Easy Python Decompiler (2024)
# Run original bytecode orig_output = subprocess.check_output(['python', original_pyc])
# Run recovered source recov_output = subprocess.check_output(['python', recovered_py]) Easy Python Decompiler
# Original: customer_price = calculate_discount(base_price) # Decompiled: var1 = func1(var2) : Use bytecode analysis with debug info if available. Best Practices 1. Preserve Original Files # Always backup before decompiling cp original.pyc original.pyc.backup uncompyle6 original.pyc > recovered.py 2. Verify Decompilation Quality # Test recovered code import subprocess def test_decompiled(original_pyc, recovered_py): """Compare outputs to verify correctness""" # Run original bytecode orig_output = subprocess
:
# Common patterns to fix: # 1. Restore meaningful variable names # 2. Add missing imports # 3. Fix indentation issues # 4. Reconstruct string literals # 5. Restore comments from context # Complete recovery process for lost source code 1. Locate all bytecode files find . -name "*.pyc" > pyc_files.txt 2. Decompile to temporary directory mkdir recovered_source uncompyle6 -o recovered_source $(cat pyc_files.txt) 3. Fix common decompilation artifacts sed -i 's/ doc /"""DOCSTRING"""/g' recovered_source/*.py 4. Validate syntax for file in recovered_source/*.py; do python -m py_compile "$file" done 5. Compare with runtime behavior python -c "import sys; sys.path.insert(0, 'recovered_source'); import your_module" Alternative Tools Comparison | Tool | Python Versions | Speed | Accuracy | Maintenance | |------|----------------|-------|----------|-------------| | uncompyle6 | 1.0-3.8 | Medium | High | Active | | decompyle3 | 3.7-3.9 | Medium | High | Active | | pycdc | 1.0-3.9 | Fast | Medium | Active | | pycdasm | 2.0-3.7 | Slow | Medium | Inactive | | unpyc3 | 3.2-3.6 | Slow | Low | Inactive | Security Considerations Detecting Malicious Code # Scan decompiled code for suspicious patterns suspicious_patterns = [ r'eval\s*\(', r'exec\s*\(', r'__import__\s*\(', r'base64\.b64decode', r'compile\s*\(', r'socket\.', r'subprocess\.' ] def scan_decompiled(filepath): with open(filepath, 'r') as f: content = f.read() Verify Decompilation Quality # Test recovered code import
Easy Python Decompiler (2024)