python-obfuscation-framework 1.4.1__py3-none-any.whl

pof/obfuscator/cipher/shift.py

@@ -0,0 +1,19 @@
+from tokenize import LPAR, NAME, NEWLINE, RPAR
+
+from pof.utils.cipher import ShiftCipher
+from pof.utils.tokens import untokenize
+
+
+class ShiftObfuscator(ShiftCipher):
+    """Shift cipher obfuscator."""
+
+    @classmethod
+    def obfuscate_tokens(cls, tokens):
+        code = untokenize(tokens)
+        return [
+            (NAME, "exec"),
+            (LPAR, "("),
+            *cls.decode_tokens(cls.encode_tokens(code)),
+            (RPAR, ")"),
+            (NEWLINE, "\n"),
+        ]

pof/obfuscator/cipher/xor.py

@@ -0,0 +1,121 @@
+"""This is not a secure encryption method!
+
+The main purpose of xor is to produce radically different outputs when obfuscating a
+file.
+"""
+
+import random
+from base64 import b64encode
+from tokenize import DEDENT, INDENT, NAME, NEWLINE, NL, NUMBER, OP, STRING
+
+from pof.utils.tokens import untokenize
+
+
+class XORObfuscator:
+    """XOR obfuscator."""
+
+    # TODO (deoktr): move code to utils/encryption/xor.py
+    @staticmethod
+    def get_exec_tokens(key, ciphertext):
+        return [
+            [NAME, "from"],
+            [NAME, "base64"],
+            [NAME, "import"],
+            [NAME, "b64decode"],
+            [NEWLINE, "\n"],
+            [NL, "\n"],
+            [NAME, "def"],
+            [NAME, "decrypt"],
+            [OP, "("],
+            [NAME, "cipher"],
+            [OP, ","],
+            [NAME, "key"],
+            [OP, ")"],
+            [OP, ":"],
+            [NEWLINE, "\n"],
+            [INDENT, "    "],
+            [NAME, "bcipher"],
+            [OP, "="],
+            [NAME, "bytearray"],
+            [OP, "("],
+            [NAME, "b64decode"],
+            [OP, "("],
+            [NAME, "cipher"],
+            [OP, ")"],
+            [OP, ")"],
+            [NEWLINE, "\n"],
+            [NAME, "text"],
+            [OP, "="],
+            [NAME, "bytearray"],
+            [OP, "("],
+            [OP, ")"],
+            [NEWLINE, "\n"],
+            [NAME, "ki"],
+            [OP, "="],
+            [NUMBER, "0"],
+            [NEWLINE, "\n"],
+            [NAME, "for"],
+            [NAME, "i"],
+            [NAME, "in"],
+            [NAME, "bcipher"],
+            [OP, ":"],
+            [NEWLINE, "\n"],
+            [INDENT, "        "],
+            [NAME, "text"],
+            [OP, "."],
+            [NAME, "append"],
+            [OP, "("],
+            [NAME, "i"],
+            [OP, "^"],
+            [NAME, "key"],
+            [OP, "["],
+            [NAME, "ki"],
+            [OP, "%"],
+            [NAME, "len"],
+            [OP, "("],
+            [NAME, "key"],
+            [OP, ")"],
+            [OP, "]"],
+            [OP, ")"],
+            [NEWLINE, "\n"],
+            [NAME, "ki"],
+            [OP, "+="],
+            [NUMBER, "1"],
+            [NEWLINE, "\n"],
+            [DEDENT, ""],
+            [NAME, "return"],
+            [NAME, "text"],
+            [NEWLINE, "\n"],
+            [DEDENT, ""],
+            [NAME, "exec"],
+            [OP, "("],
+            [NAME, "decrypt"],
+            [OP, "("],
+            [STRING, repr(ciphertext)],
+            [OP, ","],
+            [STRING, repr(key)],
+            [OP, ")"],
+            [OP, "."],
+            [NAME, "decode"],
+            [OP, "("],
+            [OP, ")"],
+            [OP, ")"],
+            [NEWLINE, "\n"],
+        ]
+
+    @staticmethod
+    def encrypt_code(text, key):
+        bcipher = bytearray()
+        for ki, i in enumerate(text):
+            bcipher.append(i ^ key[ki % len(key)])
+        return b64encode(bcipher)
+
+    def obfuscate_tokens(self, tokens, key: str | None = None):
+        code = untokenize(tokens).encode()
+        if key is None:
+            key = str(random.randint(0, 100000000)).encode()
+        ciphertext = self.encrypt_code(code, key)
+        return self.get_exec_tokens(
+            key=key,
+            ciphertext=ciphertext,
+        )

