[issue26694] Disasembler fall with Key Error while disassemble obfuscated code.

2018-08-27 Thread Serhiy Storchaka 


Serhiy Storchaka  added the comment:

The dis module is not supposed to support invalid bytecode. This is a new 
feature, and 2.7 can give only bug fixes.

--
nosy: +serhiy.storchaka
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue26694] Disasembler fall with Key Error while disassemble obfuscated code.

2016-04-05 Thread Steven D'Aprano 

Changes by Steven D'Aprano :


--
nosy: +steven.daprano

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue26694] Disasembler fall with Key Error while disassemble obfuscated code.

2016-04-05 Thread SilentGhost 

Changes by SilentGhost :


--
nosy: +ncoghlan, yselivanov

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue26694] Disasembler fall with Key Error while disassemble obfuscated code.

2016-04-05 Thread Szymon Kuliński 

New submission from Szymon Kuliński:

Many obfuscators use simple technice for block disasemblation. Add broken 
instructions (for example unknown op codes) and use flow control (SETUP_EXCEPT 
or JUMP_FORWARD) to skip broken instructions. Interpreter work in right way 
skipping broken instruction or catch error and go to except instructions but 
disasembler iterate over all instructions and every where assume that code is 
correct and doing something like :

elif op in hasname:
print '(' + co.co_names[oparg] + ')',


Which fails because variable oparg not in co_names table or refer to not 
existing name or const. Why dis lib not assume that code can be broken and try 
disassemble it as good as it can any way. 

   15 JUMP_IF_TRUE 3 (to 19)
   18   ()
   19 LOAD_NAME1 (b)

Or if we rely on the assumption that if code disasseblation done with no 
problem this mean that code is good. We can add flag where we can disassemble 
unsteady code or even add other method like dis_unsafe or something like that. 

Include: obfuscated and unobfuscated pyc files for testing. 

Change proposition:

Cherry-pick code dis module from 3.5 python with some changes required to 
normal working. Working example included.

--
components: Library (Lib)
files: example.zip
messages: 262895
nosy: Szymon.Kuliński
priority: normal
severity: normal
status: open
title: Disasembler fall with Key Error while disassemble obfuscated code.
type: behavior
versions: Python 2.7
Added file: http://bugs.python.org/file42371/example.zip

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com