精华内容
下载资源
问答
  • 介绍Python代码混淆工具,可以对源代码进行混淆处理,保证功能不变但代码基本不可读。 注意大部分混淆工具都是可逆的,例如编译生成pyc文件可以用https://github.com/wibiti/uncompyle2来解码。 pyminifier ...

    有时候用Python开发一些功能但不希望用户得到源代码,就希望对Python代码加一些保密措施。目前可行的方案可能是将核心代码用cython编译成os文件。分析如下:

    1.用pyc或pyo文件代替
    生成方式看这里。Python作为脚本语言,基本上只要是能得到pyc或pyo文件,便是等于拿到了源码,比如python在线反编译可以通过pyc和pyo文件快速识别出源代码。所以此方法只能隐藏源码。

    2.混淆源代码
    比如这里提供了在线的Python代码混淆服务,一定程度上增加了破解者阅读代码的成本,但是仍然不能起到保密的作用。

    3.pyexe、PyInstaller、py2app等打包软件
    这些工具用于将一个Python项目打包成单个可执行的文件,方便(在没有Python环境的机器上)使用。但通过压缩包可以方便地得到所有pyc文件或源文件,与C/C++编译生成的可执行文件有本质上的区别,基本上是零保护。

    4.Cython
    Cython是属于PYTHON的超集,他首先会将PYTHON代码转化成C语言代码,然后通过c编译器生成可执行文件。优势:资源丰富,适合快速开发。翻译成C后速度比较快。缺点是:无法支持JIT技术(导致纯python的执行速度比JAVA、JAVASCRIPT等要慢,于是有了PyPy)
    ————————————————
    版权声明:本文为CSDN博主「孤独な旅人」的原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接及本声明。
    原文链接:https://blog.csdn.net/kmsj0x00/article/details/80050912

    简介

    介绍Python代码混淆工具,可以对源代码进行混淆处理,保证功能不变但代码基本不可读。

    注意大部分混淆工具都是可逆的,例如编译生成pyc文件可以用 https://github.com/wibiti/uncompyle2 来解码。

    pyminifier

    pyminifier是一个对Python文件进行压缩、混淆的工具,项目地址 https://github.com/liftoff/pyminifier 。

    使用方式比较简单,通过pip安装。

    pip install pyminifier

    然后直接运行命令,把混淆后的输出重定向文件即可。

    pyminifier ./sparse_classifier.py > new.py

    默认命令只是对代码顺序进行重排和减少注释,如果需要混淆代码需要加上参数。

    pyminifier -O ./sparse_classifier.py > new.py

    注意,目前pyminifier只能处理单个文件,而且部分脚本混淆后不可运行,需要手动测试。

    Oxyry Python Obfuscator

    Oxyry Python Obfuscator是一个在线混淆代码的工具,地址是 http://pyob.oxyry.com/ 。

    注意目前Oxyry也只能混淆单个Python文件,测试过混淆后代码可用。

    Opy

    Opy也是一个代码混淆工具,可以对整个目录的Python文件进行混淆处理,并且支持定义混淆格式,项目地址 https://github.com/QQuick/Opy 。

    经过测试,混淆后的Python项目不可直接执行,不建议使用。

    编译成C模块

    目前大部分开源的Python代码混淆工具都是可逆的,最安全的不可逆方式是把Python代码编译成C模块,直接发布编译后的类库即可。

    但需要编写额外的代码来生成C模块,并且生成后的模块不一定可以直接运行。

    展开全文
  • python 代码混淆工具汇总

    千次阅读 2019-09-27 11:29:53
    Pyminifier is a Python code minifier, obfuscator, and compressor. Note For the latest, complete documentation: http://liftoff.github.io/pyminifier/ For the latest code: https:/...

    pyminifier

    Pyminifier is a Python code minifier, obfuscator, and compressor.

    Note

    Overview

    When you install pyminifier it should automatically add a 'pyminifier' executable to your $PATH. This executable has a number of command line arguments:

    $ pyminifier --help
    Usage: pyminifier [options] "<input file>"
    
