Need advice for obfuscating Python code

brueckd at tbye.com brueckd at tbye.com
Tue Feb 26 18:28:19 EST 2002 

On Tue, 26 Feb 2002, Sandeep Gupta wrote:

> I've written a product in Python and I wanted to find out how best to
> obfuscate the code.  I want the distributed files to be moderately hard to
> reverse engineer.
>
> One option is to compile the code and distribute the .pyo files.  Are there
> any better alternatives?

Decompyle can take bytecode and produce Python source that is really close
to the original, so a good software license might give you better results.
That being said, you can store the bytecode encrypted/compressed in a
bundle like this (untested):

import os, rotor, marshal
key = "ILovePurplePantsDon'tYou?"
archiveName = 'msc21.dll' # Use a name nobody will suspect
dict = {}
for file in filesToArchive: # list of .py/.pyc filenames
  data = open(file, 'rb').read()
  base, ext = os.path.splitext(file)
  if ext == '.py':
    dict[base] = (1, data)
  else:
    dict[base] = (0, data[8:]) # beware the voodoo! (8=size of .pyc hdr)

rot = rotor.newrotor(key)
open(archiveName, 'wb').write(rot.encrypt(marshal.dumps(dict)))

With your archive in place, you can have Python use it for imports:

import imputil, marshal, rotor,sys
imputil.ImportManager().install()
sys.path.insert(0, imputil.BuiltinImporter())

class ArcImp(imputil.Importer):
  def __init__(self, key, arcFile):
    rot = rotor.newrotor(key)
    data = rotor.decrypt(open(arcFile, 'rb').read())
    self.arcDict = marshal.load(data)

  def get_code(self, parent, name, fqname):
    try:
      isSrc, data = self.arcDict[fqname]
      if isSrc:
        return 0, compile(data, fqname, 'exec'), {}
      else:
        return 0, marshal.loads(data), {}
    except KeyError:
      pass # Let default importing happen

sys.path.insert(0, ArcImp(key, arcFile))

That should work. Of course, since the code that decrypts and loads your
code will be visible, you probably want to use a long key (or another form
of encryption) and install the customer importer from a C program that
runs an embedded interpreter (installs the importer and then runs the rest
of your program).

-Dave

More information about the Python-list mailing list