python 代码混淆工具汇总
pyminifier
Pyminifier is a Python code minifier, obfuscator, and compressor.
Note
- For the latest, complete documentation: http://liftoff.github.io/pyminifier/
- For the latest code: https://github.com/liftoff/pyminifier
Overview
When you install pyminifier it should automatically add a 'pyminifier' executable to your $PATH
. This executable has a number of command line arguments:
$ pyminifier --help
Usage: pyminifier [options] "<input file>" Options:
--version show program's version number and exit
-h, --help show this help message and exit
-o <file path>, --outfile=<file path>
Save output to the given file.
-d <file path>, --destdir=<file path>
Save output to the given directory. This option is
required when handling multiple files. Defaults to
'./minified' and will be created if not present.
--nominify Don't bother minifying (only used with --pyz).
--use-tabs Use tabs for indentation instead of spaces.
--bzip2 bzip2-compress the result into a self-executing python
script. Only works on stand-alone scripts without
implicit imports.
--gzip gzip-compress the result into a self-executing python
script. Only works on stand-alone scripts without
implicit imports.
--lzma lzma-compress the result into a self-executing python
script. Only works on stand-alone scripts without
implicit imports.
--pyz=<name of archive>.pyz
zip-compress the result into a self-executing python
script. This will create a new file that includes any
necessary implicit (local to the script) modules.
Will include/process all files given as arguments to
pyminifier.py on the command line.
-O, --obfuscate Obfuscate all function/method names, variables, and
classes. Default is to NOT obfuscate.
--obfuscate-classes Obfuscate class names.
--obfuscate-functions
Obfuscate function and method names.
--obfuscate-variables
Obfuscate variable names.
--obfuscate-import-methods
Obfuscate globally-imported mouled methods (e.g.
'Ag=re.compile').
--obfuscate-builtins Obfuscate built-ins (i.e. True, False, object,
Exception, etc).
--replacement-length=1
The length of the random names that will be used when
obfuscating identifiers.
--nonlatin Use non-latin (unicode) characters in obfuscation
(Python 3 only). WARNING: This results in some
SERIOUSLY hard-to-read code.
--prepend=<file path>
Prepend the text in this file to the top of our
output. e.g. A copyright notice. 另外就是:
Opy 1.1.7
OPY - Obfuscator for Python, string obfuscation added
Latest Version: 1.1.28
The famous Phaistos Disc from Crete, obfuscation unbroken after thousands of years.
Opy will obfuscate your extensive, real world, multi module Python source code for free!
And YOU choose per project what to obfuscate and what not, by editting the config file:
- You can recursively exclude all identifiers from certain modules from obfuscation.
- You can exclude human readable configuration files containing Python code.
- You can use getattr, setattr, exec and eval by excluding the identifiers they use.
- You can even obfuscate module file names and string literals.
- You can run your obfuscated code from any platform.
What’s new:
- Shebang and encoding lines are handled properly
- Unicode and raw strings are handled properly
- Underscore at the start of a name will be preserved in obfuscation
- Names are obfuscated as hard to read sequences of 1’s and l’s
- String literals can be obfuscated, this is reversible but poses an extra barrier
- Comments and string literals can be exempted from obfuscation by inserting a special marker
- Several bug fixes
- Name changed from Pyo to Opy
Bug reports and feature requests are most welcome and will be taken under serious consideration on a non-committal basis
Installation:
- Download and unzip Opy into an arbitrary directory of your computer.
- You only need the files opy.py and py_config.txt. They are in the opy subdirectory of your unzipped Opy version.
- Put opy.py or a script to launch it in the path of your OS, or simply copy opy.py to the topdirectory of your project.
Use:
- For safety, backup your sourcecode and valuable data to an off-line medium.
- Put a copy of opy_config.txt in the top directory of your project.
- Adapt it to your needs according to the remarks in opy_config.txt.
- This file only contains plain Python and is exec’ed, so you can do anything clever in it.
- Open a command window, go to the top directory of your project and run opy.py from there.
- If the topdirectory of your project is e.g. ../work/project1 then the obfuscation result wil be in ../work/project1_opy.
- Further adapt opy_config.txt until you’re satisfied with the result.
- Type ‘opy ?’ or ‘python opy.py ?’ (without the quotes) on the command line to display a help text and the licence.
Important remark:
- Obfuscate your Python code only when stricktly needed. Freedom is
one of the main benefits of the Python community. In line with this the
source of Opy is not obfuscated.
Example of obfuscated code:
import Tkinter as l1111lll1
import tkFileDialog
import os from util import * from l1l111l import *
from l1llll1 import * l1l1lll1l1l1 = 35
l1l11l1ll1 = 16 class l111l1l111l (l1111lll1.Frame, l1lll11ll1):
def __init__ (self, parent):
l1111lll1.Frame.__init__ (self, parent)
l1lll11ll1.__init__ (self) self.l1l1ll11llll = [] self.l1l1ll11llll.append (l1111lll1.Frame (self, width = l1l1llll1111, height = l1l11l111l))
self.l1l1ll11llll [-1] .pack (side = l1llll (u'ࡶࡲࡴࠬ')) self.l1l1ll1ll11l = l1111lll1.LabelFrame (self, text = l1llll (u'ࡒࡦࡵࡤࡱࡵࡲࡩࡩ࠸'), padx = 5)
self.l1l1ll1ll11l.pack (side = l1llll (u'ࡺࡱࠢ'), fill = l1llll (u'ࡦࡴࡺࡨࠧ'), expand = True)
Known limitations:
- A comment after a string literal should be preceded by whitespace.
- A ‘ or ” inside a string literal should be escaped with \ rather then doubled.
- A # in a string literal can only be used at the start, so use ‘p”#”r’ rather than ‘p#r’.
- Obfuscation of string literals is unsuitable for sensitive information since it can be trivially broken
还有:
Using pyobfuscate
One is obfuscation. I like a package called pyobfuscate. It transforms your normal and clearly written (right?) Python source code into new source code that is hard to read, by making changes to whitespace and names, stripping comments, removing functions, etc.
The package doesn’t seem to be on PyPI, but you can install it from the Github repo:
cd pyobfuscate/
python setup.py install
1
2
3
|
Let’s try it out. Save the following code in example.py :
if n == 0: return 0
if n == 1: return 1
return fibonacci(n-1) + fibonacci(n-2)
def main():
for i in range(10):
result = fibonacci(1)
if __name__ == "__main__":
main()
1
2
3
4
5
6
7
8
9
10
11
12
|
def fibonacci(n):
if n == 0: return 0
if n == 1: return 1
return fibonacci(n-1) + fibonacci(n-2)
def main():
for i in range(10):
result = fibonacci(1)
if __name__ == "__main__":
main()
|
Obfuscate it using the pyobfuscate command, which should be on your path now that you have installed the package:
1
|
pyobfuscate example.py
|
Thee obfuscated code will be printed to the console:
if n == 0 : return 0
if n == 1 : return 1
return oo000 ( n - 1 ) + oo000 ( n - 2 )
if 9 - 9: Ii . o0o00Oo0O - iI11I1II1I1I
if 71 - 71: ii
def iIIii1IIi ( ) :
for o0OO00 in range ( 10 ) :
oo = oo000 ( 1 )
if 27 - 27: oO0OooOoO * o0Oo
if __name__ == "__main__" :
iIIii1IIi ( )
1
2
3
4
5
6
7
8
9
10
11
12
|
def oo000 ( n ) :
if n == 0 : return 0
if n == 1 : return 1
return oo000 ( n - 1 ) + oo000 ( n - 2 )
if 9 - 9: Ii . o0o00Oo0O - iI11I1II1I1I
if 71 - 71: ii
def iIIii1IIi ( ) :
for o0OO00 in range ( 10 ) :
oo = oo000 ( 1 )
if 27 - 27: oO0OooOoO * o0Oo
if __name__ == "__main__" :
iIIii1IIi ( )
|
That’s pretty illegible!
Unfortunately pyobfuscate only works on one source file at a time, so it’s not really suitable for large projects. It also appears to only work with Python 2 at the moment.