    Options:
    --version             show program's version number and exit
    -h, --help            show this help message and exit
    -o <file path>, --outfile=<file path>
                          Save output to the given file.
    -d <file path>, --destdir=<file path>
                          Save output to the given directory. This option is
                            required when handling multiple files. Defaults to
                            './minified' and will be created if not present.
    --nominify            Don't bother minifying (only used with --pyz).
    --use-tabs            Use tabs for indentation instead of spaces.
    --bzip2               bzip2-compress the result into a self-executing python
                            script.  Only works on stand-alone scripts without
                            implicit imports.
    --gzip                gzip-compress the result into a self-executing python
                            script.  Only works on stand-alone scripts without
                            implicit imports.
    --lzma                lzma-compress the result into a self-executing python
                            script.  Only works on stand-alone scripts without
                            implicit imports.
    --pyz=<name of archive>.pyz
                          zip-compress the result into a self-executing python
                            script. This will create a new file that includes any
                            necessary implicit (local to the script) modules.
                            Will include/process all files given as arguments to
                            pyminifier.py on the command line.
    -O, --obfuscate       Obfuscate all function/method names, variables, and
                            classes.  Default is to NOT obfuscate.
    --obfuscate-classes   Obfuscate class names.
    --obfuscate-functions
                          Obfuscate function and method names.
    --obfuscate-variables
                          Obfuscate variable names.
    --obfuscate-import-methods
                          Obfuscate globally-imported mouled methods (e.g.
                            'Ag=re.compile').
    --obfuscate-builtins  Obfuscate built-ins (i.e. True, False, object,
                            Exception, etc).
    --replacement-length=1
                          The length of the random names that will be used when
                            obfuscating identifiers.
    --nonlatin            Use non-latin (unicode) characters in obfuscation
                            (Python 3 only).  WARNING: This results in some
                            SERIOUSLY hard-to-read code.
    --prepend=<file path>
                          Prepend the text in this file to the top of our
                            output.  e.g. A copyright notice.

    另外就是:

    Opy 1.1.7

    OPY - Obfuscator for Python, string obfuscation added

    Latest Version: 1.1.28

    The famous Phaistos Disc from Crete, obfuscation unbroken after thousands of years.

    Opy will obfuscate your extensive, real world, multi module Python source code for free! And YOU choose per project what to obfuscate and what not, by editting the config file:

    • You can recursively exclude all identifiers from certain modules from obfuscation.
    • You can exclude human readable configuration files containing Python code.
    • You can use getattr, setattr, exec and eval by excluding the identifiers they use.
    • You can even obfuscate module file names and string literals.
    • You can run your obfuscated code from any platform.

    What’s new:

    • Shebang and encoding lines are handled properly
    • Unicode and raw strings are handled properly
    • Underscore at the start of a name will be preserved in obfuscation
    • Names are obfuscated as hard to read sequences of 1’s and l’s
    • String literals can be obfuscated, this is reversible but poses an extra barrier
    • Comments and string literals can be exempted from obfuscation by inserting a special marker
    • Several bug fixes
    • Name changed from Pyo to Opy

    Bug reports and feature requests are most welcome and will be taken under serious consideration on a non-committal basis

    Installation:

    • Download and unzip Opy into an arbitrary directory of your computer.
    • You only need the files opy.py and py_config.txt. They are in the opy subdirectory of your unzipped Opy version.
    • Put opy.py or a script to launch it in the path of your OS, or simply copy opy.py to the topdirectory of your project.

    Use:

    • For safety, backup your sourcecode and valuable data to an off-line medium.
    • Put a copy of opy_config.txt in the top directory of your project.
    • Adapt it to your needs according to the remarks in opy_config.txt.
    • This file only contains plain Python and is exec’ed, so you can do anything clever in it.
    • Open a command window, go to the top directory of your project and run opy.py from there.
    • If the topdirectory of your project is e.g. ../work/project1 then the obfuscation result wil be in ../work/project1_opy.
    • Further adapt opy_config.txt until you’re satisfied with the result.
    • Type ‘opy ?’ or ‘python opy.py ?’ (without the quotes) on the command line to display a help text and the licence.

    Important remark:

    • Obfuscate your Python code only when stricktly needed. Freedom is one of the main benefits of the Python community. In line with this the source of Opy is not obfuscated.

    Example of obfuscated code:

    import Tkinter as l1111lll1
    import tkFileDialog
    import os
    
    from util import *
    
    from l1l111l import *
    from l1llll1 import *
    
    l1l1lll1l1l1 = 35
    l1l11l1ll1 = 16
    
    class l111l1l111l (l1111lll1.Frame, l1lll11ll1):
            def __init__ (self, parent):
                    l1111lll1.Frame.__init__ (self, parent)
                    l1lll11ll1.__init__ (self)
    
                    self.l1l1ll11llll = []
    
                    self.l1l1ll11llll.append (l1111lll1.Frame (self, width = l1l1llll1111, height = l1l11l111l))
                    self.l1l1ll11llll [-1] .pack (side = l1llll (u'ࡶࡲࡴࠬ'))
    
                    self.l1l1ll1ll11l = l1111lll1.LabelFrame (self, text = l1llll (u'ࡒࡦࡵࡤࡱࡵࡲࡩ࡯ࡩ࠸'), padx = 5)
                    self.l1l1ll1ll11l.pack (side = l1llll (u'ࡺ࡯ࡱࠢ'), fill = l1llll (u'ࡦࡴࡺࡨࠧ'), expand = True)
    

    Known limitations:

    • A comment after a string literal should be preceded by whitespace.
    • A ‘ or ” inside a string literal should be escaped with \ rather then doubled.
    • A # in a string literal can only be used at the start, so use ‘p”#”r’ rather than ‘p#r’.
    • Obfuscation of string literals is unsuitable for sensitive information since it can be trivially broken

    还有:

     

    Using pyobfuscate

    One is obfuscation. I like a package called pyobfuscate. It transforms your normal and clearly written (right?) Python source code into new source code that is hard to read, by making changes to whitespace and names, stripping comments, removing functions, etc.

    The package doesn’t seem to be on PyPI, but you can install it from the Github repo:

    Let’s try it out. Save the following code in example.py :

    Obfuscate it using the pyobfuscate  command, which should be on your path now that you have installed the package:

    Thee obfuscated code will be printed to the console:

    That’s pretty illegible!

    Unfortunately pyobfuscate only works on one source file at a time, so it’s not really suitable for large projects. It also appears to only work with Python 2 at the moment.

    Distributing bytecode

    Another, arguably easier, method is to just distribute the .pyc files. The Python standard library includes a compileall module that can scan your source directory and compile all of your files into Python bytecode. Then you can distribute them without the source files. The .pyc files can still be decompiled into source code, but the code will not be as readable as it was before.

    One problem with this method is that the initial .py script that you run cannot be compiled in this way. You can solve this problem by making a simple wrapper script that gives away no information about your program.

    These two methods are really just a deterrent, not a secure way of hiding the code.

    If you want something a bit more robust, you should take a look at Nuitka, which compiles Python code to C++, so you can compile that and just distribute the executable. It seems to be broadly compatible with different libraries and different versions of Python.



    compileall – Byte-compile Source Files

    Purpose: Convert source files to byte-compiled version.
    Available In: 1.4

    The compileall module finds Python source files and compiles them to the byte-code representation, saving the results in .pyc or .pyo files.

    Compiling One Directory

    compile_dir() is used to recursively scan a directory and byte-compile the files within it.

    import compileall
    
    compileall.compile_dir('examples')
    

    By default, all of the subdirectories are scanned to a depth of 10. When using a version control system such as subversion, this can lead to unnecessary scanning, as seen here:

    $ python compileall_compile_dir.py
    
    Listing examples ...
    Listing examples/.svn ...
    Listing examples/.svn/prop-base ...
    Listing examples/.svn/text-base ...
    Compiling examples/a.py ...
    Listing examples/subdir ...
    Listing examples/subdir/.svn ...
    Listing examples/subdir/.svn/prop-base ...
    Listing examples/subdir/.svn/text-base ...
    Compiling examples/subdir/b.py ...
    

    To filter directories out, use the rx argument to provide a regular expression to match the names to exclude.

    import compileall
    import re
    
    compileall.compile_dir('examples', 
        rx=re.compile(r'/\.svn'))
    
    $ python compileall_exclude_dirs.py
    
    Listing examples ...
    Listing examples/.svn ...
    Listing examples/.svn/prop-base ...
    Listing examples/.svn/text-base ...
    Compiling examples/a.py ...
    Listing examples/subdir ...
    Listing examples/subdir/.svn ...
    Listing examples/subdir/.svn/prop-base ...
    Listing examples/subdir/.svn/text-base ...
    Compiling examples/subdir/b.py ...
    

    The maxlevels argument controls the depth of recursion. For example, to avoid recursion entirely pass 0.

    import compileall
    import re
    
    compileall.compile_dir('examples', 
        maxlevels=0, 
        rx=re.compile(r'/\.svn'))
    
    $ python compileall_recursion_depth.py
    
    Listing examples ...
    Compiling examples/a.py ...
    
     

    转载于:https://www.cnblogs.com/bonelee/p/8603284.html

    展开全文
  • 混淆能力有限,防君子不防小人 地址:https://pyob.oxyry.com/ 混淆之后有注释,可以通过下面方法去掉: 通过快捷键ctrl+shift+R 进入 项目全局替换窗口,点击右上角 勾选正则,然后 搜索框输入 (#.*) 即可 ,...

