Skip to main content

pydumpck is a multi-threads tool for decompile exe,elf,pyz,pyc packed by python which is base on pycdc and uncompyle6.sometimes its py-file result not exactly right ,maybe could use uncompyle6.

Project description

pypi version pypi version pypi download GitHub release GitHub All Releases GitHub last commit GitHub Workflow Status

WindowsLinuxUbuntuKaliFreeBSDDeepinDebianCent OS

What?

pydumpck is a multi-threads tool for decompile exe,elf,pyz,pyc packed by python which is base on pycdc and uncompyle6.sometimes its py-file result not exactly right ,maybe could use uncompyle6.

Install

pip install pydumpck

Usage

usage: pydumpck [-h] [-o OUTPUT_DIRECTORY] [-w THREAD] [-t TIMEOUT] [--session-timeout TIMEOUT_SESSION]
                [-y TARGET_FILE_TYPE] [-d [DECOMPILE_FILE ...]] [--header [STRUCT_HEADERS ...]] [-v [SHOW_VERSION]]
                [-p [PLUGIN ...]]
                [target_file]

pydumpck is a multi-threads tool for decompile exe,elf,pyz,pyc packed by python which is base on pycdc and
uncompyle6.sometimes its py-file result not exactly right ,maybe could use uncompyle6.

positional arguments:
  target_file           file to extract or decompiler,combine with -y for type select.

options:
  -h, --help            show this help message and exit
  -o OUTPUT_DIRECTORY, --ouput OUTPUT_DIRECTORY
                        output archive file to (default: output_2938294).
  -w THREAD, --thread THREAD
                        thread count for running (default: 0) cpu-count * 8.
  -t TIMEOUT, --timeout TIMEOUT
                        timeout running single decompiler (default: 10).
  --session-timeout TIMEOUT_SESSION
                        timeout running total task (default: 10).
  -y TARGET_FILE_TYPE, --type TARGET_FILE_TYPE
                        file-type of input file,can use pe,exe,elf,pyc,pyz (default: None : auto guess).
  -d [DECOMPILE_FILE ...], --decompile_file [DECOMPILE_FILE ...]
                        only decompile referred file for quick complete (default: None).
  --header [STRUCT_HEADERS ...]
                        specify pyc header hex-string (default: None).if not set , pydumpck will use struct.pyc's
                        header(if possible) and default header.eg:6f0d0d0a 00000000 00000000 ffffffff
  -v [SHOW_VERSION], --version [SHOW_VERSION]
                        show version of package
  -p [PLUGIN ...], --plugin [PLUGIN ...]
                        enable decompiler plugins,split by space .example: `--plugin pycdc uncompyle6` (default:
                        ['pycdc']).available:pycdc,uncompyle6

Quick Start

pydumpck xxx.exe
pydumpck xxx.elf
pydumpck xxx.pyc
pydumpck xxx.pyz
pydumpck xxx.exe --output ./output --thread 8 --timeout 10

Example

  • -p/--plugin specified which plugin to use for decompile (pycdc|uncompyle6)

pydumpck xxx.exe -p uncompyle6

pydumpck xxx.exe -p pycdc uncompyle6

  • -d/--decompile_file specified which file(s) to decompile for a faster run

pydumpck xxx.exe -d main for only target main.py

pydumpck xxx.exe -d main lib_base64 secert for targets main.py and lib_base64.py and secert.py

Demo

  • pyc with header been tampered with
    • (Warning:gif with size 5MB)pyc-fix_header-demo

Notice

pycdc speed is more than 10 times faster than uncompyle6 , and uncompyle6 is not support for python that version above 3.8.

however pycdc sometimes return a not precisely right result.

in pydumpck , you can use --plugin uncompyle6 for single-use or --plugin pycdc uncompyle6 for both-use.

Status

Alt

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pydumpck-1.15.8.tar.gz (1.4 MB view hashes)

Uploaded source

Built Distribution

pydumpck-1.15.8-py3-none-any.whl (1.4 MB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page