Breaking Code

July 23, 2010

Quickpost: “Hiding” your Python source with ROT13

Filed under: Just for fun — Tags: , , , , , — Mario Vilas @ 5:50 pm

First of all I want to make something clear: this is an absolutely lame way to obfuscate your code. I guess some antivirus, IDS or other kind of security scanner may fail to properly analyze the code if it’s encoded like this, but you can’t really fool a human.

Anyway, it was fun :) and that’s my main motivation to write this blog in the first place, soooo… here it is! A Python source code obfuscator that uses ROT13.

How does it work? Simply put, by misusing the Python source encodings feature. I stumbled upon this idea while reading a thread in Stack Overflow. Python allows us to use any supported form of text encoding for our source code, by placing a magic comment in either the first or second line of the script:

    #!/usr/bin/env python
    # -*- coding: <codec-name-goes-here> -*-

This is useful for example to use UTF-8 and other encodings that allow non-english characters. But Python also has some other fun encodings, like ROT13 (the ancient Roman empire encryption system). The following snippet from Stack Overflow shows how to do it:

    #!/usr/bin/env python
    # -*- coding: rot13 -*-

    cevag "Uryyb fgnpxbiresybj!".rapbqr("rot13")

The only caveat is, ASCII strings are not decoded when you run the script, so you have to do it yourself. Unicode strings on the other hand are decoded automatically.

    #!/usr/bin/env python
    # -*- coding: rot13 -*-

    cevag h"Uryyb fgnpxbiresybj!"

There are some other fun encodings like “base64″, “uuencode”, “zlib” or “bz2″ that you can experiment with too. If you try them let me know how it went. :)

I wrote a quick script to use the ROT13 trick. Naturally the source code itself is also encoded in ROT13, decoding it is left as an exercise for the reader. Enjoy!

Download

Source code: rot13src.py

About these ads

4 Comments »

  1. hey!, funny post!

    Comment by NCR — July 24, 2010 @ 5:40 pm

  2. Failed with UU or base64, but this works:

    #!/usr/bin/env python
    #coding: unicode_escape

    \u0070rint 1

    Comment by est — August 27, 2010 @ 4:30 am

  3. @est: Nice!

    Comment by Mario Vilas — August 27, 2010 @ 12:12 pm

  4. [...] Just for fun Tagged: antivirus, LinkedIn, obfuscate, python, reverse engineering, tool Breaking Code This entry was posted in Breaking Code and tagged Python, Quickpost, ROT13, source, [...]

    Pingback by Quickpost: “Hiding” your Python source with ROT13 | Linux-backtrack.com — January 24, 2011 @ 3:55 am


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Silver is the New Black Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 2,480 other followers

%d bloggers like this: