标签:INFO 反编译 00 pyc magic 记录 py python3.7 main
记录一次python3.7反编译过程
找到了一个python3.7编译的exe,但没找到源码,记录一下反编译的过程
1.将exe文件转换成pyc文件
使用pyinstxtractor.py,cmd中输入命令:
python pyinstxtractor.py xxx.exe
项目地址:pyinstxtractor
解压成功后,同路径下会出现一个[xxx.exe]_extracted的文件夹,这里面就包含了主程序main,不带任何后缀,我们要反编译的就是这个文件,其他的都是依赖库,如PYZ-extracted文件夹里的都是库文件。我们这时可能会纳闷,为什么该文件不是.pyc文件?这可能是pyinstxtractor的一点不足,转换出来的主程序格式不对,我们还需要对其进行手动修复。
2.修复pyc文件
直接把main文件改后缀为main.pyc进行反编译会出现错误。
C:\Users\zzzz>uncompyle6 xxxx.pyc
Traceback (most recent call last):
File "C:\python3\Lib\site-packages\xdis\load.py", line 143, in load_module_from_file_object
float_version = float(magics.versions[magic][:3])
KeyError: b'\xe3\x00\x00\x00'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\python3\lib\runpy.py", line 193, in _run_module_as_main
"__main__", mod_spec)
File "c:\python3\lib\runpy.py", line 85, in _run_code
exec(code, run_globals)
File "C:\python3\Scripts\uncompyle6.exe\__main__.py", line 7, in <module>
File "C:\python3\Lib\site-packages\uncompyle6\bin\uncompile.py", line 194, in main_bin
**options)
File "C:\python3\Lib\site-packages\uncompyle6\main.py", line 322, in main
do_fragments,
File "C:\python3\Lib\site-packages\uncompyle6\main.py", line 182, in decompile_file
filename, code_objects
File "C:\python3\Lib\site-packages\xdis\load.py", line 116, in load_module
get_code=get_code,
File "C:\python3\Lib\site-packages\xdis\load.py", line 152, in load_module_from_file_object
% (ord(magic[0:1]) + 256 * ord(magic[1:2]), filename)
ImportError: Unknown magic number 227 in xxxx.pyc
原因是文件头magic number没有对上,因此需要加上magic number,不同python版本的magic number也不同。
python 3.6.7的
33 0D 0D 0A 00 00 00 00 00 00 00 00
python 3.7.4的
42 0D 0D 0A 00 00 00 00 63 AF 36 3E 0C 00 00 00
3.如何得到magic number
自己编译一个看看是多少
编译py文件需要pyinstaller,模块可用pip安装
pip install pyinstaller
pip安装完成后自己选一个py文件编译,pyinstaller文件位置在:
C:\Users\xxx\AppData\Local\Programs\Python\Python36\Scripts
把pyinstaller.exe和你的一个py文件拖到同一文件夹
cmd中输入:
pyinstaller 1.py
输出
Microsoft Windows [版本 10.0.17763.557]
(c) 2018 Microsoft Corporation。保留所有权利。
D:\JAVA>pyinstaller 1.py
91 INFO: PyInstaller: 3.6
92 INFO: Python: 3.7.4
92 INFO: Platform: Windows-10-10.0.17763-SP0
94 INFO: wrote D:\JAVA\1.spec
103 INFO: UPX is not available.
106 INFO: Extending PYTHONPATH with paths
['D:\\JAVA', 'D:\\JAVA']