pof/obfuscator/compression/bz2.py

@@ -0,0 +1,22 @@
+from tokenize import LPAR, NAME, NEWLINE, RPAR
+
+from pof.utils.compression import Bz2Compression
+from pof.utils.tokens import untokenize
+
+
+class Bz2Obfuscator(Bz2Compression):
+    """BZ2 compression obfuscator."""
+
+    @classmethod
+    def obfuscate_tokens(cls, tokens):
+        """Generate payload to execute the bz2 encoded code."""
+        code = untokenize(tokens)
+        return [
+            *cls.import_tokens(),
+            (NEWLINE, "\n"),
+            (NAME, "exec"),
+            (LPAR, "("),
+            *cls.decode_tokens(cls.encode_tokens(code.encode())),
+            (RPAR, ")"),
+            (NEWLINE, "\n"),
+        ]

pof/obfuscator/compression/gzip.py

@@ -0,0 +1,22 @@
+from tokenize import LPAR, NAME, NEWLINE, RPAR
+
+from pof.utils.compression import GzipCompression
+from pof.utils.tokens import untokenize
+
+
+class GzipObfuscator(GzipCompression):
+    """GZIP compression obfuscator."""
+
+    @classmethod
+    def obfuscate_tokens(cls, tokens):
+        """Generate payload to execute the gzip encoded code."""
+        code = untokenize(tokens)
+        return [
+            *cls.import_tokens(),
+            (NEWLINE, "\n"),
+            (NAME, "exec"),
+            (LPAR, "("),
+            *cls.decode_tokens(cls.encode_tokens(code.encode())),
+            (RPAR, ")"),
+            (NEWLINE, "\n"),
+        ]

pof/obfuscator/compression/lzma.py

@@ -0,0 +1,22 @@
+from tokenize import LPAR, NAME, NEWLINE, RPAR
+
+from pof.utils.compression import LzmaCompression
+from pof.utils.tokens import untokenize
+
+
+class LzmaObfuscator(LzmaCompression):
+    """LZMA compression obfuscator."""
+
+    @classmethod
+    def obfuscate_tokens(cls, tokens):
+        """Generate payload to execute the lzma encoded code."""
+        code = untokenize(tokens)
+        return [
+            *cls.import_tokens(),
+            (NEWLINE, "\n"),
+            (NAME, "exec"),
+            (LPAR, "("),
+            *cls.decode_tokens(cls.encode_tokens(code.encode())),
+            (RPAR, ")"),
+            (NEWLINE, "\n"),
+        ]

pof/obfuscator/compression/zlib.py

@@ -0,0 +1,22 @@
+from tokenize import LPAR, NAME, NEWLINE, RPAR
+
+from pof.utils.compression import ZlibCompression
+from pof.utils.tokens import untokenize
+
+
+class ZlibObfuscator(ZlibCompression):
+    """ZLIB compression obfuscator."""
+
+    @classmethod
+    def obfuscate_tokens(cls, tokens):
+        """Generate payload to execute the zlib encoded code."""
+        code = untokenize(tokens)
+        return [
+            *cls.import_tokens(),
+            (NEWLINE, "\n"),
+            (NAME, "exec"),
+            (LPAR, "("),
+            *cls.decode_tokens(cls.encode_tokens(code.encode())),
+            (RPAR, ")"),
+            (NEWLINE, "\n"),
+        ]

