Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

DRG 10/2013 Challenge: reconstruct original .py from .pyc

All the collected blog posts from the members of our community, and some others
(i.e. both from <a href="http://www.woodmann.com/forum/blog.php">local</a> and external blogs, please let us know about any good external ones to import!). Feel free to discuss/comment any blog post in here.
Locked
My Infected Computer
Posts: 25
Joined: Sun Jun 16, 2013 5:42 pm
Contact:

DRG 10/2013 Challenge: reconstruct original .py from .pyc

Post by My Infected Computer »

Here is my solution for the Dragon Research Group monthly challenge. I like this kind of challenges, especially because there’s a long deadline that gives you the possibility to work on it with no hurry in your spare time. Everything starts from two files: a memory dump and a file taken from the disk. The […]Image

http://zairon.wordpress.com/2013/11/01/ ... -from-pyc/
owl
Senior Member
Posts: 135
Joined: Tue Nov 14, 2006 12:01 pm

Post by owl »

Nice!. I heard that there are some malwares written in py and converted to exe by using py2exe. I wander if I could work them similar to this.
User avatar
ZaiRoN
Posts: 922
Joined: Fri Oct 12, 2001 7:00 am
Location: Italy
Contact:

Post by ZaiRoN »

There are few extracting tools avalaible out there but I haven't tried any of them. If you are able to get a sample I would be interested in it :)
A mind is like a parachute. It doesnt work if it's not open.
dion
Member
Posts: 61
Joined: Tue Jul 31, 2007 8:38 am

Post by dion »

reading this make me remember my old project on dropbox, being stucked at a point decompiling some pyc file... just to see some decrypted session log :D
Locked