    混淆能力有限,防君子不防小人

    地址:https://pyob.oxyry.com/

    混淆之后有注释,可以通过下面方法去掉:

    通过快捷键ctrl+shift+R 进入 项目全局替换窗口,点击右上角 勾选正则,然后 搜索框输入 (#.*) 即可 ,然后点击 replace all 去掉所有注释

    参考:https://www.cnblogs.com/rgcLOVEyaya/p/RGC_LOVE_YAYA_890days.html

    展开全文
  • Python代码混淆加密,详细介绍请看博客 https://zfj1128.blog.csdn.net/article/details/102825025
  • iOS代码混淆工具-马甲包混淆工具(Python脚本混淆iOS工程)
  • Intensio-Obfuscator可以直接将Python源代码进行转换,并输出经过混淆处理后的Python代码。它会自动将变量名、类名以及函数名替换为随机字符,并定义长度,移除注释内容,自动换行,并给每一行代码增加随机脚本...
  • 2.优化类名混淆重名问题; 3.优化代码和项目结构; 更新说明 https://gitee.com/zfj1128/ZFJObsLib_dmg ----------------------------------------分割线-------------------------------------...
  • Python代码混淆处理

    2019-07-13 16:57:03
    今天给大家介绍的是一款名叫Intensio-Obfuscator的专业代码混淆处理工具,广大Python开发人员以及安全专家可以使用这款工具来对v2.x以及v3.x版本的Python代码进行混淆处理。 工具简介 Intensio-Obfuscator可以直接将...
  • Python代码混淆工具

    千次阅读 2014-12-22 19:06:41
    市面上有很多混淆工具,最好是在混淆工具的基础上,自己再写一下,二次混淆。算法也不难。如果需要全局混淆,以及自动混淆,那么就复杂一些了,需要再加上词法分析和语法分析。 如何使用: 1,首先得安装...
  • Intensio-Obfuscator:一个Python 2.x和3.x代码混淆工具
  • 混淆python代码替代python代码的小工具 描述 原始资源是: : 该脚本基于项目。 增加了一些很棒的功能,例如支持总目录转换。 用法 python pyobfuscate.py -h Usage: pyobfuscate [options] Options: -h, --...
  • python混淆javascript代码

    千次阅读 2017-05-31 15:40:56
    代码混淆能将Js进行压缩,使之变成不易读的代码。如下图所示 当然这难不倒我们,网上有很多js反混淆的工具,作者推荐使用jsbeautifier。 因为最近项目用到python,jsbeautifier提供python库,调用起来特别方便...
  • 这是给iOS工程添加混淆代码、垃圾代码时用到的python工具类,还有一个java工具类,两种方式都可以自动刚生成垃圾代码,亲测有效,欢迎下载使用。
  • Python写的OC混淆工具

    2020-01-02 14:16:46
    Python写的oc代码混淆工具,看混淆类名,方法名等。用于马甲包提审。混淆词为词组拼接,目前是计算机类单词组合,可自行替换词库。。
  • 今天主要想说的是iOS的代码混淆,为什么想做代码混淆?为了APP的安全,为了防止别人破壳轻易破解我们代码;还有就是做马甲包了,我们知道马甲包的市场需求很大,但是不能花费过多的精力在开发上,毕竟只是个马甲,没...
  • OC代码混淆工具

    2018-02-02 15:02:00
    之前用python写了一个OC代码混淆脚本(python脚本),每次运行不方便,且其他人使用起来困难,就尝试写了一个mac工具工具地址:点我下载 密码:2405 现阶段工具还处于初级阶段,功能还很单一,后续会根据具体...
  • 通过字节码混淆来保护Python代码

    万次阅读 多人点赞 2017-03-12 21:47:07
    Python开发者常常面临这样一个难题,即如何保护代码中的技术...本文首先对常见的Python代码保护机制以及几个比较容易获得的Python代码保护工具进行了简单的分析,然后展示了通过字节码混淆来保护Python代码的技术原理。
  • 之前接触到 Python 逆向相关的一些 CTF 题目(最近一次是某符的 game),有的给出 Python 的伪指令,还有的直接给了一个被替换过指令的 pyc 文件,于是学习了一下Python 的字节码。学习过程中发现替换字节码指令这个...
  • 1.概述 本文的主要介绍SO源码虚拟化保护NDK插件的使用方式,阅读者需具备NDK开发经验,...Ndk插件通过执行pythoninstall.py命令安装编译器,使用完成后执行pythonuninstall.py即可恢复原始编译器如下图: 3.引...

空空如也

空空如也

1 2 3 4 5 ... 14
收藏数 280
精华内容 112
关键字:

python代码混淆工具

python 订阅