def decrypt_pyc(pyc_file, new_pyc_file=None):
try:
pyc_code = dedrop.decrypt(pyc_file)
except:
print("[!] Failing for %s" % pyc_file)
import traceback
traceback.print_exc()
return
if not new_pyc_file:
# new_pyc_file = pyc_file.replace(".pyc", ".npyc")
new_pyc_file = "output.pyc"
print("[+] writing to", new_pyc_file)
with open(new_pyc_file, "wb") as f:
# Note: getting the version magic right is crucial!
# f.write(b'3\r\r\n') # won't work when original bytecode version corresponds to python 3.5.4
f.write(b'B\r\r\n') # valid for python 3.7.2
# We don't care about a timestamp
f.write(b'\x00\x00\x00\x00')
f.write(b'\x00\x00\x00\x00') # required for modern python version
f.write(b'\x00\x00\x00\x00') # required for modern python versions, xxx
bytecode = dedrop.bytecode(pyc_code)
x = marshal3.dumps(pyc_code)
f.write(x)
def decrypt_pyc(pyc_file, new_pyc_file=None):
pyc_code = dedrop.decrypt(pyc_file)
if not new_pyc_file:
new_pyc_file = pyc_file.replace(".pyc", ".npyc")
print "[+] writing to", new_pyc_file
with open(new_pyc_file, "w") as f:
f.write('\x03\xf3\r\n')
# We don't care about a timestamp
f.write('\x00\x00\x00\x00')
_Marshaller(f.write).dump(pyc_code)
def decrypt_pyc(pyc_file, new_pyc_file=None):
pyc_code = dedrop.decrypt(pyc_file)
if not new_pyc_file:
new_pyc_file = pyc_file.replace(".pyc", ".npyc")
print "[+] writing to", new_pyc_file
with open(new_pyc_file, "w") as f:
f.write('\x03\xf3\r\n')
# We don't care about a timestamp
f.write('\x00\x00\x00\x00')
_Marshaller(f.write).dump(pyc_code)