defencrypted2pyc(self, root): CRYPT_BLOCK_SIZE = 16 # key obtained from pyimod00_crypto_key key = bytes(self.key[0], 'utf-8') # key = bytes('0000000000013983', 'utf-8') for p in Path(root).glob("**/*.pyc.encrypted"): inf = open(p, 'rb') # encrypted file input outf = open(p.with_name(p.stem), 'wb') # output file # Initialization vector iv = inf.read(CRYPT_BLOCK_SIZE) cipher = tinyaes.AES(key, iv) # Decrypt and decompress plaintext = zlib.decompress(cipher.CTR_xcrypt_buffer(inf.read())) # Write pyc header # The header below is for Python 3.7 outf.write(b'\x42\x0d\x0d\x0a\0\0\0\0\0\0\0\0\0\0\0\0') # Write decrypted data outf.write(plaintext) inf.close() outf.close() # Delete .pyc.encrypted file # p.unlink() print("change %s ---> %s"%(p, p.with_name(p.stem)))
defpyc2py(self, root, files): for file_name in files: if file_name.endswith('.pyc'): ifnot self.check_if_file_exists(file_name): if file_name.endswith('.pyc'): part_name = file_name[0:-4] part_file_name = os.path.join(root, part_name).replace("\\","/") os.system("decompyle3 %s.pyc > %s.py"%(part_file_name, part_file_name)) print("change %s.pyc ---> %s.py"%(part_file_name, part_file_name)) else: print("%s already exist, skip"%(file_name[0:-4]+'.py')) continue
defget_key_from_crypto_key(self): for root, dirs, files in os.walk(self.pyc_dir, True): for file_name in files: if file_name == "pyimod00_crypto_key.pyc": part_name = file_name[0:-4] part_file_name = os.path.join(root, part_name).replace("\\","/") os.system("decompyle3 %s.pyc > %s.py"%(part_file_name, part_file_name)) print("change %s.pyc ---> %s.py"%(part_file_name, part_file_name)) withopen(part_file_name+'.py', 'r') as f: for line in f.readlines(): if"key = "in line: self.key = re.findall(r"'([^']*)'", line)
defcheck_if_file_exists(self, file_name): part_name = file_name[0:-4] + '.py' if part_name in self.files: returnTrue returnFalse
