拿到一个文件,打开查看一下是这样子的。
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import marshal, zlib, base64
exec(marshal.loads(zlib.decompress(base64.b64decode('eJyNVktv00AQXm/eL0igiaFA01IO4cIVCUGFBBJwqRAckLhEIQmtRfPwI0QIeio/hRO/hJ/CiStH2M/prj07diGRP43Hs9+MZ2fWMxbnP6mux+oK9xVMHPFViLdCTB0xkeKDFEFfTIU4E8KZq8dCvB4UlN3hGEsdddXU9QTLv1eFiGKGM4cKUgsFCNLFH7dFrS9poayFYmIZm1b0gyqxMOwJaU3r6xs9sW1ooakXuRv+un7Q0sIlLVzOCZq/XtsK2oTSYaZlStogXi1HV0iazoN2CV2HZeXqRQ54TlJRb7FUlKyUatISsdzo+P7UU1Gb1POdMruckepGwk9tIXQTftz2yBaT5JQovWvpSa6poJPuqgao+b9l5Aj/R+mLQIP4f6Q8Vb3g/5TB/TJxWGdZr9EQrmn99fwKtTvAZGU7wzS7GNpZpDm2JgCrr8wrmPoo54UqGampFIeS9ojXjc4E2yI06bq/4DRoUAc0nVnng4k6p7Ks0+j/S8z9V+NZ5dhmrJUM/y7JTJeRtnJ2TSYJvsFq3CQt/vnfqmQXt5KlpuRcIvDAmhnn2E0t9BJ3SvB/SfLWhuOWNiNVZ+h28g4wlwUp00w95si43rZ3r6+fUIEdgOZbQAsyFRRvBR6dla8KCzRdslar7WS+a5HFb39peIAmG7uZTHVm17Czxju4m6bayz8e7J40DzqM0jr0bmv9PmPvk6y5z57HU8wdTDHeiUJvBMAM4+0CpoAZ4BPgJeAYEAHmgAUgAHiAj4AVAGORtwd4AVgC3gEmgBBwCPgMWANOAQ8AbwBHgHuAp4D3gLuARwoGmNUizF/j4yDC5BWM1kNvvlxFA8xikRrBxHIUhutFMBlgQoshhPphGAXe/OggKqqb2cibxwuEXjUcQjccxi5eFRL1fDSbKrUhy2CMb2aLyepkegDWsBwPlrVC0/kLHmeCBQ=='))))
那就按照题目意思解码一下
import zlib
import base64
bytecode = zlib.decompress(base64.b64decode('eJyNVktv00AQXm/eL0igiaFA01IO4cIVCUGFBBJwqRAckLhEIQmtRfPwI0QIeio/hRO/hJ/CiStH2M/prj07diGRP43Hs9+MZ2fWMxbnP6mux+oK9xVMHPFViLdCTB0xkeKDFEFfTIU4E8KZq8dCvB4UlN3hGEsdddXU9QTLv1eFiGKGM4cKUgsFCNLFH7dFrS9poayFYmIZm1b0gyqxMOwJaU3r6xs9sW1ooakXuRv+un7Q0sIlLVzOCZq/XtsK2oTSYaZlStogXi1HV0iazoN2CV2HZeXqRQ54TlJRb7FUlKyUatISsdzo+P7UU1Gb1POdMruckepGwk9tIXQTftz2yBaT5JQovWvpSa6poJPuqgao+b9l5Aj/R+mLQIP4f6Q8Vb3g/5TB/TJxWGdZr9EQrmn99fwKtTvAZGU7wzS7GNpZpDm2JgCrr8wrmPoo54UqGampFIeS9ojXjc4E2yI06bq/4DRoUAc0nVnng4k6p7Ks0+j/S8z9V+NZ5dhmrJUM/y7JTJeRtnJ2TSYJvsFq3CQt/vnfqmQXt5KlpuRcIvDAmhnn2E0t9BJ3SvB/SfLWhuOWNiNVZ+h28g4wlwUp00w95si43rZ3r6+fUIEdgOZbQAsyFRRvBR6dla8KCzRdslar7WS+a5HFb39peIAmG7uZTHVm17Czxju4m6bayz8e7J40DzqM0jr0bmv9PmPvk6y5z57HU8wdTDHeiUJvBMAM4+0CpoAZ4BPgJeAYEAHmgAUgAHiAj4AVAGORtwd4AVgC3gEmgBBwCPgMWANOAQ8AbwBHgHuAp4D3gLuARwoGmNUizF/j4yDC5BWM1kNvvlxFA8xikRrBxHIUhutFMBlgQoshhPphGAXe/OggKqqb2cibxwuEXjUcQjccxi5eFRL1fDSbKrUhy2CMb2aLyepkegDWsBwPlrVC0/kLHmeCBQ=='))
fp = open("../handcrafted-pyc/bytecode", "wb")
fp.write(bytecode)
将bytecode后缀名改为.pyc还是不管用,用hex_editor查看一下,发现其缺少pyc文件头
py2的头:03 F3 0D 0A 97 32 18 5E(前四字节为版本信息,后四字节为修改时间信息)
py3的头:33 0D 0D 0A 15 2F 18 5E
修改完后的pyc文件还是不可以被直接解码
但是可以使用如下命令:
uncompyle6 bytecode.pyc > disa.txt
将其解成汇编码
# uncompyle6 version 3.7.4
# Python bytecode 2.7 (62211)
# Decompiled from: Python 3.8.5 (default, Sep 3 2020, 21:29:08) [MSC v.1916 64 bit (AMD64)]
# Embedded file name: <string>
# Compiled at: 2020-01-10 16:15:19
def main--- This code section failed: ---
L. 1 0 LOAD_GLOBAL 0 'chr'
3 LOAD_CONST 108
6 CALL_FUNCTION_1 1 None
9 LOAD_GLOBAL 0 'chr'
12 LOAD_CONST 108
15 CALL_FUNCTION_1 1 None
18 LOAD_GLOBAL 0 'chr'
21 LOAD_CONST 97
24 CALL_FUNCTION_1 1 None
27 LOAD_GLOBAL 0 'chr'
30 LOAD_CONST 67
33 CALL_FUNCTION_1 1 None
36 ROT_TWO
37 BINARY_ADD
38 ROT_TWO
39 BINARY_ADD
40 ROT_TWO
41 BINARY_ADD
42 LOAD_GLOBAL 0 'chr'
45 LOAD_CONST 32
48 CALL_FUNCTION_1 1 None
51 LOAD_GLOBAL 0 'chr'
54 LOAD_CONST 101
57 CALL_FUNCTION_1 1 None
60 LOAD_GLOBAL 0 'chr'
63 LOAD_CONST 109
66 CALL_FUNCTION_1 1 None
69 LOAD_GLOBAL 0 'chr'
72 LOAD_CONST 32
75 CALL_FUNCTION_1 1 None
78 ROT_TWO
79 BINARY_ADD
80 ROT_TWO
81 BINARY_ADD
82 ROT_TWO
83 BINARY_ADD
84 BINARY_ADD
85 LOAD_GLOBAL 0 'chr'
88 LOAD_CONST 121
91 CALL_FUNCTION_1 1 None
94 LOAD_GLOBAL 0 'chr'
97 LOAD_CONST 80
100 CALL_FUNCTION_1 1 None
103 LOAD_GLOBAL 0 'chr'
106 LOAD_CONST 32
109 CALL_FUNCTION_1 1 None
112 LOAD_GLOBAL 0 'chr'
115 LOAD_CONST 97
118 CALL_FUNCTION_1 1 None
121 ROT_TWO
122 BINARY_ADD
123 ROT_TWO
124 BINARY_ADD
125 ROT_TWO
126 BINARY_ADD
127 LOAD_GLOBAL 0 'chr'
130 LOAD_CONST 104
133 CALL_FUNCTION_1 1 None
136 LOAD_GLOBAL 0 'chr'
139 LOAD_CONST 116
142 CALL_FUNCTION_1 1 None
145 ROT_TWO
146 BINARY_ADD
147 LOAD_GLOBAL 0 'chr'
150 LOAD_CONST 32
153 CALL_FUNCTION_1 1 None
156 LOAD_GLOBAL 0 'chr'
159 LOAD_CONST 110
162 CALL_FUNCTION_1 1 None
165 LOAD_GLOBAL 0 'chr'
168 LOAD_CONST 111
171 CALL_FUNCTION_1 1 None
174 ROT_TWO
175 BINARY_ADD
176 ROT_TWO
177 BINARY_ADD
178 BINARY_ADD
179 BINARY_ADD
180 BINARY_ADD
181 LOAD_GLOBAL 0 'chr'
184 LOAD_CONST 116
187 CALL_FUNCTION_1 1 None
190 LOAD_GLOBAL 0 'chr'
193 LOAD_CONST 114
196 CALL_FUNCTION_1 1 None
199 LOAD_GLOBAL 0 'chr'
202 LOAD_CONST 105
205 CALL_FUNCTION_1 1 None
208 LOAD_GLOBAL 0 'chr'
211 LOAD_CONST 118
214 CALL_FUNCTION_1 1 None
217 ROT_TWO
218 BINARY_ADD
219 ROT_TWO
220 BINARY_ADD
221 ROT_TWO
222 BINARY_ADD
223 LOAD_GLOBAL 0 'chr'
226 LOAD_CONST 32
229 CALL_FUNCTION_1 1 None
232 LOAD_GLOBAL 0 'chr'
235 LOAD_CONST 108
238 CALL_FUNCTION_1 1 None
241 LOAD_GLOBAL 0 'chr'
244 LOAD_CONST 97
247 CALL_FUNCTION_1 1 None
250 LOAD_GLOBAL 0 'chr'
253 LOAD_CONST 117
256 CALL_FUNCTION_1 1 None
259 ROT_TWO
260 BINARY_ADD
261 ROT_TWO
262 BINARY_ADD
263 ROT_TWO
264 BINARY_ADD
265 BINARY_ADD
266 LOAD_GLOBAL 0 'chr'
269 LOAD_CONST 104
272 CALL_FUNCTION_1 1 None
275 LOAD_GLOBAL 0 'chr'
278 LOAD_CONST 99
281 CALL_FUNCTION_1 1 None
284 LOAD_GLOBAL 0 'chr'
287 LOAD_CONST 97
290 CALL_FUNCTION_1 1 None
293 LOAD_GLOBAL 0 'chr'
296 LOAD_CONST 109
299 CALL_FUNCTION_1 1 None
302 ROT_TWO
303 BINARY_ADD
304 ROT_TWO
305 BINARY_ADD
306 ROT_TWO
307 BINARY_ADD
308 LOAD_GLOBAL 0 'chr'
311 LOAD_CONST 110
314 CALL_FUNCTION_1 1 None
317 LOAD_GLOBAL 0 'chr'
320 LOAD_CONST 105
323 CALL_FUNCTION_1 1 None
326 ROT_TWO
327 BINARY_ADD
328 LOAD_GLOBAL 0 'chr'
331 LOAD_CONST 32
334 CALL_FUNCTION_1 1 None
337 LOAD_GLOBAL 0 'chr'
340 LOAD_CONST 33
343 CALL_FUNCTION_1 1 None
346 LOAD_GLOBAL 0 'chr'
349 LOAD_CONST 101
352 CALL_FUNCTION_1 1 None
355 ROT_TWO
356 BINARY_ADD
357 ROT_TWO
358 BINARY_ADD
359 BINARY_ADD
360 BINARY_ADD
361 BINARY_ADD
362 BINARY_ADD
363 LOAD_GLOBAL 0 'chr'
366 LOAD_CONST 97
369 CALL_FUNCTION_1 1 None
372 LOAD_GLOBAL 0 'chr'
375 LOAD_CONST 99
378 CALL_FUNCTION_1 1 None
381 LOAD_GLOBAL 0 'chr'
384 LOAD_CONST 32
387 CALL_FUNCTION_1 1 None
390 LOAD_GLOBAL 0 'chr'
393 LOAD_CONST 73
396 CALL_FUNCTION_1 1 None
399 ROT_TWO
400 BINARY_ADD
401 ROT_TWO
402 BINARY_ADD