import imp
s = ''
if imp.get_magic() != 'm\xf2\r\n':
raise RuntimeError, s
try:
import zlib
except:
raise RuntimeError, ''
import marshal
import sys
import os
for p in filter(os.path.exists, map(lambda p: os.path.join(p, 'ind.pyz'), sys.path)):
f = open(p, 'rb')
exec marshal.loads(zlib.decompress(f.read(905)))
boot('ind', f, 64608)
break
import inca
I have this code in, ind.pyc file. Now I want to know that:
What does this codes? As can I see decompressing ind.pyz with zlib first 905 bytes? Then booting ind.pyz (first 64608 bytes?). I understood that, isn't it?
"ind.pyz" What is that supposed to be? An executable or a compiled pyc, so python file? I tried to decompile .pyz file but I can't.. And Is there a decompiler software for those files?
I'm really stuck, here is ind.pyz file (64kb) how is compressed this file? https://mega.co.nz/#!hIkH3RSI!f3UDHGI9omXXN7jXHJKYTCpMCU0y8N3npop6a3tfmcw
First of all, marshal
is internal serialization util, which output is version dependent, so your code checks whether it is compiled by correct python version:
if imp.get_magic() != 'm\xf2\r\n':
raise RuntimeError, s
Then it looks through sys.path
for a ind.pyz file, and when found, reads 905 bytes
f.read(905)
Those 905 bites are consideres to be a zlib-compressed string, so are decompressed
zlib.decompress(f.read(905))
and resulted string is unmarshalled to a python object:
marshal.loads(zlib.decompress(f.read(905)))
This object in turn is executed . I suppose un-marshalled object is a python code, but won't check it myself, I do not unmarshal code from untrusted sources ;)
On the next line,
boot('ind', f, 64608)
boot
is not a built python function, so it has to be defined by the exec statement.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.