Skip to content

Instantly share code, notes, and snippets.

View jindaxia's full-sized avatar
💊
a commit a day keeps your girlfriend away

虾哥哥 jindaxia

💊
a commit a day keeps your girlfriend away
22 followers · 10 following
View GitHub Profile
@jindaxia
jindaxia / dump-pyc-with-gdb.md
Created October 10, 2022 14:38 — forked from stecman/dump-pyc-with-gdb.md
Dumping all bytecode from a packaged Python application

This is a technique for extracting all imported modules from a packaged Python application as .pyc files, then decompiling them. The target program needs to be run from scratch, but no debugging symbols are necessary (assuming an unmodified build of Python is being used).

This was originally performed on 64-bit Linux with a Python 3.6 target. The Python scripts have since been updated to handle pyc files for Python 2.7 - 3.9.

Theory

In Python we can leverage the fact that any module import involving a .py* file will eventually arrive as ready-to-execute Python code object at this function:

PyObject* PyEval_EvalCode(PyObject *co, PyObject *globals, PyObject *locals);
@jindaxia
jindaxia / post-checkout
Last active September 2, 2021 03:30
Used git hooks
#!/bin/sh
#
# An example hook script to update current push setting for code reviewing.
current_branch=$(git name-rev --name-only HEAD)
config_push="HEAD:refs/for/"$current_branch
# Current remote branch
@jindaxia
jindaxia / chrome dll patch.ps1
Created July 24, 2017 06:41
patch chrome dll
<# :
@echo off
copy/b "%~f0" "%temp%\%~n0.ps1" >nul
powershell -v 2 -ep bypass -noprofile "%temp%\%~n0.ps1" "'%cd% '" "'%~1'"
del "%temp%\%~n0.ps1"
echo: & pause
exit /b
#>
param([string]$cwd='.', [string]$dll)