mvrozanti
commented
6 years ago Good question actually. Not hard at all I'd imagine since it's a string; with a decent enough regex it should be no trouble. AFAIK UPX does nothing but translate it to machine code so we don't need a python interpreter.
Now, if they got your chat_id and you're not supposed to be on the network and you have not used some kind of VPN to connect to the Telegram bot from it's start then you have to worry.
P.S.: Adding some kind of encryption process to the string could make it more difficult to reverse engineer but the information would still be there; with it's decryption instructions.
P.P.S.: Using groups might significantly help with hiding as well, if bots can join groups.
P.P.P.S.: Actually if someone can reverse engineer the executable they basically have the keys to the C&C server and all the subsequent hosts so it would be a major problem. This is an actual problem to be solved
X3eRo0
I searched online for some knowledge on reverse engineering of an pyinstaller compiled exe to reach to the source code. My question is that how hard is it to reverse engineer the exe and reach to the attacker who did all this after all once we know the source code behind the exe we know the chat_id and with that anyone can see who did this. Also does UPX compression play a role in encrypting the exe after being compiled by pyinstaller?
Thanks anyway