extremecoders-re/pyinstxtractor extremecoders-re/pyinstxtractor

  • Stars
    star
    1,644
  • Rank 28,427 (Top 0.6 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 4 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
extremecoders-re/pyinstxtractor
github

extremecoders-re

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PyInstaller Extractor

PyInstaller Extractor

PyInstaller Extractor is a Python script to extract the contents of a PyInstaller generated executable file.

The header of the pyc files are automatically fixed so that a Python bytecode decompiler will recognize it. The script can run on both Python 2.x and 3.x. PyInstaller versions 2.0, 2.1, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.5.1, 4.6, 4.7, 4.8, 4.9, 4.10, 5.0, 5.0.1, 5.1, 5.2, 5.3, 5.4, 5.4.1, 5.5, 5.6, 5.6.1, 5.6.2, 5.7.0, 5.8.0, 5.9.0, 5.10.0, 5.10.1, 5.11.0, 5.12.0 are tested & supported. Probably will work with other versions too.

This project was originally hosted on SourceForge.

Usage

The script can be run by passing the name of the exe as an argument.

$ python pyinstxtractor.py <filename>
X:\>python pyinstxtractor.py <filename>

It is recommended to run the script in the same version of Python which was used to generate the executable. This is to prevent unmarshalling errors(if any) while extracting the PYZ archive.

Example

X:\> python pyinstxtractor.py test.exe
[+] Processing dist\test.exe
[+] Pyinstaller version: 2.1+
[+] Python version: 36
[+] Length of package: 5612452 bytes
[+] Found 59 files in CArchive
[+] Beginning extraction...please standby
[+] Possible entry point: pyiboot01_bootstrap.pyc
[+] Possible entry point: test.pyc
[+] Found 133 files in PYZ archive
[+] Successfully extracted pyinstaller archive: dist\test.exe

You can now use a python decompiler on the pyc files within the extracted directory

After extracting the pyc's you can use a Python decompiler like Uncompyle6 and Decompyle++.

X:\> uncompyle6.exe test.exe_extracted\test.pyc
X:\> uncompyle6.exe test.exe_extracted\PYZ-00.pyz_extracted\__future__.pyc

Extracting Linux ELF binaries

Pyinstxtractor can natively extract Linux ELF binaries without requiring other tools.

For other questions and information, please see the Wiki and the FAQ

See also

  • pyinstxtractor-ng: A standalone binary version of pyinstxtractor. This tool doesn't require Python to run and can extract all supported versions of PyInstaller. It also supports encrypted pyinstaller executables.
  • pyinstxtractor-web: pyinstxtractor running in the web browser, powered by Go & GopherJS.

License

GNU General Public License v3.0

More Repositories

1

go-dispatch-proxy

SOCKS5/Transparent load balancing proxy developed in Go, combines multiple internet connections
Go
189
star
2

re-list

A list of open source reverse engineering tools with a focus on binary analysis
104
star
3

bytecode_simplifier

A generic deobfuscator for PjOrion obfuscated python scripts
Python
76
star
4

PjOrion-Deobfuscator

A deobfuscator for PjOrion, python cfg generator and more
Python
61
star
5

Virtual-File-System-Editor

A tool to extract embedded files from application virtualizers
Pascal
39
star
6

tcpdump-android-builds

Precompiled tcpdump binaries for Android
Shell
35
star
7

ghidra-jni

jni.h compiled for Ghidra
C
28
star
8

php-eval-hook

A PHP extension for hooking eval()
C
27
star
9

bnpy

An architecture plugin for binary ninja to disassemble raw python bytecode
Python
24
star
10

decompyle-builds

Precompiled Decompyle++ (pycdc) binaries for Windows & Linux
23
star
11

VMDK-Template

010 Editor Template for parsing VMware Disk(vmdk) images
16
star
12

python-snippet-decompiler

Tool to assist during manual decompilation of Python bytecode
Go
8
star
13

uncompyle6-builds

Pre-compiled Uncompyle6 binaries for Windows
Starlark
7
star
14

firmware-analysis-toolkit

All changes has been merged upstream.
Python
7
star
15

JWUnpacker

Unpacks java-to-exe files converted by JWrapper
C++
6
star
16

ida-scripts

Python
5
star
17

bytecode_tracer

Tracing execution of python bytecode
Python
5
star
18

weasel-keygen

Python
5
star
19

tuts4you_users_desktop_crackme_writeup

5
star
20

python2-tracer

Python 2.7.13 with bytecode tracing support
Python
4
star
21

ropgen

A python module to facilitate in the generation of rop string for ARM and MIPS .
Python
4
star
22

AddSection

A simple tool to add a new section to PE files.
Pascal
4
star
23

xor-files

A simple tool to xor any number of files together.
Pascal
3
star
24

HR-30-days-of-code

My Solutions to HackerRank 30 days of Code
Java
3
star
25

pystack

Python extension module to access the frame stack.
C++
3
star
26

punch-reader

A punched card reader in javascript.
JavaScript
2
star
27

hackerrank

My solutions to HackerRank.com programming challenges
Python
2
star
28

pjunwrapper

Tool to remove the wrapper layers in a PjOrion protected python script
Python
2
star
29

pyinstxtractor-test-binaries

Test binaries for PyInstaller Extractor
Python
2
star
30

molebox-oep-finder

Ollyscript for finding oep of molebox'd executables
2
star
31

quick-msg-crypt

https://extremecoders-re.github.io/quick-msg-crypt/
HTML
2
star
32

tplink-firmware-template

010 Editor Template for parsing TPLINK Firmware
1
star
33

tamu-ctf-writeup

1
star
34

isitwatchable

HTML
1
star