Of course, there is also a solution to this problem. The solution is to modify the opcode in the python source code and then recompile the py code to prevent it from being reversed to some extent, because the reverser needs to know the modified opcode to be restored. If you use a proprietary Bytecode instruction set, then the usual Python disassemblers and decompilers won’t work on the pyc files produced by your private Python compiler, which is equivalent to protecting your Python code. But the price of doing this is that your Python application can only be run on your private Python interpreter. (actually not applicable when releasing a product)

(2) py script packaged into exe file

The exe file is used for the Windows platform. It is usually packaged into exes using a packager (py2exe, PyInstaller, etc.). These tools are used to package a Python project into a single executable file for use (on a machine without a Python environment). However, all the pyc files or source files can be conveniently obtained through the compression package, which is essentially different from the executable file generated by C/C++ compilation. It is basically zero protection, so the exe needs to be packed.

(3) py script compiled into c file (cython)

Use cython to convert the core code py module file into a .c file, then compile it into a so(unix) file with gcc, or compile it into a pyd(windows) file.

Compilation process:
1, server installation depends

1
2
pip install python
yum install python-devel gcc

2, write the setup.py file, the content is as follows:

1
2
3
4
5
6
7
8
9
10
from distutils.core import setup
from Cython.Build import cythonize
setup(
ext_modules = cythonize("test.py",language_level=2)
)
# Batch compilation
setup(
ext_modules = cythonize(["test.py","test2.py".......],language_level=2)
)

3, run the following command

1
2
3
4
5
6
7
8
9
10
11
12
13
```
Will generate a test.so, delete the rest of the file, directly reference test.so (as with the reference py file)
## Source code confusion
In addition to encryption, you can also confuse the source code to increase the difficulty of reading the source code. There are many third-party libraries, and I have a few:
https://pypi.org/project/pyminifier/
https://github.com/astrand/pyobfuscate
http://pyob.oxyry.com/
Pyminifier library usage:
```bash
pyminifier -O test.py >> test_py.py
pyminifier --replacement-length=1 --obfuscate-builtins --obfuscate-import-methods --obfuscate-variables test.py
赞(0)
分享到: 更多 (0)

黑客技术,黑客教程,黑客软件,黑客入门,黑客工具,黑客平台,黑客下单,渗透测试,CTF,菠菜,源码,暗网,安卓,物联网安全,网络安全周,国家安全,企业安全,盗QQ号,正规黑客,接单黑客,SRC测试,黑客修改,黑客交流,黑客追款,APP渗透,黑客系统

联系我们联系我们