python-obfuscation-framework 1.4.1__py3-none-any.whl

pof/utils/encoding/b3.py

@@ -0,0 +1,93 @@
+from tokenize import DEDENT, INDENT, LPAR, NAME, NEWLINE, NUMBER, OP, RPAR, STRING
+
+
+# TODO (deoktr): add 2 way of doing the encoding, one (the current) where you need the
+# function at the top of the file, and another where it's inline, so there would
+# be no need for a function definition
+class Base3Encoding:
+    """Base 3 is a troll integer encoding.
+
+    The only goal of this encoding is have numbers has strings and composed only
+    of `0oO` only 'round' symbols.
+    """
+
+    @staticmethod
+    def encode(number: int):
+        """Converts an integer to a base3 string."""
+        if not isinstance(number, int):
+            msg = "number must be an integer"
+            raise TypeError(msg)
+
+        alphabet = "0oO"
+
+        base3 = ""
+        sign = ""
+
+        if number < 0:
+            sign = "-"
+            number = -number
+
+        if 0 <= number < len(alphabet):
+            return sign + alphabet[number]
+
+        while number != 0:
+            number, i = divmod(number, len(alphabet))
+            base3 = alphabet[i] + base3
+
+        return sign + base3
+
+    @classmethod
+    def encode_tokens(cls, number: int):
+        return [(STRING, repr(cls.encode(number)))]
+
+    @staticmethod
+    def definition_tokens():
+        """Base 3 decode function definition tokens.
+
+        ```
+        def b3decode(number):
+            return int(number.replace("o", "1").replace("O", "2"), 3)
+        ```.
+        """
+        return [
+            (NAME, "def"),
+            (NAME, "b3decode"),
+            (OP, "("),
+            (NAME, "number"),
+            (OP, ")"),
+            (OP, ":"),
+            (NEWLINE, "\n"),
+            (INDENT, "    "),
+            (NAME, "return"),
+            (NAME, "int"),
+            (OP, "("),
+            (NAME, "number"),
+            (OP, "."),
+            (NAME, "replace"),
+            (OP, "("),
+            (STRING, repr("o")),
+            (OP, ","),
+            (STRING, repr("1")),
+            (OP, ")"),
+            (OP, "."),
+            (NAME, "replace"),
+            (OP, "("),
+            (STRING, repr("O")),
+            (OP, ","),
+            (STRING, repr("2")),
+            (OP, ")"),
+            (OP, ","),
+            (NUMBER, "3"),
+            (OP, ")"),
+            (NEWLINE, "\n"),
+            (DEDENT, ""),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "b3decode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/encoding/b32.py

@@ -0,0 +1,30 @@
+from base64 import b32encode
+from tokenize import LPAR, NAME, RPAR, STRING
+
+
+class Base32Encoding:
+    @staticmethod
+    def encode(string):
+        return b32encode(string).decode()
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return [
+            (NAME, "from"),
+            (NAME, "base64"),
+            (NAME, "import"),
+            (NAME, "b32decode"),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "b32decode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/encoding/b32hex.py

@@ -0,0 +1,30 @@
+from base64 import b32hexencode
+from tokenize import LPAR, NAME, RPAR, STRING
+
+
+class Base32HexEncoding:
+    @staticmethod
+    def encode(string):
+        return b32hexencode(string).decode()
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return [
+            (NAME, "from"),
+            (NAME, "base64"),
+            (NAME, "import"),
+            (NAME, "b32hexdecode"),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "b32hexdecode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/encoding/b64.py

@@ -0,0 +1,30 @@
+from base64 import b64encode
+from tokenize import LPAR, NAME, RPAR, STRING
+
+
+class Base64Encoding:
+    @staticmethod
+    def encode(string):
+        return b64encode(string).decode()
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return [
+            (NAME, "from"),
+            (NAME, "base64"),
+            (NAME, "import"),
+            (NAME, "b64decode"),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "b64decode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/encoding/b85.py

