Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Obfuscated python scripts include object names, string etc. in clear text. #5

Closed
jondy opened this issue Jan 7, 2018 · 2 comments
Closed

Obfuscated python scripts include object names, string etc. in clear text. #5

jondy opened this issue Jan 7, 2018 · 2 comments

Comments

@jondy
Copy link
Contributor

jondy commented Jan 7, 2018

After encrypting a module it doesn't seem to be encrypted. Looking at the binary source, I still find all object names, strings etc. in clear text. Is that the intended behaviour?
@jondy
Copy link
Contributor Author

jondy commented Jan 7, 2018
edited
Loading

In pyarmor 3.2.0, only co_code is obfuscated, co_names and co_const is separated saved in .pyc file. So they're clear text.

On the other word, only code segment is obfuscated, part of data segment, that is, literal constants in source is not obfuscated.

To solve this issue, pyarmor will introduce a new feature as the following

How to obfuscate python script

  • Compile python script as code object
 PyObject *co = Py_CompileString("Literal Source", filename, Py_file_input)
  • Serialize code object and obfuscate it
  char *code = marshal.dumps( co );
  char *obf_code = obfuscate_algorithm( code  );
  • Create wrapper script and write to '.pyc' file as obfuscated script
  __modarmor__( __name__, b'${obf_code}' )

By this way, no any literal source constant is in the "foo.pyc", then

How to import obfuscated script

  • Run normal python interpreter to import it

  • Module wrapper will be called, it accepts 2 arguments: module name and obfuscated code

int __modarmor__(char *name, unsigned char *obf_code) {
  char *code = resotre_obfucated_code( obf_code );
  PyObject *co = marshal.loads(code);
  PyObject *mod = PyImport_ExecCodeModule(name, co);
}

Usage

Obfuscate whole module as above by mode 5

  python pyarmor.py encrypt -C project.zip --mode=5 -O dist foo.py

Obfuscate both whole module and each code object by mode 6

  python pyarmor.py encrypt -C project.zip --mode=6 -O dist foo.py

Although it has been implemented in Pyarmor 3.2.1, but it hasn't been full test.

@jondy
Copy link
Contributor Author

jondy commented Jan 15, 2018
edited
Loading

In the minor version Pyarmro 3.3.0, there are 2 new modes: 7, 8. The default mode is 8.

  • mode 7: only code object of python module is obfuscated, it's almost
    quickly as no obfuscated module.
    python pyarmor.py --with-capsule=project.zip --output=dist --mode=7 foo.py
  • mode 8: both code object and bytecode are obfuscated, it's slower
    but more secure. It's the default mode.
    python pyarmor.py --with-capsule=project.zip --output=dist --mode=8 foo.py

Both of modes generate obfuscated scripts as the following:

__pyarmor__(__name__, b'xxxx')

And save as a common python script, so it can be used in normal way.

@jondy jondy closed this as completed Jan 16, 2018
@drewm1980 drewm1980 mentioned this issue Nov 30, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jondy