107 INFO: checking Analysis
107 INFO: Building Analysis because Analysis-00.toc is non existent
107 INFO: Initializing module dependency graph...
110 INFO: Caching module graph hooks...
119 INFO: Analyzing base_library.zip ...
3644 INFO: Caching module dependency graph...
3797 INFO: running Analysis Analysis-00.toc
3801 INFO: Adding Microsoft.Windows.Common-Controls to dependent assemblies of final executable
required by d:\python\python.exe
4239 INFO: Analyzing D:\JAVA\1.py
4241 INFO: Processing module hooks...
4241 INFO: Loading module hook "hook-encodings.py"...
4361 INFO: Loading module hook "hook-pydoc.py"...
4362 INFO: Loading module hook "hook-xml.py"...
4636 INFO: Looking for ctypes DLLs
4636 INFO: Analyzing run-time hooks ...
4643 INFO: Looking for dynamic libraries
4830 INFO: Looking for eggs
4830 INFO: Using Python library d:\python\python37.dll
4830 INFO: Found binding redirects:
[]
4834 INFO: Warnings written to D:\JAVA\build\1\warn-1.txt
4876 INFO: Graph cross-reference written to D:\JAVA\build\1\xref-1.html
4885 INFO: checking PYZ
4885 INFO: Building PYZ because PYZ-00.toc is non existent
4886 INFO: Building PYZ (ZlibArchive) D:\JAVA\build\1\PYZ-00.pyz
5395 INFO: Building PYZ (ZlibArchive) D:\JAVA\build\1\PYZ-00.pyz completed successfully.
5404 INFO: checking PKG
5404 INFO: Building PKG because PKG-00.toc is non existent
5405 INFO: Building PKG (CArchive) PKG-00.pkg
5426 INFO: Building PKG (CArchive) PKG-00.pkg completed successfully.
5428 INFO: Bootloader d:\python\lib\site-packages\PyInstaller\bootloader\Windows-64bit\run.exe
5428 INFO: checking EXE
5429 INFO: Building EXE because EXE-00.toc is non existent
5430 INFO: Building EXE from EXE-00.toc
5430 INFO: Appending archive to EXE D:\JAVA\build\1\1.exe
5434 INFO: Building EXE from EXE-00.toc completed successfully.
5437 INFO: checking COLLECT
5437 INFO: Building COLLECT because COLLECT-00.toc is non existent
5438 INFO: Building COLLECT COLLECT-00.toc
6084 INFO: Building COLLECT COLLECT-00.toc completed successfully.
生成文件
生成图中的文件,pyc文件就在_pycache_里
16进制查看其magic number
这个是python 3.7.4的
4.添加magic number
在最前面添加magic number
原来的
添加后
保存为pyc文件
5.反编译pyc文件
用到uncompyle6反编译,也是pip
pip install uncompyle6
一样cmd中打开输入
uncompyle6 main.pyc > main.py
直接生成main.py
我反编译出的文件,python 3.7的
# uncompyle6 version 3.6.3
# Python bytecode 3.7 (3394)
# Decompiled from: Python 3.7.4 (tags/v3.7.4:e09359112e, Jul 8 2019, 20:34:20) [MSC v.1916 64 bit (AMD64)]
# Embedded file name: main.py
# Size of source mod 2**32: 12 bytes
import os, time
from datetime import datetime, timedelta
from selenium import webdriver
from selenium.webdriver.support.wait import WebDriverWait
import selenium.webdriver.support as EC
from selenium.webdriver.common.by import By
from selenium.webdriver.common.action_chains import ActionChains
from packaging import version
import requests
class Taobao:
__module__ = __name__
__qualname__ = 'Taobao'
def __init__(self, driver_type):
self._browser_type = driver_type
if driver_type == 1:
self._driver = webdriver.Chrome(executable_path='chromedriver.exe', service_args=['--verbose', '--log-path=chromedriver.log'])
else:
self._driver = webdriver.Firefox(executable_path='geckodriver.exe')
。。。。。后面还有不粘了
ps:我电脑原装的是python 3.6.6 需要反编译3.7写的,于是又下到D盘一个3.7.4 环境变量和pip都可以添加,用的时候把C:\Users\xxx\AppData\Local\Programs\Python\Python36
里的python.exe移出去就行了,两个pip应该是不互通的吧。。。
D盘里的3.7不用的时候就在文件夹前加个#号。
qq_44808585
发布了1 篇原创文章 · 获赞 0 · 访问量 40
私信
关注
标签:INFO,反编译,00,pyc,magic,记录,py,python3.7,main 来源: https://blog.csdn.net/qq_44808585/article/details/104148402
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。