python-exe-unpacker | helper script for unpacking and decompiling EXEs | Reverse Engineering library
kandi X-RAY | python-exe-unpacker Summary
kandi X-RAY | python-exe-unpacker Summary
python-exe-unpacker is a Python library typically used in Utilities, Reverse Engineering applications. python-exe-unpacker has no bugs, it has no vulnerabilities, it has build file available, it has a Strong Copyleft License and it has low support. You can download it from GitHub.
A script that helps researcher to unpack and decompile executable written in python. However, right now this only supports executable created with py2exe and pyinstaller. This script glues together several tools available to the community. Hopefully, this can help people in their daily job. Several YARA rules are available to determine if the executable is written in python (This script also confirms if the executable is created with either py2exe or pyinstaller).
A script that helps researcher to unpack and decompile executable written in python. However, right now this only supports executable created with py2exe and pyinstaller. This script glues together several tools available to the community. Hopefully, this can help people in their daily job. Several YARA rules are available to determine if the executable is written in python (This script also confirms if the executable is created with either py2exe or pyinstaller).
Support
Quality
Security
License
Reuse
Support
python-exe-unpacker has a low active ecosystem.
It has 514 star(s) with 215 fork(s). There are 23 watchers for this library.
It had no major release in the last 6 months.
There are 13 open issues and 5 have been closed. On average issues are closed in 63 days. There are 3 open pull requests and 0 closed requests.
It has a neutral sentiment in the developer community.
The latest version of python-exe-unpacker is current.
Quality
python-exe-unpacker has 0 bugs and 0 code smells.
Security
python-exe-unpacker has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
python-exe-unpacker code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
python-exe-unpacker is licensed under the GPL-3.0 License. This license is Strong Copyleft.
Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.
Reuse
python-exe-unpacker releases are not available. You will need to build from source code and install.
Build file is available. You can build the component from source.
Installation instructions are available. Examples and code snippets are not available.
python-exe-unpacker saves you 186 person hours of effort in developing the same functionality from scratch.
It has 459 lines of code, 30 functions and 2 files.
It has medium code complexity. Code complexity directly impacts maintainability of the code.
Top functions reviewed by kandi - BETA
kandi has reviewed python-exe-unpacker and discovered the below as its top functions. This is intended to give you an instant insight into python-exe-unpacker implemented functionality, and help decide if they suit your requirements.
- Extract the contents of the pyz file .
- Prepend to the main_pyc file .
- Extracts the contents of the file .
- Extracts pycz files from extracted files .
- Extracts the encrypted encryption key .
- Open the executable file .
- Main entry point .
- Initialize parameters .
- Close the file pointer .
- Get user input .
Get all kandi verified functions for this library.
python-exe-unpacker Key Features
No Key Features are available at this moment for python-exe-unpacker.
python-exe-unpacker Examples and Code Snippets
No Code Snippets are available at this moment for python-exe-unpacker.
Community Discussions
Trending Discussions on python-exe-unpacker
QUESTION
"No module named pefile" even though I have installed pefile
Asked 2020-Feb-27 at 15:42
I have Python 2.7 and Python 3.8 on the same computer
I am trying to get this to work: https://github.com/countercept/python-exe-unpacker
The requirements are:
...ANSWER
Answered 2020-Feb-27 at 15:42You should use pip freeze to obtain the list of installed packages. Probably your py and python executables aren't the same, try py python_exe_unpack.py -i [programname.exe]. Also check which paths you using to obtain that package:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install python-exe-unpacker
python python_exe_unpack.py -i [malware.exe]. python python_exe_unpack.py -p [pyc file].