@@ -0,0 +1,35 @@
+from base64 import b85encode
+from tokenize import LPAR, NAME, RPAR, STRING
+
+
+class Base85Encoding:
+    """Base85 encoding.
+
+    New in Python version 3.4
+    """
+
+    @staticmethod
+    def encode(string):
+        return b85encode(string).decode()
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return [
+            (NAME, "from"),
+            (NAME, "base64"),
+            (NAME, "import"),
+            (NAME, "b85decode"),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "b85decode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/encoding/binascii.py

@@ -0,0 +1,38 @@
+import binascii
+import marshal
+from tokenize import COMMA, LPAR, NAME, OP, RPAR, STRING
+
+
+class BinasciiEncoding:
+    @staticmethod
+    def encode(string):
+        return binascii.b2a_base64(marshal.dumps(string))
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return [
+            (NAME, "import"),
+            (NAME, "binascii"),
+            (COMMA, ","),
+            (NAME, "marshal"),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "marshal"),
+            (OP, "."),
+            (NAME, "loads"),
+            (LPAR, "("),
+            (NAME, "binascii"),
+            (OP, "."),
+            (NAME, "a2b_base64"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+            (RPAR, ")"),
+        ]

pof/utils/encoding/snt.py

@@ -0,0 +1,97 @@
+from tokenize import DEDENT, INDENT, LPAR, NAME, NEWLINE, NUMBER, OP, RPAR, STRING
+
+
+class SpacenTabEncoding:
+    r"""Space and tab encoding.
+
+    Encode 0 as a space ( ), 1 as a tab (\t).
+    """
+
+    @staticmethod
+    def encode(string):
+        string_bin = bin(int.from_bytes(string, "big")).replace("0b", "")
+        out = ""
+        for bit in string_bin:
+            if bit == "0":
+                out += " "
+            elif bit == "1":
+                out += "\t"
+        return out
+
+    @classmethod
+    def encode_tokens(cls, string):
+        return [(STRING, repr(cls.encode(string)))]
+
+    @staticmethod
+    def import_tokens():
+        return []
+
+    @classmethod
+    def definition_tokens(cls):
+        return [
+            (NAME, "def"),
+            (NAME, "sntdecode"),
+            (OP, "("),
+            (NAME, "encoded"),
+            (OP, ")"),
+            (OP, ":"),
+            (NEWLINE, "\n"),
+            (INDENT, "    "),
+            (NAME, "msg_bin"),
+            (OP, "="),
+            (NAME, "encoded"),
+            (OP, "."),
+            (NAME, "replace"),
+            (OP, "("),
+            (STRING, '" "'),
+            (OP, ","),
+            (STRING, '"0"'),
+            (OP, ")"),
+            (OP, "."),
+            (NAME, "replace"),
+            (OP, "("),
+            (STRING, '"\\t"'),
+            (OP, ","),
+            (STRING, '"1"'),
+            (OP, ")"),
+            (NEWLINE, "\n"),
+            (NAME, "n"),
+            (OP, "="),
+            (NAME, "int"),
+            (OP, "("),
+            (NAME, "msg_bin"),
+            (OP, ","),
+            (NUMBER, "2"),
+            (OP, ")"),
+            (NEWLINE, "\n"),
+            (NAME, "return"),
+            (NAME, "n"),
+            (OP, "."),
+            (NAME, "to_bytes"),
+            (OP, "("),
+            (OP, "("),
+            (NAME, "n"),
+            (OP, "."),
+            (NAME, "bit_length"),
+            (OP, "("),
+            (OP, ")"),
+            (OP, "+"),
+            (NUMBER, "7"),
+            (OP, ")"),
+            (OP, "//"),
+            (NUMBER, "8"),
+            (OP, ","),
+            (STRING, '"big"'),
+            (OP, ")"),
+            (NEWLINE, "\n"),
+            (DEDENT, ""),
+        ]
+
+    @staticmethod
+    def decode_tokens(encoded_tokens):
+        return [
+            (NAME, "sntdecode"),
+            (LPAR, "("),
+            *encoded_tokens,
+            (RPAR, ")"),
+        ]

