Closed Open-AGI closed 1 year ago
Is there any reason you chose method 1? This error will occur with the other methods as well but they are better in general. Are you injecting it while it's waiting for input?
Thank you very much for your reply. I saw you say:
IMPORTANT: USE THE SAME PYTHON VERSION EVERYWHERE, LOOK AT WHAT THE PROGRAM YOU ARE UNPACKING IS COMPILED WITH. If you don't you will face issues.
The obfuscated .py
file requires python3.6.6 to run, so I chose the method 1.
My main.py :
from pytransform import pyarmor_runtime
pyarmor_runtime()
__pyarmor__(__name__, __file__, b'\x50\x59\x41\x52\x4d\x4f\x52\x00...\x3d\x3c\x1c\x55\xbe', 2)
If I add input()
to the main.py
file, and then run python main.py
, the result is:
Check bootstrap restrict mode failed
So I add input()
in .\pytransform\__init__.py
# These module alos are used by protection code, so that protection
# code needn't import anything
import os
import platform
import sys
import struct
input()
# Because ctypes is new from Python 2.5, so pytransform doesn't work
# before Python 2.5
And then, i run python main.py
, the result is:
Traceback (most recent call last):
File "<string>", line 4, in <module>
File "<string>", line 10, in <module>
NameError: name 'code' is not defined
So, i removed the if "frozen" in frame.f_code.co_filename:
from the code.py
file(method 1).
And then, i run python main.py
,the program starts and runs normally.
And then I double-clicked to run method_1.py
, and then run run.py
, but I don't know how to get the deobfuscated source code.
Right now you're waiting for input before the program has been ran, which causes the code object to not exist. You need to find a way to make the program wait while it's running, perhaps it does this automatically or you can hijack a different package that it imports.
Sorry, I still don't understand, can you give me a specific example?
Let's say program x
has an obfuscated module y
. If module y
imports an external module requests
, then you could create requests.py
in the same directory. That way when you run program x
it will trigger the unpacker in the fake requests
package. You'll need to modify the script to grab the right code object (using sys._getframe
). Or you can put input()
in the fake package and inject.
Thank you very much, I understand what to do, thank you for your patience guidance.
sorry, i can't understand
"Now you can run the partially unpacked program using run.py"
. I'm not sure if this is related to the error reported earlier that.After I injected the "PyInjector dll", the terminal showed
So, i chuange the
code.py
file to:Thank you very much for any helps.