Please 🌟 if this is useful!
KryptDis is a tool that can be used to find the source code of any Python File!
This includes...
- Obfuscated .py files
- PyInstaller/Nuitka Packed .exe files
KryptDis is a .dll file, which can be injected into Python processes.
When injected, it executes a code which will get the source code of your script.
You can see the code of the disassembler by opening "Disassembler.py"
Once injected, the program will close and a text file will open.
This text file contains a report of what it found.
This includes the assembly of all functions, content of all variables, imported modules, and URLs!
Source Code:
def main(): print('Hello!'); input()
main()
Obfuscated Code:
from pytransform import pyarmor_runtime
pyarmor_runtime()
__pyarmor__(__name__, __file__, b'\x50\x59\x41\x52\x4d\x4f\x52\x00\x00\x03\x09\x00\x61\x0d\x0d\x0a\x09\x30\xe0\x02\x00\x00\x00\x00\x01\x00\x00\x00\x40\x00\x00\x00\x9e\x01\x00\x00\x00\x00\x00\x18\xc2\xaa\x28\xd5\xee\x4a\x5e\xbb\x8a\x49\x65\x01\x98\x2e\x19\xf3\x00\x00\x00\x00\x00\x00\x00\x00\x1a\x43\xba\xbe\x54\xd0\xca\xba\x06\xda\x8e\xe7\x06\x1a\x14\x63\xc5\x98\x1b\xfc\x5c\x48\xca\x21\x20\x31\x8f\x02\x3e\xff\x69\xf0\x5d\xde\xd5\x28\x1c\x33\xb3\x1d\x9d\xbc\xaf\xb7\x92\xf6\x78\x61\x4f\xfa\xcb\x1e\x85\x68\xe8\x15\x76\x78\x41\xd1\x1f\xaa\xa9\xeb\x75\xf0\x22\x75\xbb\x00\xf1\xb2\x00\xe1\x37\x84\x75\xd1\xa2\x64\xbe\xaf\x39\x77\xcd\x65\x2b\x63\xd1\xbb\xed\x96\x12\xda\xf5\xd4\x8d\x15\x96\x66\x7f\x83\xc3\x44\x0e\xc6\x4a\x2b\x40\x4e\xaf\x75\x0d\x0b\x60\x69\x54\xdd\xfe\xf3\xd2\xdb\xa0\x53\xa1\x26\x01\x0c\x39\x7e\x52\x35\xaf\x46\x17\x14\x3b\x68\x3b\xd5\xf1\xc4\x54\x7f\x27\xf8\x14\x37\x32\x71\x13\xea\xef\xf7\x4e\xe6\x93\xfb\xbc\x58\xa4\xdf\x1e\x42\x3b\xf5\xba\xe7\xed\x51\xd5\x9a\xb2\x1f\xaa\xde\x3c\x02\x1d\x56\x27\x77\xe9\x57\x0c\x46\x1c\xef\x6d\x7a\xd4\xa8\xbb\xb6\x68\xf6\xa7\xf8\x45\xe3\x5a\xb8\xe1\xa4\x0c\x25\x47\x5c\x7e\xa3\x7b\x0e\x2a\x0c\x36\x43\x77\x9a\x28\x90\x35\xf0\x2e\xf0\x8c\x30\x32\xaf\xeb\xe7\x0f\xbf\x4b\x30\x5a\xec\xd8\xc6\x8f\x13\xba\xfb\x03\xf3\xc7\x52\xf8\x54\x86\x3d\x9d\x3d\x14\x90\x43\x57\xd5\xa6\xc6\x57\x13\xb8\x5d\x47\x0f\x90\xe6\xd8\xa5\x15\xd4\x69\xb3\x09\x60\xca\xdb\x1d\x96\x76\xbf\xbe\xe0\x56\x2b\x4a\xda\x46\x31\x38\x0c\xc2\xb6\xf3\x8f\xe9\x8e\xf2\x93\xe0\x48\x95\x37\x69\x5d\x6e\x47\x3d\xf4\x0f\x11\xdb\x64\xb4\x29\x8e\xec\x4e\x09\xbe\xa9\x8d\x63\x04\x81\x1f\xa9\x70\xc8\x1f\xb6\x14\x37\x95\x34\x14\xbb\xcf\xab\xab\x57\x9c\xac\xe8\x22\x00\xbc\xf9\x02\x4f\x1e\x62\xf9\x5f\xd6\x28\x91\x17\x31\x6a\x61\xd1\xc6\x74\xc1\x32\x57\x20\x1a\xe2\xa9\x74\xaf\x55\xd9\xed\x6f\x49\xaf\x17\xfd\x7f\x94\x08\x7a\x7f\xfe\xe3\x04\x73\xe5\x90\x53\x2a\x3a\xfb\x1a\x9a\x2a\x7c\xfd\x7c\x17\x5e\x83\x22\xb7\xe1\x59\x98\x1f\x53\x08\x9b', 2)
Injected Code:
# Report generated by KryptDis.
# PyArmor detected!
Class: Main
Name: main
Type: function
Object ID: 0x0000019406B2E040
Assembly Report:
1 0 JUMP_ABSOLUTE 18
2 NOP
4 NOP
>> 6 POP_BLOCK
8 LOAD_GLOBAL 3 (__armor_exit__)
10 CALL_FUNCTION 0
12 POP_TOP
14 RETURN_VALUE
16 NOP
>> 18 LOAD_GLOBAL 2 (__armor_enter__)
20 CALL_FUNCTION 0
22 POP_TOP
24 NOP
26 NOP
28 NOP
30 SETUP_FINALLY 18 (to 50)
32 LOAD_GLOBAL 0 (print) # Print Function
34 LOAD_CONST 1 ('Hello!') # String Argument for Print Function
36 CALL_FUNCTION 1
38 POP_TOP
40 LOAD_GLOBAL 1 (input) # Input Function
42 CALL_FUNCTION 0
44 POP_TOP
46 LOAD_CONST 0 (None)
48 JUMP_ABSOLUTE 6
>> 50 LOAD_GLOBAL 3 (__armor_exit__)
52 CALL_FUNCTION 0
54 POP_TOP
56 RERAISE
58 RETURN_VALUE
60 NOP
62 NOP
64 NOP
66 <203> 89
68 <234> 110
70 <151> 30
72 INPLACE_FLOOR_DIVIDE
74 BINARY_SUBSCR
76 <173> 108
78 <169> 56
80 <53>
Class: Main
Name: pyarmor_runtime
Type: function
Object ID: 0x0000019408808C10
Assembly Report:
360 0 LOAD_GLOBAL 0 (_pytransform)
2 LOAD_CONST 0 (None)
4 IS_OP 1
6 POP_JUMP_IF_FALSE 12
361 8 LOAD_CONST 0 (None)
10 RETURN_VALUE
363 >> 12 SETUP_FINALLY 26 (to 40)
364 14 LOAD_GLOBAL 1 (pyarmor_init)
16 LOAD_FAST 0 (path)
18 LOAD_CONST 1 (1)
20 LOAD_FAST 1 (suffix)
22 LOAD_FAST 2 (advanced)
24 LOAD_CONST 2 (('is_runtime', 'suffix', 'advanced'))
26 CALL_FUNCTION_KW 4
28 POP_TOP
365 30 LOAD_GLOBAL 2 (init_runtime)
32 CALL_FUNCTION 0
34 POP_TOP
36 POP_BLOCK
38 JUMP_FORWARD 86 (to 126)
366 >> 40 DUP_TOP
42 LOAD_GLOBAL 3 (Exception)
44 JUMP_IF_NOT_EXC_MATCH 124
46 POP_TOP
48 STORE_FAST 3 (e)
50 POP_TOP
52 SETUP_FINALLY 62 (to 116)
367 54 LOAD_GLOBAL 4 (sys)
56 LOAD_ATTR 5 (flags)
58 LOAD_ATTR 6 (debug)
60 POP_JUMP_IF_TRUE 72
62 LOAD_GLOBAL 7 (hasattr)
64 LOAD_GLOBAL 4 (sys)
66 LOAD_CONST 3 ('_catch_pyarmor')
68 CALL_FUNCTION 2
70 POP_JUMP_IF_FALSE 74
368 >> 72 RAISE_VARARGS 0
369 >> 74 LOAD_GLOBAL 4 (sys)
76 LOAD_ATTR 8 (stderr)
78 LOAD_METHOD 9 (write)
80 LOAD_CONST 4 ('%s\n')
82 LOAD_GLOBAL 10 (str)
84 LOAD_FAST 3 (e)
86 CALL_FUNCTION 1
88 BINARY_MODULO
90 CALL_METHOD 1
92 POP_TOP
370 94 LOAD_GLOBAL 4 (sys)
96 LOAD_METHOD 11 (exit)
98 LOAD_CONST 1 (1)
100 CALL_METHOD 1
102 POP_TOP
104 POP_BLOCK
106 POP_EXCEPT
108 LOAD_CONST 0 (None)
110 STORE_FAST 3 (e)
112 DELETE_FAST 3 (e)
114 JUMP_FORWARD 10 (to 126)
>> 116 LOAD_CONST 0 (None)
118 STORE_FAST 3 (e)
120 DELETE_FAST 3 (e)
122 RERAISE
>> 124 RERAISE
>> 126 LOAD_CONST 0 (None)
128 RETURN_VALUE
Imports: dis, os, re, sys
Links:
Credits: PyInjector for the Script Injection.