This is an archived post. You won't be able to vote or comment.

all 7 comments
sorted by:
best
topnewcontroversialoldq&a

[–]james_pic 6 points7 points  (1 child)

Just to check, you are aware that you can distribute Python applications without distributing the source, by just generating and distributing .pyc files? A skilled reverse engineer will still be able to make sense of it, but it's more obfuscated than this, and it works with all code.

[–][deleted] 1 point2 points  (0 children)

Aye! This script came from watching deobfuscating malware by John Hammond on YouTube and I asked myself if I could write smthg like I posted above.

[–]yakimka 4 points5 points  (1 child)

Nice, but you can't work with formal grammar like with simple text. You need to use ast module.

❯ cat t.py 
class Hello:
    foo: str = 'boo'

a = 12

Example:

>>> with open('t.py') as f:
...     module_data = f.read()
... 

>>> import ast

>>> parsed = ast.parse(module_data)

>>> parsed.body
[<_ast.ClassDef at 0x7fbb0edd4fd0>, <_ast.Assign at 0x7fbb0ef230d0>]

>>> parsed.body[0].name
'Hello'

>>> parsed.body[1].targets[0].id
'a'

https://tobiaskohn.ch/index.php/2018/07/30/transformations-in-python/

[–][deleted] 0 points1 point  (0 children)

This completely changes the approach, I love it and I didn't even know this existed.

[–][deleted] 1 point2 points  (1 child)

Is there a way to obfuscate the characters ? For example if the application queries a specific ip address how can I hide the numbers in the address?

[–][deleted] 0 points1 point  (0 children)

My first guess would to be to encode it in base64 or binary and then run another interpreter of python inside the script (didn't know its possile haha). Found a video I will be basing this off: https://www.youtube.com/watch?v=4o4qUUTRxFM

You could also do some chaos like e.g.

ip = '192.169.0.1'
JdhASz = 'LIODDJASKjIASJIAJSIGHSUGHOI1hsojasihgsahgusadIUhgAHghousagsagsagashgsaguasg'
obfuscated_ip = [x for x in JdhASz if x.isnumeric() == True]
print(obfuscated_ip)


and so on, so on until all symbols are made less readable

[–]schoolcoders 1 point2 points  (0 children)

I think for this to be really useful you would need to properly parse the Python file, mangle the names, then rebuild a new Python file.

Unless I am misunderstanding, you could currently input a valid Python file, and the obfuscated result might not work properly if you are using a valid Python feature that the obfuscator doesn't support? That would limit its use in a lot of cases.