[Announce] pyobfuscate

Discussion in 'Python' started by Peter Astrand, Feb 17, 2004.

  1. I've written a Python source code obfuscator. The project home page is
    http://www.lysator.liu.se/~astrand/projects/pyobfuscate/. I'm including a
    copy of the README file below.



    pyobfuscate - Python source code obfuscator
    ===========================================

    pyobfuscate is a source code obfuscator: It makes Python source code
    hard to read for humans, while still being executable for the Python
    interpreter.


    Why obfuscate?
    --------------

    Obfuscation makes little sense for Open Source
    (http://www.opensource.org/) programs, but vendors developing
    commercial applications are usually not happy with shipping the
    original source code to customers.

    Several obfuscators for other languages, like Java, already
    exists. With Python, the problem is even more severe than with Java,
    because Python bytecode is not compatible between different Python
    versions. Also, bytecode is very easy to "decompile" to source code by
    using "decompyle": http://www.crazy-compilers.com/decompyle/.

    If shipping original source code is the only option for distributing
    Python applications, then many vendors might choose another
    programming language instead.


    What does pyobfuscate do?
    -------------------------

    pyobfuscate transforms the source code in several ways. Some of these
    transformations are reversible (can be "un-obfuscated"); some are
    not. Here's a list of what pyobfuscate currently does:

    * Removes comments and docstrings (not reversible)

    * Changes indentation (reversible)

    * Adds whitespace between tokens (somewhat reversible)

    * Renames functions, classes and variables (not reversible)

    * Inserts bogus lines instead of blank lines.


    Limitations
    -----------

    pyobfuscate operates on one single source file at a time. It does not
    obfuscate the interface between several files.

    pyobfuscate cannot obfuscate methods, class variables or other
    attributes, currently. See the TODO for more information.


    --
    Peter Åstrand www.thinlinc.com
    Cendio www.cendio.se
    Teknikringen 3 Phone: +46-13-21 46 00
    583 30 Linköping
    Peter Astrand, Feb 17, 2004
    #1
    1. Advertising

  2. Peter Astrand

    steve Guest

    Peter Astrand <> wrote in message news:<>...
    > I've written a Python source code obfuscator. The project home page is
    > http://www.lysator.liu.se/~astrand/projects/pyobfuscate/. I'm including a
    > copy of the README file below.

    <snip>

    I love pyobfuscate!!!! Well done.

    I have an idea to make it even more evil:
    Replace all constants with variables.
    This means that you need to define the
    variables with the constants above.
    This should be as complicated as possible
    and hidden within all of the 'if 1 - 1:' lines.

    eg
    def double_x(x):
    return x * 2

    becomes:

    # start with a few lines of confusing many digit
    # integers to set up some starting variables
    if 100111001 - 10011001: i1II11 = 36
    # true -> really set
    if 1011001 - 1011001: o00O0o = "bu"
    # false -> not set
    if 10111101 - 1011101: i1II11 = 108
    # false -> not reset - still 36
    if 100111001 - 10011001: i1II11 = 18
    # true -> really reset
    # => this prevents anyone from doing
    # a global replace of i1II11 with 36

    # after you have a few variables to play
    # with use them instead of integers
    if i1II11 - oOO0ooOO: oo00 = i1II11 / ooOO00

    # (assuming ooOOoOo == iiiIii11 and OOOooo00 == 2)
    # eventually you get to:
    def oooOOooOO (iiI11I1i):
    if ooOOoOo - iiiIii11: return iiI11I1i * oo00
    else: return iiIII11I1i * OOOooo00
    # okay maybe the bogus return is overdoing it ;)

    Of course this is all interspersed with the classes
    and functions above the one you are interested in.
    This also has a major benefit of preventing anyone
    from just deleting all of the 'if 27 - 27:' lines.

    To make it even more evil include a few lists,
    this enables you to change numbers using other
    references.
    eg (assuming ii == 1 and oo = 0)

    if ii - oo: II = [o0, i1]
    ....
    if oo - ii: OO = II
    ....
    if ii - oo: OO[oo] = iI
    ....
    if oo - ii: iii = II[oo] # now iii == iI

    Also I don't understand why you don't obfuscate
    the parameters of methods. Shouldn't they be
    the same as the parameters of global functions?
    (Sorry I am a bit of a newbie,
    so I may be missing something.)

    A potential way to obfuscate method names while
    keeping the original name would be to define the
    method with an obfuscated name and then to set
    the proper name to the obfuscated name.
    eg

    class a:
    def __init__():
    pass

    becomes

    class iIiIiI:
    def oOoOoO(ii111II):
    pass
    __init__ = oOoOoO

    And if you use some list references set up before the
    class definition like above then it would be murder
    to find which definition went with which name.

    class iIiIiI:
    def oOoOoO(ii111II):
    pass
    OO[ii] = oOoOoO
    __init__ = II[ii]

    Ah, this has got so much potential...

    Steve
    steve, Feb 19, 2004
    #2
    1. Advertising

  3. Have you thought about becoming a mad computer scientist? I think you'd
    do well.

    - Josiah
    Josiah Carlson, Feb 19, 2004
    #3
  4. Peter Astrand

    Miki Tebeka Guest

    Hello Josiah,

    > Have you thought about becoming a mad computer scientist? I think you'd
    > do well.

    You can view many more ideas like that in:
    http://mindprod.com/unmain.html

    Which is an amazing site to learn what *not* to do.

    Miki
    Miki Tebeka, Feb 19, 2004
    #4
  5. Peter Astrand

    phil hunt Guest

    On Tue, 17 Feb 2004 16:08:33 +0100 (CET), Peter Astrand <> wrote:
    >
    >pyobfuscate - Python source code obfuscator
    >===========================================
    >
    >pyobfuscate is a source code obfuscator: It makes Python source code
    >hard to read for humans, while still being executable for the Python
    >interpreter.


    Of course, this facility comes as standard with Perl.

    --
    "It's easier to find people online who openly support the KKK than
    people who openly support the RIAA" -- comment on Wikipedia
    (Email: zen19725 at zen dot co dot uk)
    phil hunt, Feb 22, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. jojoba

    how to use pyobfuscate

    jojoba, Feb 25, 2004, in forum: Python
    Replies:
    0
    Views:
    492
    jojoba
    Feb 25, 2004
  2. Andreas Otto
    Replies:
    0
    Views:
    260
    Andreas Otto
    Sep 25, 2009
  3. Andreas Otto
    Replies:
    0
    Views:
    312
    Andreas Otto
    Sep 25, 2009
  4. Andreas Otto
    Replies:
    0
    Views:
    317
    Andreas Otto
    Sep 25, 2009
  5. Andreas Otto
    Replies:
    34
    Views:
    982
    Dave Searles
    Oct 7, 2009
Loading...

Share This Page