In this tutorial, we'll explore the process of reverse engineering an executable file (.exe
) back to Python source code using a tool called Unpy2exe. This process can be helpful for understanding how a program works, debugging, or making modifications to the code.
Prerequisites
Before we begin, make sure you have the following:
- Python installed on your system
- PIP or install from source
- A sample
.exe
file that was generated with py2exe that you want to reverse engineer
Step 1: Install Unpy2exe
Unpy2exe is a Python package that can be installed via pip. Open your command prompt and run the following command:
pip install unpy2exe
This will install Unpy2exe along with its dependencies.
If you don't have PIP installed, then you will have to install it from source. To do this you will need:
pefile
six
argparse (Python < 2.7)
Then just clone https://github.com/matiasb/unpy2exe and run the unpy2exe.py.
Step 2: Reverse Engineer the .exe
-
Locate the .exe file: Navigate to the directory containing the
.exe
file you want to reverse engineer. -
Open Command Prompt: Press
Win + R
, typecmd
, and hit Enter to open the Command Prompt. -
Run Unpy2exe: In the Command Prompt, navigate to the directory where the
.exe
file is located using thecd
command. For example:cd C:\path\to\directory
-
Once in the directory, run the following command to reverse engineer the
.exe
file:unpy2exe <your_exe_file.exe>
Replace
<your_exe_file.exe>
with the name of your.exe
file. -
Unpy2exe will start the reverse engineering process. It will extract the Python source code from the
.exe
file and create a folder containing the extracted code. -
After the process is complete, navigate to the folder created by Unpy2exe to access the extracted Python source code.
Step 3: Explore the Extracted Code
You can now explore and analyze the extracted Python source code using your favorite text editor or integrated development environment (IDE).
-
Open the Python files: Navigate to the folder containing the extracted code and open the Python files using a text editor or IDE.
-
Review the Code: Take some time to review the code and understand its functionality. You can make modifications if necessary, or use the knowledge gained for debugging purposes.
Try it in pwn.VM!
Try the tutorial in our new online Linux VM provider with a free 1 hour session limit for non subscribers!