Hide the python-script from user

hlubenow hlubenow2 at gmx.net
Sat Apr 7 10:53:14 EDT 2007 

hlubenow wrote:

> hlubenow wrote:
> 
>> ts-dev wrote:
>> 
>>> On Apr 6, 3:19 pm, hlubenow <hluben... at gmx.net> wrote:
>>>> recently there was a thread about hiding the python-script from the
>>>> user. The OP could use
>>> 
>>> Interesting - thanks
>> 
>> Well, testing it, it doesn't seem to work very well ...
>> 
>> It seems, Python-code is rather difficult to obfuscate, probably because
>> of its clear syntax and indentations. Here's yet another approach:
>> 
>>
>
http://pythonhacker.is-a-geek.net/my_programs/pyfuscate/pyfuscate-0.1.zip/view
>> 
>> H.
> 
> That didn't work very well either :(.
> 
> Ok, but now I can offer a real secure solution:
> 
> You can have real encryption in Python using this modules:
> 
> 
> http://www.amk.ca/files/python/crypto/pycrypto-2.0.1.tar.gz
> 
> and
> 
> http://sourceforge.net/projects/yawpycrypto
> 
> Below I post a code-example that I've written some time ago. With it,
> encrypting text is rather easy.
> 
> Then you have to program a start-script, that reads in your script and the
> decryption-key. The decryption-key must be encrypted too. Such a encrypted
> key can be generated by the modules if you don't pass a password to my
> function "doEncrypt(). The decryption-key must then be hidden somewhere
> within the encrypted program-script. That's because, if the user knows
> where to find the key, he can decrypt the program-script.
> 
> If your start-script is written, everything should work automatically, one
> shouldn't nearly notice the decryption-process.
> 
> Ok, here's my example code, how to encrypt and decrypt some text with the
> modules:
> 
>
----------------------------------------------------------------------------
> 
> #!/usr/bin/env python
> 
> import os
> import sys
> import base64
> 
> from yawPyCrypto.Cipher import DecryptCipher, EncryptCipher
> from yawPyCrypto.Cipher import ZipDecryptCipher, ZipEncryptCipher
> from yawPyCrypto.Constants import CIPHER_BLOWFISH, MODE_CBC
> 
> 
> def doEncrypt(text, passw = None):
> 
>     e = EncryptCipher(passw, CIPHER_BLOWFISH, MODE_CBC)
>     e.feed(text)
>     e.finish()
>     encryptedtext = e.data
> 
>     if passw != None:
>         passwr = passw
>     else:
>         passwr = e.password
> 
>     a = (encryptedtext, passwr)
>     return a
> 
> 
> def doDecrypt(encryptedtext, passw):
>     d = DecryptCipher(passw)
>     d.feed(encryptedtext)
>     d.finish()
>     decoded = (d.data)
>     return decoded
> 
> 
> # Calling the encryption routine.
> # If you just pass the text to encrypt, a password is generated:
> 
> a = doEncrypt("For your eyes only !", "Melina")
> 
> 
> # Just trying to clean the screen:
> 
> if sys.platform == "win32":
>     os.system("cls")
> else:
>     os.system("clear")
> 
> print
> print "Hello !"
> print
> print "I just encrypted some text. It looks like this now:"
> print
> 
> print base64.b64encode(a[0])
> 
> print
> print 'Please notice, that I just encoded the text once more using
"base64.b64encode()" to make it printable.'
> print
> print "The password for decryption is: "
> print
> print base64.b64encode(a[1])
> print
> print "Let's decrypt again (the original password must be passed without
b64encoding):"
> print
> print doDecrypt(a[0], a[1])
> print
> 
>
----------------------------------------------------------------------------
> 
> See you
> 
> H.

This still has a problem: The start-script has to know how to decrypt the
main-script and the start-script is visible, so the user can see how it
does it.
Perhaps one could obfuscate the start-script or write a C extension, that
does decrypting instead of the start-script.
This is getting rather complicated ...

H.

More information about the Python-list mailing list