pof/obfuscator/constants.py

@@ -0,0 +1,294 @@
+"""Extract constants and put them at the top of the script.
+
+Can extract:
+
+- string
+- number (int, float...)
+- builtins (str, exec, hex...)
+"""
+
+#
+# Add variables for certain values
+# ex:
+#   if type(x) is int: ...
+#
+#   u = type
+#   a = int
+#   if u(x) is a: ...
+#
+# TODO (deoktr): add variables under imports as an option
+# TODO (deoktr): add variables inside functions
+# TODO (deoktr): add exclusions for strings and numbers
+#
+
+import random
+from tokenize import DEDENT, ENCODING, INDENT, NAME, NEWLINE, NUMBER, OP, STRING
+
+
+class ConstantsObfuscator:
+    """Extract variables and put them at the top of the file.
+
+    This will thus set strings, numbers etc. has constants.
+    """
+
+    # list(__builtins__.__dict__.keys())
+    BUILTINS = (
+        # look like it works now ?
+        "__name__",  # doesn't work with 'if _name_ == "_main_": ...'
+        "__doc__",
+        "__package__",
+        "__loader__",
+        "__spec__",
+        "__build_class__",
+        "__import__",
+        "abs",
+        "all",
+        "any",
+        "ascii",
+        "bin",
+        "breakpoint",
+        "callable",
+        "chr",
+        "compile",
+        "delattr",
+        "dir",
+        "divmod",
+        "eval",
+        "exec",
+        # used not to work but now it does I guess
+        "format",  # try to change "{}".format('foo')
+        "getattr",
+        "globals",
+        "hasattr",
+        "hash",
+        "hex",
+        "id",
+        "input",
+        "isinstance",
+        "issubclass",
+        "iter",
+        "aiter",
+        "len",
+        "locals",
+        "max",
+        "min",
+        "next",
+        "anext",
+        "oct",
+        "ord",
+        "pow",
+        "print",
+        "repr",
+        "round",
+        "setattr",
+        "sorted",
+        "sum",
+        "vars",
+        "None",
+        "Ellipsis",
+        "NotImplemented",
+        "False",
+        "True",
+        "bool",
+        "memoryview",
+        "bytearray",
+        "bytes",
+        "classmethod",
+        "complex",
+        "dict",
+        "enumerate",
+        "filter",
+        "float",
+        "frozenset",
+        "property",
+        "int",
+        "list",
+        "map",
+        "object",
+        "range",
+        "reversed",
+        "set",
+        "slice",
+        "staticmethod",
+        "str",
+        # "super",  # plain doesn't work
+        "tuple",
+        "type",
+        "zip",
+        "__debug__",
+        "BaseException",
+        "Exception",
+        "TypeError",
+        "StopAsyncIteration",
+        "StopIteration",
+        "GeneratorExit",
+        "SystemExit",
+        "KeyboardInterrupt",
+        "ImportError",
+        "ModuleNotFoundError",
+        "OSError",
+        "EnvironmentError",
+        "IOError",
+        "EOFError",
+        "RuntimeError",
+        "RecursionError",
+        "NotImplementedError",
+        "NameError",
+        "UnboundLocalError",
+        "AttributeError",
+        "SyntaxError",
+        "IndentationError",
+        "TabError",
+        "LookupError",
+        "IndexError",
+        "KeyError",
+        "ValueError",
+        "UnicodeError",
+        "UnicodeEncodeError",
+        "UnicodeDecodeError",
+        "UnicodeTranslateError",
+        "AssertionError",
+        "ArithmeticError",
+        "FloatingPointError",
+        "OverflowError",
+        "ZeroDivisionError",
+        "SystemError",
+        "ReferenceError",
+        "MemoryError",
+        "BufferError",
+        "Warning",
+        "UserWarning",
+        "EncodingWarning",
+        "DeprecationWarning",
+        "PendingDeprecationWarning",
+        "SyntaxWarning",
+        "RuntimeWarning",
+        "FutureWarning",
+        "ImportWarning",
+        "UnicodeWarning",
+        "BytesWarning",
+        "ResourceWarning",
+        "ConnectionError",
