Python code encryption confusion

I want to see you again.
As an interpreted language, Python is inherently more difficult to encrypt. But sometimes we have to consider the encryption of the code when we release a python product to avoid source code leaks. To this end, I have reviewed some of the information and studied several common ways of python code encryption. Record it here.

Source Code Encryption

(a) py script compiled into pyc binary

Compile command:

1
python -m py_compile file.py

The pyc file is a binary file, but can be easily reversed, online decompile tool: https://tool.lu/pyc/. Of course, there is also a solution to this problem. The solution is to modify the opcode in the python source code and then recompile the py code to prevent it from being reversed to some extent, because the reverser needs to know the modified opcode to be restored. If you use a proprietary Bytecode instruction set, then the usual Python disassemblers and decompilers won’t work on the pyc files produced by your private Python compiler, which is equivalent to protecting your Python code. But the price of doing this is that your Python application can only be run on your private Python interpreter. (actually not applicable when releasing a product)

(2) py script packaged into exe file

The exe file is used for the Windows platform. It is usually packaged into exes using a packager (py2exe, PyInstaller, etc.). These tools are used to package a Python project into a single executable file for use (on a machine without a Python environment). However, all the pyc files or source files can be conveniently obtained through the compression package, which is essentially different from the executable file generated by C/C++ compilation. It is basically zero protection, so the exe needs to be packed.

(3) py script compiled into c file (cython)

Use cython to convert the core code py module file into a .c file, then compile it into a so(unix) file with gcc, or compile it into a pyd(windows) file.

Compilation process:
1, server installation depends

1
2
pip install python
yum install python-devel gcc

2, write the setup.py file, the content is as follows:

1
2
3
4
5
6
7
8
9
10
from distutils.core import setup
from Cython.Build import cythonize
setup(
ext_modules = cythonize("test.py",language_level=2)
)
# Batch compilation
setup(
ext_modules = cythonize(["test.py","test2.py".......],language_level=2)
)

3, run the following command

1
2
3
4
5
6
7
8
9
10
11
12
13
```
Will generate a test.so, delete the rest of the file, directly reference test.so (as with the reference py file)
## Source code confusion
In addition to encryption, you can also confuse the source code to increase the difficulty of reading the source code. There are many third-party libraries, and I have a few:
https://pypi.org/project/pyminifier/
https://github.com/astrand/pyobfuscate
http://pyob.oxyry.com/
Pyminifier library usage:
```bash
pyminifier -O test.py >> test_py.py
pyminifier --replacement-length=1 --obfuscate-builtins --obfuscate-import-methods --obfuscate-variables test.py

本文标题:Python code encryption confusion

文章作者:nmask

发布时间:2019年03月21日 - 14:03

最后更新:2019年07月11日 - 16:07

原始链接:https://thief.one/2019/03/21/1/en/

许可协议: 署名-非商业性使用-禁止演绎 4.0 国际 转载请保留原文链接及作者。

nmask wechat
欢迎您扫一扫上面的微信公众号,订阅我的博客!
坚持原创技术分享,您的支持将鼓励我继续创作!

热门文章推荐: