Decompile and print object in python?

Asked Dec 07 '14 at 11:26

Active Dec 08 '14 at 11:09

Viewed 229 times

I am investigating one suspicious program we have been using for months. After some complex code it dynamically generates an object (type() get <type 'code'>) and then executes it with exec. This is where I got lost. I have a tool for decompiling whole pyc compiled file, but I don't know how to decompile a dynamically generated object within a running program.

I can print it (nice bytecode there), I can write it to file. I tried to write it to a file and running pyc decompiler on it, but since it was bytecode of just one object and not full valid pyc program, it failed

edited Dec 07 '14 at 11:41

asked Dec 07 '14 at 11:26

David162795

1,846
3
15
20

can you save the object somehow and decompyle after – Padraic Cunningham Dec 07 '14 at 11:32
@Padraic Cunningham: yes, I can print it (nice bytecode there), I can write it to file. I tried to write it to a file and running pyc decompiler on it, but since it was bytecode of just one object and not full valid pyc program, it failed. – David162795 Dec 07 '14 at 11:35
how is the object created? Can you share the code? – Padraic Cunningham Dec 07 '14 at 11:41
@Padraic Cunningham: loaded using `marshal` from binary string created in suspicious way, including zlib compress and base64 encode – David162795 Dec 07 '14 at 11:43
have a look here http://srossross.github.io/Meta/html/modules/meta/decompile.html – Padraic Cunningham Dec 07 '14 at 12:19

Decompile and print object in python?

0 Answers0