+        "BlockingIOError",
+        "BrokenPipeError",
+        "ChildProcessError",
+        "ConnectionAbortedError",
+        "ConnectionRefusedError",
+        "ConnectionResetError",
+        "FileExistsError",
+        "FileNotFoundError",
+        "IsADirectoryError",
+        "NotADirectoryError",
+        "InterruptedError",
+        "PermissionError",
+        "ProcessLookupError",
+        "TimeoutError",
+        "open",
+        "quit",
+        "exit",
+        "copyright",
+        "credits",
+        "license",
+        "help",
+    )
+
+    def __init__(
+        self,
+        generator=None,
+        obf_builtins_rate=1,
+        obf_string_rate=1,
+        obf_number_rate=1,
+    ) -> None:
+        if generator is None:
+            from pof.utils.generator import BasicGenerator
+
+            generator = BasicGenerator.alphabet_generator()
+
+        self.generator = generator
+
+        self.obf_number_rate = obf_number_rate
+        self.obf_builtins_rate = obf_builtins_rate
+        self.obf_string_rate = obf_string_rate
+
+    def obfuscate_variable(self, toknum, tokval, variables):
+        if tokval not in variables:
+            var_name = next(self.generator)
+            variables.update({tokval: [var_name, toknum]})
+        return [(NAME, variables[tokval][0])], variables
+
+    def obfuscate_tokens(self, tokens):
+        variables = {}
+        result = []
+        parenthesis_depth = 0  # parenthesis depth
+        prev_tokval = None
+        prev_toknum = None
+        for index, (toknum, tokval, *_) in enumerate(tokens):
+            new_tokens = [(toknum, tokval)]
+            next_tokval = None
+            next_toknum = None
+            if len(tokens) > index + 1:
+                next_toknum, next_tokval, *__ = tokens[index + 1]
+
+            # context
+            if toknum == OP and tokval == "(":
+                parenthesis_depth += 1
+            elif toknum == OP and tokval == ")":
+                parenthesis_depth -= 1
+
+            # obfuscation
+            if (
+                (
+                    toknum == NAME
+                    and tokval in self.BUILTINS
+                    and prev_tokval != "."  # avoid changing class/imports functions
+                    and (
+                        parenthesis_depth == 0
+                        or (parenthesis_depth > 0 and next_tokval != "=")
+                    )
+                    and (random.randint(0, 100) / 100) <= self.obf_builtins_rate
+                )
+                or (
+                    # don't obfuscate docstrings
+                    toknum == STRING
+                    and prev_toknum
+                    not in [
+                        NEWLINE,
+                        DEDENT,
+                        INDENT,
+                        ENCODING,
+                    ]
+                    and (random.randint(0, 100) / 100) <= self.obf_string_rate
+                )
+                or (
+                    toknum == NUMBER
+                    and (random.randint(0, 100) / 100) <= self.obf_number_rate
+                )
+            ):
+                new_tokens, variables = self.obfuscate_variable(
+                    toknum,
+                    tokval,
+                    variables,
+                )
+
+            if new_tokens:
+                result.extend(new_tokens)
+            prev_tokval = tokval
+            prev_toknum = toknum
+
+        # randomize order
+        variables = list(variables.items())
+        random.shuffle(variables)
+        variables = dict(variables)
+
+        var_tokens = []
+        for tokval, (var_name, toknum) in variables.items():
+            var_tokens.extend(
+                [
+                    (NAME, var_name),
+                    (OP, "="),
+                    (toknum, tokval),
+                    (NEWLINE, "\n"),
+                ],
+            )
+
+        return var_tokens + result