pof/utils/entropy.py

@@ -0,0 +1,24 @@
+"""Shannon entropy.
+
+- https://practicalsecurityanalytics.com/file-entropy/
+- https://docs.scipy.org/doc/scipy/reference/generated/scipy.stats.entropy.html
+
+from tests:
+a basic entropy of a Python source code is around 4.3
+when compressing the entropy is between 4.25 and 4.4
+when using unicode variables the entropy is around 6.2
+"""
+
+import collections
+import math
+
+
+def entropy(data):
+    count = collections.Counter(map(ord, data))
+
+    pk = [x / sum(count.values()) for x in count.values()]
+
+    base = 2
+
+    # Shannon entropy
+    return -sum([p * math.log(p) / math.log(base) for p in pk])

pof/utils/extract_names.py

@@ -0,0 +1,204 @@
+"""Extract names.
+
+Extract names present in Python source files.
+"""
+
+import io
+import keyword
+from tokenize import NAME, generate_tokens
+
+BUILTINS = (
+    "__name__",
+    "__doc__",
+    "__package__",
+    "__loader__",
+    "__spec__",
+    "__build_class__",
+    "__import__",
+    "abs",
+    "all",
+    "any",
+    "ascii",
+    "bin",
+    "breakpoint",
+    "callable",
+    "chr",
+    "compile",
+    "delattr",
+    "dir",
+    "divmod",
+    "eval",
+    "exec",
+    "format",
+    "getattr",
+    "globals",
+    "hasattr",
+    "hash",
+    "hex",
+    "id",
+    "input",
+    "isinstance",
+    "issubclass",
+    "iter",
+    "aiter",
+    "len",
+    "locals",
+    "max",
+    "min",
+    "next",
+    "anext",
+    "oct",
+    "ord",
+    "pow",
+    "print",
+    "repr",
+    "round",
+    "setattr",
+    "sorted",
+    "sum",
+    "vars",
+    "None",
+    "Ellipsis",
+    "NotImplemented",
+    "False",
+    "True",
+    "bool",
+    "memoryview",
+    "bytearray",
+    "bytes",
+    "classmethod",
+    "complex",
+    "dict",
+    "enumerate",
+    "filter",
+    "float",
+    "frozenset",
+    "property",
+    "int",
+    "list",
+    "map",
+    "object",
+    "range",
+    "reversed",
+    "set",
+    "slice",
+    "staticmethod",
+    "str",
+    "super",
+    "tuple",
+    "type",
+    "zip",
+    "__debug__",
+    "BaseException",
+    "Exception",
+    "TypeError",
+    "StopAsyncIteration",
+    "StopIteration",
+    "GeneratorExit",
+    "SystemExit",
+    "KeyboardInterrupt",
+    "ImportError",
+    "ModuleNotFoundError",
+    "OSError",
+    "EnvironmentError",
+    "IOError",
+    "EOFError",
+    "RuntimeError",
+    "RecursionError",
+    "NotImplementedError",
+    "NameError",
+    "UnboundLocalError",
+    "AttributeError",
+    "SyntaxError",
+    "IndentationError",
+    "TabError",
+    "LookupError",
+    "IndexError",
+    "KeyError",
+    "ValueError",
+    "UnicodeError",
+    "UnicodeEncodeError",
+    "UnicodeDecodeError",
+    "UnicodeTranslateError",
+    "AssertionError",
+    "ArithmeticError",
+    "FloatingPointError",
+    "OverflowError",
+    "ZeroDivisionError",
+    "SystemError",
+    "ReferenceError",
+    "MemoryError",
+    "BufferError",
+    "Warning",
+    "UserWarning",
+    "EncodingWarning",
+    "DeprecationWarning",
+    "PendingDeprecationWarning",
+    "SyntaxWarning",
+    "RuntimeWarning",
+    "FutureWarning",
+    "ImportWarning",
+    "UnicodeWarning",
+    "BytesWarning",
+    "ResourceWarning",
+    "ConnectionError",
+    "BlockingIOError",
+    "BrokenPipeError",
+    "ChildProcessError",
+    "ConnectionAbortedError",
+    "ConnectionRefusedError",
+    "ConnectionResetError",
+    "FileExistsError",
+    "FileNotFoundError",
+    "IsADirectoryError",
+    "NotADirectoryError",
+    "InterruptedError",
+    "PermissionError",
+    "ProcessLookupError",
+    "TimeoutError",
+    "open",
+    "quit",
+    "exit",
+    "copyright",
+    "credits",
+    "license",
+    "help",
+)
+
+RESERVED_WORDS = (
+    "__init__",
+    "__eq__",
+    "__lt__",
+    "append",  # on list
+    "update",  # on dict
+    "copy",  # copy dict or list
+    "join",  # on string "".join()
+    "self",
+    "args",
+    "kwargs",
+)
+
+RESERVED = RESERVED_WORDS + BUILTINS + tuple(keyword.kwlist)
+
+
+class NameExtract:
+    @staticmethod
+    def get_names(tokens):
+        names = []
+        for toknum, tokval, *_ in tokens:
+            if (
+                toknum == NAME
+                and tokval not in RESERVED
+                and tokval not in names
+                and len(tokval) > 1
+            ):
+                names.append(tokval)
+        return names
+
+    @classmethod
+    def get_from_file(cls, file):
+        with file.open() as f:
+            code = f.read()
+        io_obj = io.StringIO(code)
+        tokens = list(generate_tokens(io_obj.readline))
+        return cls.get_names(tokens)

pof/utils/generator/__init__.py

@@ -0,0 +1,17 @@
+"""Random names generators.
+
+https://docs.python.org/3/reference/lexical_analysis.html#identifiers.
+
+this is invisible unicode ? in VIM the second unicdoe doesn't appear !
+
+봀
+ݻ
+ࡡ
+"""
+
+from .advanced import AdvancedGenerator
+from .base import BaseGenerator
+from .basic import BasicGenerator
+from .unicode import UnicodeGenerator
+
+__all__ = ["AdvancedGenerator", "BaseGenerator", "BasicGenerator", "UnicodeGenerator"]

pof/utils/generator/advanced.py

@@ -0,0 +1,53 @@
+"""Advanced random names generators."""
+
+import random
+from pathlib import Path
+
+from .base import BaseGenerator
+from .basic import BasicGenerator
+
+
+class AdvancedGenerator(BaseGenerator):
+    @classmethod
+    def realistic_generator(cls):
+        file = Path(__file__).parent / "names.txt"
+        with file.open() as file:
+            name_list = [line.rstrip() for line in file]
+        previous = []
+        while True:
+            name = random.choice(name_list)
+            if name in previous or name in cls.RESERVED:
+                continue
+            previous.append(name)
+            yield name
+
+    @classmethod
+    def fixed_length_generator(cls, chars="O0", first_chars="O", length=17):
+        # inspired by: https://pyob.oxyry.com/
+        gen = BasicGenerator.alphabet_generator(
+            chars=chars,
+            first_chars=first_chars,
+            min_length=length,
+            max_length=length,
+        )
+        while True:
+            yield next(gen)
+
+    @classmethod
+    def multi_generator(cls, gen_dict):
+        """Combine multiple generator.
+
+        Take a dict of generator, with the key being the probability of it being
+        used, must be an int.
+        """
+        list_generators = []
+        for key, value in gen_dict.items():
+            list_generators.extend(key * [value])
+        previous = []
+        while True:
+            generator = random.choice(list_generators)
+            name = next(generator)
+            if name in previous or name in cls.RESERVED:
+                continue
+            previous.append(name)
+            yield name