2009-01-10

freeze.py disassemble

freeze.py is a tool used to make a standalone binary out of a python script.

freezedis.py is a tool I put together to parse the elf binary and pull the python code back out, recreating the .pyc file. For now, it does not support stripped binaries.
$ more hello.py
#!/usr/bin/env python
import sys

def main(argc, argv):
print "hello"

if __name__ == "__main__":
main(len(sys.argv), sys.argv)

$ /usr/share/doc/python2.5/examples/Tools/freeze/freeze.py hello.py
...
$ make
$ file hello
hello: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.8,
dynamically linked (uses shared libs), not stripped

$ freezedis.py
Usage: freezedis.py [options] filename
-o filename.pyc (defaults to a.pyc, appends .pyc if not included)
-d dump disassembly of newly created pyc

$ freezedis.py -d hello
2 0 LOAD_CONST 0 (-1)
3 LOAD_CONST 1 (None)
6 IMPORT_NAME 0 (sys)
9 STORE_NAME 0 (sys)

4 12 LOAD_CONST 2 ()
15 MAKE_FUNCTION 0
18 STORE_NAME 1 (main)

7 21 LOAD_NAME 2 (__name__)
24 LOAD_CONST 3 ('__main__')
27 COMPARE_OP 2 (==)
30 JUMP_IF_FALSE 29 (to 62)
33 POP_TOP

8 34 LOAD_NAME 1 (main)
37 LOAD_NAME 3 (len)
40 LOAD_NAME 0 (sys)
43 LOAD_ATTR 4 (argv)
46 CALL_FUNCTION 1
49 LOAD_NAME 0 (sys)
52 LOAD_ATTR 4 (argv)
55 CALL_FUNCTION 2
58 POP_TOP
59 JUMP_FORWARD 1 (to 63)
>> 62 POP_TOP
>> 63 LOAD_CONST 1 (None)
66 RETURN_VALUE
Disassembly of main:
5 0 LOAD_CONST 1 ('hello')
3 PRINT_ITEM
4 PRINT_NEWLINE
5 LOAD_CONST 0 (None)
8 RETURN_VALUE

No comments: