Closed stufert closed 1 year ago
Hey, this is probably due to it not actually being unpacked, can you send the file over so I can analyze it? Thanks. I also recommend you edit your dis.py
package so that you can still see the invalid bytecode. Just add a try-except statement.
First of all many thanks for providing multiple methods for unpacking pyarmor-protected files including the detailed descriptions.
I tried out your described methods to unpack a few files. After trying out multiple python versions and having issues with the 2nd and 3rd method (either or just receiving
0
while keeping an emptydump
directory), I was able to successfully unpack a file with your third method. Since the bytecode was created with version 3.9 and contains opcodes that are currently not supported in pycdc (e.g.EXTENDED_ARG
) I used the internaldis
module andxdis
to disassemble the bytecode.While doing this, i went into the following issue:
It doesn't only happen for the constants, but also for the name references. Just logged the issue and noticed that sometimes, apart from several opcodes with only numbers, e.g.
<140>
, the oparg is higher than the number of elements inco.co_varnames
,co.co_names
,co.co_consts
. As a result, the output of two methods is nearly completely unreadable.Do u have any ideas on how to bypass this?