Possibility on extracting bytecode from compiled executable

[Ashesh3]

I have been recently learning reverse engineering and have stumbled upon an executable which happens to using Nuitka. So far i have looked across how Nuitka works internally, and the other issue regarding decompilation #392 , i am currently trying to load the executable into a disassembler but seems like the executable creates multiple threads and does some other stuff to make it harder, i was wondering if there's a better solution. I tried giving it malformed input and found out something interesting,

Traceback (most recent call last):
  File "C:\bin\bootstrap.py", line 17, in <module>
  File "C:\bin\crackme.py", line 1018, in main
  File "C:\bin\crackme.py", line 913, in start
  File "C:\bin\bridge.py", line 456, in run
  File "C:\bin\timer.py", line 142, in check
  File "C:\bin\timer.py", line 103, in <lambda>
  File "C:\bin\bridge.py", line 1061, in _checkQuit
SystemExit: 0

Seems like the executable indeed has the code in there somewhere? how else would it be able to figure out the exact traceback, with exact line numbers. I tried using objectdump and stringdump, seems like there are string literals in the executable which could resemble to the source, but so far i am having a hard time extracting the logic from the program.

Is there any way i can better analyse the problem?

Possible helpful info

mov     cs:Py_DebugFlag, 0
mov     cs:Py_Py3kWarningFlag, 0
mov     cs:Py_DivisionWarningFlag, 0
mov     cs:Py_UnicodeFlag, 0
mov     cs:Py_TabcheckFlag, 0
mov     cs:Py_InspectFlag, 0
mov     cs:Py_InteractiveFlag, 0
mov     cs:Py_OptimizeFlag, 0
mov     cs:Py_DontWriteBytecodeFlag, 0
mov     cs:Py_NoUserSiteDirectory, 1
mov     cs:Py_IgnoreEnvironmentFlag, 0
mov     cs:Py_VerboseFlag, 0
mov     cs:Py_BytesWarningFlag, 0
mov     cs:Py_FrozenFlag, 1
mov     cs:Py_NoSiteFlag, 1

cs:Py_DontWriteBytecodeFlag could be a key help?

Thank you so much for any help.

[kayhayen]

Nuitka is purposefully making sure that tracebacks have line numbers. Depending on the source reference mode, the original file locations are potentially used, in which case the files would be read if present.

The data is intact, but code is in C, and can be found there.

The writing of the byte code flag is for when Python source code loader reads a .py file, if the compiled bytecode should be stored on disk, so next time reading it will not have to parse it. Has nothing to do with Nuitka.

There is no bytecode in Nuitka except for standard library in standalone mode, so there seems no point in your issue really?

[Ashesh3]

Thank you for the explanation, that makes sense. Seems like i'll need to use standard disassembly tools and treat the executable as if compiled from a C compiler.

[kayhayen]

Well, yes, it was compiled by a C compiler ultimately.