一、用Pyinstaller打包python代码 1. 安装Pyinstaller 安装过程非常简单,在命令行中运行: pip install pyinstaller
# main.py#import mylibimport osif __name__ == '__main__': mylib.myfunc() os.system('pause') 这时只需要在命令行中运行:
即可。会看到一下输出: PS D:\文档\tmp\test> pyinstaller.exe -F main.py580 INFO: PyInstaller: 3.6582 INFO: Python: 3.7.3585 INFO: Platform: Windows-10-10.0.18362-SP0592 INFO: wrote D:\文档\tmp\test\main.spec596 INFO: UPX is not available.611 INFO: Extending PYTHONPATH with paths['D:\\文档\\tmp\\test', 'D:\\文档\\tmp\\test']612 INFO: checking Analysis614 INFO: Building Analysis because Analysis-00.toc is non existent614 INFO: Initializing module dependency graph...620 INFO: Caching module graph hooks...657 INFO: Analyzing base_library.zip ...13893 INFO: Caching module dependency graph...14161 INFO: running Analysis Analysis-00.toc14233 INFO: Adding Microsoft.Windows.Common-Controls to dependent assemblies of final executable required by d:\programfiles\python\python.exe15748 INFO: Analyzing D:\文档\tmp\test\main.py15751 INFO: Processing module hooks...15752 INFO: Loading module hook 'hook-encodings.py'...16003 INFO: Loading module hook 'hook-pydoc.py'...16011 INFO: Loading module hook 'hook-xml.py'...16916 INFO: Looking for ctypes DLLs16917 INFO: Analyzing run-time hooks ...16925 INFO: Looking for dynamic libraries17373 INFO: Looking for eggs17374 INFO: Using Python library d:\programfiles\python\python37.dll17374 INFO: Found binding redirects:[]17377 INFO: Warnings written to D:\文档\tmp\test\build\main\warn-main.txt17447 INFO: Graph cross-reference written to D:\文档\tmp\test\build\main\xref-main.html17506 INFO: checking PYZ17507 INFO: Building PYZ because PYZ-00.toc is non existent17508 INFO: Building PYZ (ZlibArchive) D:\文档\tmp\test\build\main\PYZ-00.pyz18600 INFO: Building PYZ (ZlibArchive) D:\文档\tmp\test\build\main\PYZ-00.pyz completed successfully.18637 INFO: checking PKG18639 INFO: Building PKG because PKG-00.toc is non existent18640 INFO: Building PKG (CArchive) PKG-00.pkg22329 INFO: Building PKG (CArchive) PKG-00.pkg completed successfully.22332 INFO: Bootloader d:\programfiles\python\lib\site-packages\PyInstaller\bootloader\Windows-64bit\run.exe22334 INFO: checking EXE22335 INFO: Building EXE because EXE-00.toc is non existent22336 INFO: Building EXE from EXE-00.toc22416 INFO: Appending archive to EXE D:\文档\tmp\test\dist\main.exe22641 INFO: Building EXE from EXE-00.toc completed successfully. 你将在当前文件夹下看到如下文件:
其中dist文件夹中就是生成的exe文件。直接双击exe文件就能正常运行了。 但这篇文章的重点并不是介绍如何使用pyinstaller。此时,我又在思考,如此简单的打包过程究竟安全吗?打包成的exe文件会不会轻而易举地被反编译?查阅了相关资料后发现,确实可能。 二、pyinstaller 的反编译过程 1. 下载并使用pyinstxtractor解包 pyinstxtractor.py ,可以将pyinstaller 生成的exe文件解包成pyc文件。https:///projects/pyinstallerextractor/ python pyinstxtractor.py xx.exe xx.exe_extracted 文件夹 ,里面有一堆dll ,pyd等文件,我们需要注意的是里面有一个xxx.exe.manifest 文件,xxx可能与你的exe文件名不同,但这才是它的真实名字。.py 文件对应的pyc文件。PYZ-00.pyz_extracted 文件夹,里面都是引入的依赖库,当然,我们自己写的mylib.py 也在其中,它也是我们反编译的对象。2. 反编译pyc文件 http://tools./decompyle/ 但直接将我们找到的pyc文件上传会发现无法反编译。main.pyc 的区别,左边是我们解包出来的,右边是运行生成的。xx.exe_extracted 文件夹里找一找。会发现有一个叫struct的文件,我们给他加上后缀.pyc 反编译试试。发现成功反编译出如下内容:main.py 中的内容被成功反编译出来了。mylib.py 等依赖库中的内容,不过值得注意的是,网上很多教程都没有提到依赖库的pyc文件缺少的字节数与主程序的不同!mylib.pyc 反编译内容反编译成功!三、使用pyinstaller加密打包exe 其实只要在打包时加个key参数就能加密
1. 安装pycrypto包 原本安装过程应该很简单,通过pip就能安装。 pip install pycrypto 不过安装过程好像要调用VS编译器编译,这就造成了莫名其妙的问题,如果你在安装过程中没有报错,那么恭喜你,你可以跳过这部分了。我在网上找了很多解决方法都没效,最后终于在StackOverflow上找到了一篇回答,完美解决了这个问题。 原答案地址: 以我的vs2015为例 1、在开始菜单中找到VS文件夹,用管理员身份运行这个”兼容工具命令提示符“ 2、在你的VS安装目录下找到 3、输入 4、然后再执行 2. 使用pyinstaller加密打包 现在执行如下命令就能加密打包了。key后面为密钥可以随便输。
3. 反编译测试 那么我们再来测试一下加密打包的exe还能不能被反编译。再次执行 PS > python pyinstxtractor.py .\main-encrypt.exe import imp[*] Processing .\main-encrypt.exe[*] Pyinstaller version: 2.1+[*] Python version: 37[*] Length of package: 5787283 bytes[*] Found 63 files in CArchive[*] Beginning extraction...please standby[+] Possible entry point: pyiboot01_bootstrap[+] Possible entry point: main[*] Found 136 files in PYZ archive[!] Error: Failed to decompress Crypto, probably encrypted. Extracting as is.[!] Error: Failed to decompress Crypto.Cipher, probably encrypted. Extracting as is.[!] Error: Failed to decompress __future__, probably encrypted. Extracting as is.[!] Error: Failed to decompress _compat_pickle, probably encrypted. Extracting as is.[!] Error: Failed to decompress argparse, probably encrypted. Extracting as is.[!] Error: Failed to decompress ast, probably encrypted. Extracting as is.[!] Error: Failed to decompress base64, probably encrypted. Extracting as is.[!] Error: Failed to decompress bdb, probably encrypted. Extracting as is.[!] Error: Failed to decompress bisect, probably encrypted. Extracting as is.[!] Error: Failed to decompress bz2, probably encrypted. Extracting as is.[!] Error: Failed to decompress calendar, probably encrypted. Extracting as is.[!] Error: Failed to decompress cmd, probably encrypted. Extracting as is.[!] Error: Failed to decompress code, probably encrypted. Extracting as is.[!] Error: Failed to decompress codeop, probably encrypted. Extracting as is. 这次下面输出了一长串Error,看来确实是被加密了。我们再来看一看文件夹。
看来这个加密只针对依赖库。 四、总结 如果你不希望别人得到你的源码,建议将你程序的入口函数写在一个单独的文件里,并采用加密方式打包exe。这样的话,就算别人尝试反编译也只能得到你的入口函数。 原文地址:https://blog./archives/155 作者:江风引雨 |
|
来自: 我本无我O > 《Python 知识》