Distributing bytecode
Another, arguably easier, method is to just distribute the .pyc files. The Python standard library includes a compileall module that can scan your source directory and compile all of your files into Python bytecode. Then you can distribute them without the source files. The .pyc files can still be decompiled into source code, but the code will not be as readable as it was before.
One problem with this method is that the initial .py script that you run cannot be compiled in this way. You can solve this problem by making a simple wrapper script that gives away no information about your program.
if __name__ == "__main__":
main()
1
2
3
4
|
from mymodule import main
if __name__ == "__main__":
main()
|
These two methods are really just a deterrent, not a secure way of hiding the code.
If you want something a bit more robust, you should take a look at Nuitka, which compiles Python code to C++, so you can compile that and just distribute the executable. It seems to be broadly compatible with different libraries and different versions of Python.
compileall – Byte-compile Source Files
Purpose: | Convert source files to byte-compiled version. |
---|---|
Available In: | 1.4 |
The compileall module finds Python source files and compiles them to the byte-code representation, saving the results in .pyc or .pyo files.
Compiling One Directory
compile_dir() is used to recursively scan a directory and byte-compile the files within it.
import compileall compileall.compile_dir('examples')
By default, all of the subdirectories are scanned to a depth of 10. When using a version control system such as subversion, this can lead to unnecessary scanning, as seen here:
$ python compileall_compile_dir.py Listing examples ...
Listing examples/.svn ...
Listing examples/.svn/prop-base ...
Listing examples/.svn/text-base ...
Compiling examples/a.py ...
Listing examples/subdir ...
Listing examples/subdir/.svn ...
Listing examples/subdir/.svn/prop-base ...
Listing examples/subdir/.svn/text-base ...
Compiling examples/subdir/b.py ...
To filter directories out, use the rx argument to provide a regular expression to match the names to exclude.
import compileall
import re compileall.compile_dir('examples',
rx=re.compile(r'/\.svn'))
$ python compileall_exclude_dirs.py Listing examples ...
Listing examples/.svn ...
Listing examples/.svn/prop-base ...
Listing examples/.svn/text-base ...
Compiling examples/a.py ...
Listing examples/subdir ...
Listing examples/subdir/.svn ...
Listing examples/subdir/.svn/prop-base ...
Listing examples/subdir/.svn/text-base ...
Compiling examples/subdir/b.py ...
The maxlevels argument controls the depth of recursion. For example, to avoid recursion entirely pass 0.
import compileall
import re compileall.compile_dir('examples',
maxlevels=0,
rx=re.compile(r'/\.svn'))
$ python compileall_recursion_depth.py Listing examples ...
Compiling examples/a.py ...
最新文章
- nodejs get/request
- linux服务器init 5启动图形界面,报错Retrigger failed udev events
- C# DataSet和DataTable详解
- 区间k大数查询
- uva 10048 Audiophobia(最小生成树)
- Castle ActiveRecord学习实践
- [改善Java代码] 避免instanceof非预期结果
- RelativeLayout布局下实现控件平分空间
- 解决mac 10.11 以后 无法使用未签名第三驱动
- cocoaPods的安装使用 以及 Carthage
- linux c++爬虫(一)
- Zend Framework 3.0 安装及创建初始化项目教程
- Shader 入门笔记(一)
- 史上最大的CPU Bug(幽灵和熔断的OS&;SQLServer补丁)
- Android Stutio 3.0 - Gradle sync failed
- 一篇文章看懂Java并发和线程安全
- css direction 属性简介与实际应用。
- nginx 代理 https 后,应用变成 http
- 卡尔曼滤波跟踪 opencv
- 数据库连接不关闭造成的问题以及RowSet的使用
热门文章
- Python 软件开发目录规范
- Error opening session. Cause: java.lang.NullPointerExcept.
- PHP:验证邮箱合法性
- Why Countries Succeed and Fail Economically
- Quartz --Scheduler
- Unity 3D 使用Relief Terrain Pack(RTP) 问题
- AndroidSweetSheet:从底部弹出面板(1)
- 括号序列(Poj1141)
- bzoj2212 Tree Rotations
- Java :面向对象