Friday, October 11, 2024

.exe executable reverse-engineering (Python)

 

Problem:

How can I extract files from an executable created by PyInstaller?

Solution:

  1. Clone the pyinstxtractor-ng repository:

    git clone https://github.com/pyinstxtractor/pyinstxtractor-ng.git
    
  2. Extract the executable:

    cd pyinstxtractor-ng
    python pyinstxtractor-ng.py "<path_to_/dist/app>"
    
  3. Install dependencies:

    sudo yum install cmake make clang
    
  4. Clone the pycdc repository:

    git clone https://github.com/zrax/pycdc.git
    
  5. Build and compile:

    cd pycdc
    cmake CMakeLists.txt
    make
    
  6. Decompile the bytecode:

    ./pycdc "<path_to_/app_extracted/app.pyc>"
    

By following these steps, you can extract and decompile files from a PyInstaller-generated executable.

The usage of pycdc will fail if you used a newer version of Python to compile.
If they were compiled by a newer Python version (i.e.3.9-3.12)
-- use PyLingual.io service!  <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

pylingual.io