其他错误,如:class 'AssertionError'>; co_code should be one of the types (<class 'str'>, <class 'bytes'>, <class 'list'>, <class 'tuple'>); is type <class 'NoneType'> 可能会出现。
# Error when attempting to decompile without the prepend optiontest@test: uncompyle6 unpacked/malware_3.exe/archive.pyTraceback (most recent call last):...ImportError: File name:'unpacked/malware_3.exe/__pycache__/archive.cpython-35.pyc' doesn't exist
# Successful decompilation after using the prepend optiontest@test:python python_exe_unpack.py -p unpacked/malware_3.exe/archive[*] On Python 2.7[+] Magic bytes are already appended.# Successfully decompiled file[+] Successfully decompiled.
>>> importdis>>> importmarshal>>> importstruct>>> importimp>>>>>> withopen('hello.pyc','r') asf:# Read the binary file...magic=f.read(4)...timestamp=f.read(4)...code=f.read()...>>>>>> # Unpack the structured content and un-marshal the code>>> magic=struct.unpack('<H',magic[:2])>>> timestamp=struct.unpack('<I',timestamp)>>> code=marshal.loads(code)>>> magic,timestamp,code((62211,), (1425911959,),<code object <module> at 0x7fd54f90d5b0, file "hello.py", line 1>)>>>>>> # Verify if the magic number corresponds with the current python version>>> struct.unpack('<H', imp.get_magic()[:2]) == magicTrue>>>>>> # Disassemble the code object>>> dis.disassemble(code)10LOAD_CONST0 (<code objecthello_worldat0x7f31b7240eb0,file"hello.py",line1>)3MAKE_FUNCTION06STORE_NAME0 (hello_world)9LOAD_CONST1 (None)12RETURN_VALUE>>>>>> # Also disassemble that const being loaded (our function)>>> dis.disassemble(code.co_consts[0])20LOAD_CONST1 ('Hello {0}')3LOAD_ATTR0 (format)6LOAD_FAST0 (name)9CALL_FUNCTION112PRINT_ITEM13PRINT_NEWLINE14LOAD_CONST0 (None)17RETURN_VALUE