def do_gen_obf(self, obfuscated_modules=None): """ Generate obfuscated Python bytecode for the modules at the path specified using the current runtime we are running from. The generated bytecode will be used to diff against the reference bytecode to deduce a modified opcode map. In general you should point this at the directory containing the obfuscated stdlib .pyc's for the obfuscated runtime The more commonality between the reference and obfuscated bytecode there the higher the number of opcodes that will be able to be remapped. Usage: gen_obf <path to directory of obfusctaed python .pyc's> Example: gen_obf /tmp/foo.app/Contents/Resources/runtime/site_packages/ """ if not obfuscated_modules: print "[-] No path given from which to generate obfuscated bytecode" return ##Make sure we have everything current if "OpcodeRemap" not in sys.modules.keys(): from OpcodeRemap import OpcodeRemap else: OpcodeRemap = reload(OpcodeRemap) self.obf_pyb = os.path.join(self.pyretic.get_projectdir(), "pybs") obfuscated_modules = self.pyretic.normalise_path(obfuscated_modules) print "[=] Generating bytecode from .py's at: %s" % ( obfuscated_modules) ##Call into OpcodeRemap if self.runtime_version == "default": version_to_gen = "2.5" else: version_to_gen = self.runtime_version OpcodeRemap.gen_obf(self.obf_pyb, obfuscated_modules, version_to_gen) print "[+] Obfuscated bytecode generated"
def do_gen_obf(self, obfuscated_modules = None): """ Generate obfuscated Python bytecode for the modules at the path specified using the current runtime we are running from. The generated bytecode will be used to diff against the reference bytecode to deduce a modified opcode map. In general you should point this at the directory containing the obfuscated stdlib .pyc's for the obfuscated runtime The more commonality between the reference and obfuscated bytecode there the higher the number of opcodes that will be able to be remapped. Usage: gen_obf <path to directory of obfusctaed python .pyc's> Example: gen_obf /tmp/foo.app/Contents/Resources/runtime/site_packages/ """ if not obfuscated_modules: print "[-] No path given from which to generate obfuscated bytecode" return ##Make sure we have everything current if "OpcodeRemap" not in sys.modules.keys(): from OpcodeRemap import OpcodeRemap else: OpcodeRemap = reload(OpcodeRemap) self.obf_pyb = os.path.join(self.pyretic.get_projectdir(), "pybs") obfuscated_modules = self.pyretic.normalise_path(obfuscated_modules) print "[=] Generating bytecode from .py's at: %s"%(obfuscated_modules) ##Call into OpcodeRemap if self.runtime_version == "default": version_to_gen = "2.5" else: version_to_gen = self.runtime_version OpcodeRemap.gen_obf(self.obf_pyb, obfuscated_modules, version_to_gen) print "[+] Obfuscated bytecode generated"