python python_exe_unpack.py -i [malware.exe] pyinstaller A folder will be created with the original filename concatenated with "_extracted". For example: "malware.exe_extracted". The main python file that contains the logic will usually be the file without any extension (In the folder that concatenated with "_extracted"). In the following example, "hello" is the one that contains the main python logic: -rw-rw-r-- 1 testuser testuser 70K Nov 14 13:08 bz2.pyd -rw-rw-r-- 1 testuser testuser 993K Nov 14 13:08 _hashlib.pyd -rw-rw-r-- 1 testuser testuser 111 Nov 14 13:08 hello -rw-rw-r-- 1 testuser testuser 1009 Nov 14 13:08 hello.exe.manifest -rw-rw-r-- 1 testuser testuser 1.1K Nov 14 13:08 Microsoft.VC90.CRT.manifest -rw-rw-r-- 1 testuser testuser 220K Nov 14 13:08 msvcm90.dll -rw-rw-r-- 1 testuser testuser 557K Nov 14 13:08 msvcp90.dll -rw-rw-r-- 1 testuser testuser 638K Nov 14 13:08 msvcr90.dll -rw-rw-r-- 1 testuser testuser 628K Nov 14 13:08 out00-PYZ.pyz drwxrwxr-x 2 testuser testuser 12K Nov 14 13:08 out00-PYZ.pyz_extracted -rw-rw-r-- 1 testuser testuser 5.2K Nov 14 13:08 pyiboot01_bootstrap -rw-rw-r-- 1 testuser testuser 2.5K Nov 14 13:08 pyimod01_os_path -rw-rw-r-- 1 testuser testuser 12K Nov 14 13:08 pyimod02_archive -rw-rw-r-- 1 testuser testuser 22K Nov 14 13:08 pyimod03_importers -rw-rw-r-- 1 testuser testuser 0 Nov 14 13:08 pyi-windows-manifest-filename hello.exe.manifest -rw-rw-r-- 1 testuser testuser 2.6M Nov 14 13:08 python27.dll -rw-rw-r-- 1 testuser testuser 10K Nov 14 13:08 select.pyd -rw-rw-r-- 1 testuser testuser 234 Nov 14 13:08 struct -rw-rw-r-- 1 testuser testuser 671K Nov 14 13:08 unicodedata.pyd pyinstaller has an option that can encrypt python bytecode. This script will try to decrypt it and decompile the decrypted code. py2exe The result of unpacking and decompiling will be located in folder "unpacked" or the location you specify. If error like this shows "Error in unpacking the exe. Probably due to version incompability (exe created using python 2 and run this script with python 3)", try setting your python to a different version than the one you are using. Eg: "alias python=python2" or "alias python=python3"
python python_exe_unpack.py -p [pyc file] In the above example, sometimes the python file that contains the main logic will not be in the format that uncompyle6 accept (Missing python magic numbers). The above command will prepend magic numbers and decompile it (If magic number is already preprended it will not add it and just proceed with decompiling).
python python_exe_unpack.py -i [malware.exe] pyinstaller A folder will be created with the original filename concatenated with "_extracted". For example: "malware.exe_extracted". The main python file that contains the logic will usually be the file without any extension (In the folder that concatenated with "_extracted"). In the following example, "hello" is the one that contains the main python logic: -rw-rw-r-- 1 testuser testuser 70K Nov 14 13:08 bz2.pyd -rw-rw-r-- 1 testuser testuser 993K Nov 14 13:08 _hashlib.pyd -rw-rw-r-- 1 testuser testuser 111 Nov 14 13:08 hello -rw-rw-r-- 1 testuser testuser 1009 Nov 14 13:08 hello.exe.manifest -rw-rw-r-- 1 testuser testuser 1.1K Nov 14 13:08 Microsoft.VC90.CRT.manifest -rw-rw-r-- 1 testuser testuser 220K Nov 14 13:08 msvcm90.dll -rw-rw-r-- 1 testuser testuser 557K Nov 14 13:08 msvcp90.dll -rw-rw-r-- 1 testuser testuser 638K Nov 14 13:08 msvcr90.dll -rw-rw-r-- 1 testuser testuser 628K Nov 14 13:08 out00-PYZ.pyz drwxrwxr-x 2 testuser testuser 12K Nov 14 13:08 out00-PYZ.pyz_extracted -rw-rw-r-- 1 testuser testuser 5.2K Nov 14 13:08 pyiboot01_bootstrap -rw-rw-r-- 1 testuser testuser 2.5K Nov 14 13:08 pyimod01_os_path -rw-rw-r-- 1 testuser testuser 12K Nov 14 13:08 pyimod02_archive -rw-rw-r-- 1 testuser testuser 22K Nov 14 13:08 pyimod03_importers -rw-rw-r-- 1 testuser testuser 0 Nov 14 13:08 pyi-windows-manifest-filename hello.exe.manifest -rw-rw-r-- 1 testuser testuser 2.6M Nov 14 13:08 python27.dll -rw-rw-r-- 1 testuser testuser 10K Nov 14 13:08 select.pyd -rw-rw-r-- 1 testuser testuser 234 Nov 14 13:08 struct -rw-rw-r-- 1 testuser testuser 671K Nov 14 13:08 unicodedata.pyd pyinstaller has an option that can encrypt python bytecode. This script will try to decrypt it and decompile the decrypted code. py2exe The result of unpacking and decompiling will be located in folder "unpacked" or the location you specify. If error like this shows "Error in unpacking the exe. Probably due to version incompability (exe created using python 2 and run this script with python 3)", try setting your python to a different version than the one you are using. Eg: "alias python=python2" or "alias python=python3"
python python_exe_unpack.py -p [pyc file] In the above example, sometimes the python file that contains the main logic will not be in the format that uncompyle6 accept (Missing python magic numbers). The above command will prepend magic numbers and decompile it (If magic number is already preprended it will not add it and just proceed with decompiling).
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
