pyc2bytecode
python-uncompyle6
Our great sponsors
pyc2bytecode | python-uncompyle6 | |
---|---|---|
1 | 8 | |
127 | 3,539 | |
- | - | |
0.0 | 8.9 | |
11 months ago | 30 days ago | |
Python | Python | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pyc2bytecode
-
PSA: Global QR Code bot could have malware...
I was able to figure out that this is a python program which was compiled to an .exe. Using uncompyle6 and pyc2bytecode, I was able to decompile the .exe into the python bytecode...but I'm no expert at reading python bytecode. If you want to do this yourself, note that you will need to use the same version of python as the version used to make the exe (python 3.9). I did easily by changing the python_version in my Pipfile to 3.9 and using pipenv shell.
python-uncompyle6
-
Testing Github Co-Pilot and Trying to Win World Cup Bet
Q: What is RAPID_API_KEY = os.environ.get('RAPID_API_KEY')? A: You should store configuration in environment variables; never in code. See 12 factors app. Python .pyc files can easily be "decompiled" to .py and reveal all secrets in code.
-
PSA: Global QR Code bot could have malware...
I was able to figure out that this is a python program which was compiled to an .exe. Using uncompyle6 and pyc2bytecode, I was able to decompile the .exe into the python bytecode...but I'm no expert at reading python bytecode. If you want to do this yourself, note that you will need to use the same version of python as the version used to make the exe (python 3.9). I did easily by changing the python_version in my Pipfile to 3.9 and using pipenv shell.
-
Synack Red Team Five CTF Writeup - Rev
It's a Pyinstaller binary.(I have used it once before, so I just knew it by checking the file.) Use https://github.com/extremecoders-re/pyinstxtractor to extract its source code archive in binary (by just running python pyinstxtractor.py ./backdoor or something), now many .pyc files are extracted. Find src.pyc and it's malformed as Python3.9, so https://github.com/rocky/python-uncompyle6/ denies to decompile. But challenge information says it's Python3.8, so I write helloworld python script and execute it with Python3.8. It yields Python3.8 .pyc file. Analyze it and find signature is \x55. Change src.pyc's signature from \x61 to \x55 and decompile by running uncompyle6 backdoor-src.38.pyc > backdoor-src.py
- Help! Decompiling python 3.6 to source code
- De-obfuscating .pyc files?
- Recovering lost python code from .pyc?
-
Error: uncompyle6 requires Python 2.6-3.8
If not, you’ll either need to install and use 3.8 to run the program, or you’ll need to help the author continue support beyond 3.8.
What are some alternatives?
OneNoteAnalyzer - A C# based tool for analysing malicious OneNote documents
python-decompile3 - Python decompiler for 3.7-3.8 Stripped down from uncompyle6 so we can refactor and start to fix up some long-standing problems
karton - Distributed malware processing framework based on Python, Redis and S3.
py-spy - Sampling profiler for Python programs
toolkit - The essential toolkit for reversing, malware analysis, and cracking
remote-pdb - Remote vanilla PDB (over TCP sockets).
AMAYARA-Lab - The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.
pdb++
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
pyinstxtractor - PyInstaller Extractor
pyhidra - Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
pyflame