wh1t3-e4gl3 / white-obfuscate Goto Github PK

23.0 2.0 2.0 84 KB

This is a tool to obfuscate / to make your python code unreadable. It obfuscates your code and prevents easy access of others to your code.

Python 100.00%

code-obfuscator crypter encoder encrypt obfuscate obfuscate-code obfuscate-scripts obfuscator python-encryptor python-obfuscate

white-obfuscate's Introduction

"I will not post any high level/complicated and explict programs or content here because all the contents in my account is intended simply for educational purpose only and the aim is every one will understand the scripts i post so i tried to keep it simple as much as i can and provide explanation of each code. each of them will be simple implementations, so that everyone can understand the aspects."

👋 Hi, I’m Sethu Satheesh

👀 I’m interested in ethical hacking

🌱 I’m currently learning a lot of things🥵

💞️ I’m looking to collaborate on google🤭

📫 How to reach me : https://www.instagram.com/whxitte (Instagram me [Not for any hacking services])

white-obfuscate's People

Contributors

Stargazers

Watchers

Forkers

vipbeto aresblackheart

white-obfuscate's Issues

here is the source code lol

import sys
import random
import logging

yellow = '\033[93m'
lgreen = '\033[92m'
clear  = '\033[0m'
bold   = '\033[01m'
cyan   = '\033[96m'
red    = "\033[91m"

logging.basicConfig(level=logging.INFO)

__banner__ = yellow+"""
\t
+-------------------------------------------------------------------+
│                                                                   │ 
│  █ █ █ █▄█ ▀█▀ ▀█▀ █▀▀   █▀█ █▄▄ █▀▀ █ █ █▀▀ █▀▀ ▄▀▄ ▀█▀ █▀▀      │
│  ▀▄▀▄▀ █ █ ▄█▄  █  ██▄   █▄█ █▄█ █▀  █▄█ ▄██ █▄▄ █▀█  █  ██▄      │
│                                                                   │
│ 𝗔𝘂𝘁𝗵𝗼𝗿 : 𝘄𝗵𝗶𝘁𝗲 𝗲𝗮𝗴𝗹𝗲       𝗧𝗲𝗹𝗲𝗴𝗿𝗮𝗺 : 𝗵𝘁𝘁𝗽𝘀://𝘁.𝗺𝗲/𝗞𝗮_𝗞𝘀𝗛𝗶_𝗛𝗮𝗧𝗮𝗞𝗲 
│                                                                   │
+-------------------------------------------------------------------+

\n"""+clear


def main(files, string):
    s = open(files).read()
    z = []
    for i in s:
        z.append(ord(i))
    pea = []
    for i in z:
        pea.append(string.replace("'", "").replace('"', '')*i)
    file = """
# coding=utf-8
# obfuscated with white obfuscate : https://github.com/WH1T3-E4GL3/white-obfuscate



d={};exec("".join([chr(len(i)) for i in d]))
        """.format(pea)
    open(files.replace(".py", "encypt.py"), "w").write(file)
    logging.info(" saved as "+files.replace(".py", "encrypt.py"))


try:
    print(__banner__)
    logging.info(" obfuscating "+sys.argv[1]+"....")
    main(sys.argv[1], sys.argv[2])
except:
    print("""+-------------------------------------------------------------------+
    """)
    print(red+"""[ERROR!]
    """+clear, end=' ')
    print("""
Usage   : python white-obsf.py <filename> 'string'

Example : python white-obfs.py pythoncode.py '#' 


This will modify your full python script with '+' symbol.
""")
    print("""+-------------------------------------------------------------------+""

lol

Update

Make the code be compressed with zlib so that the output file is a bit smaller.
Make it a little bit harder to debofuscate by using confusion techniques or something like that I dont know what it's called because you only need to replace (exec) with (print) to get the source code

Deleted dependency detected

I'm a Cyber Security researcher and developer of PackjGuard [1] to address open-source software supply chain attacks.

Issue

During my research, I found that this repo is vulnerable to attack due to deleted dependency from the public PyPI registry.

Details

Specifically, file https://github.com/WH1T3-E4GL3/white-obfuscate/blob/a850ef93e43bf72267add6576ff7f6aff8ec2b13/requirements.txt lists sinchsms as one of the dependencies. However, it has been deleted from public PyPI. As such, an external bad actor can claim that name and register a malicious package, which will be then installed with pip install command, resulting in arbitrary remote code execution.

Impact

Not only your apps/services using https://github.com/WH1T3-E4GL3/white-obfuscate repo code are vulnerable to this attack, but the users of your open-source Github repo could also fall victim.

You could read more about such attacks here: https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

Remediation

Please manually register a placeholder sinchsms package on PyPI immediately or remove sinchsms dependency from https://github.com/WH1T3-E4GL3/white-obfuscate/blob/a850ef93e43bf72267add6576ff7f6aff8ec2b13/requirements.txt to fix this vulnerability.

To automatically fix such issues in future, please install PackjGuard Github app [1].

Thanks!

PackjGuard is a Github app that monitors your repos 24x7, detects vulnerable/malicious/risky open-source dependencies, and creates pull requests for auto remediation: https://github.com/marketplace/packjguard

wh1t3-e4gl3 / white-obfuscate Goto Github PK

white-obfuscate's Introduction

white-obfuscate's People

Contributors

Stargazers

Watchers

Forkers

white-obfuscate's Issues

here is the source code lol

Update

Deleted dependency detected

Issue

Details

Impact

Remediation

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent