lexzy's blog

Decompiling a compiled python (.pyc) file — crackme4!

Decompiling a compiled python (.pyc) file — crackme4!

Bolu emmanuel's photo
Bolu emmanuel
·

2 min read

Table of contents

Hi there 👋, welcome to my blog. Today we’ll be going through the ‘crackme4*', one of the advanced task given by ALX Africa(a leadership, employment, and entrepreneurship development organization*).

In this tutorial, you’ll be learning the basic tools to decompile a python ‘.pyc’files. What is a .pyc file? .pyc files are created by the Python interpreter when a .py file is imported. They contain the compiled bytecode of the imported module/program so that the “translation” from source code to bytecode (which only needs to be done once) can be skipped on subsequent imports if the .pyc is newer than the corresponding .py file.

In short, .pyc files are basically treated like a cache; they speed things up, so if they’re present, it can save some time by not having to re-compile the Python source code. Now knowing what a .pyc file is and what it contains lets jump right into decompiling it.

DIVE IN.. 🥽

First, lets know what we’re looking for; the crackme4 program prints “OK”when the password is correct.

So lets begin!

Before we get to approach the file lets get some things done first. Since we know the crackme4 is a compiled python byte-code file and we can confirm that by running the file command on it. Therefore, we’ll need to install uncompyle6; uncompyle6 translates Python bytecode back into equivalent Python source code.

Installing Uncompyle6

https://pypi.org/project/uncompyle6/

We’ll be installing with the following commands:

pip3 install uncompyle6

And you can install pip3 on linux if not installed with this commands:

sudo apt update
sudo apt install python3-pip

To check if you’ve installed it correctly you can test it out by simply typing uncompyle6 in your command prompt and you should get the following output:

Crackme4

You can get the file here. Once downloaded, move it to the current directory. Notice it doesn't have the extension .pyc? That's because it was removed, we’ll be adding the extension by renaming it(You can use the mv command).

We’ll be using the following command to decompile it:

uncompyle6 crackme4.pyc

This will decompile our crackme4.pyc file as a .py file in the same directory.

Now we need to create a .py file to be able to print the variable ok to get the password:

Hurray, we’ve done it 🎉. Thanks for reading and kindly let me know your go-to tool for decompiling .pyc file in the comments below.

CONTACT ME 📥

Twitter

GitHub

LinkedIn

Medium

software development#crackmeProgramming BlogsPython