为了修改上一篇文章《Wing IDE 4.1 Windows Crack 【续】》中的提到的二进制代码,在网上到处搜索。但是虾米东西都没找到,俺的Google用的太烂了。 😀 不过后来忽然想到那个unpyc既然能解码二进制文件,那么其中肯定有相关的代码引擎进行转换了?直接去那里面找不就得了。事实是,果然让我猜对了。嘎嘎。在opcodes.py文件中找到了相关的代码和对应的十六进制数值。我实在太聪明啦。哈哈 🙂
相关代码对应如下(这里只是备份便于查找,版权归原作者所有,猛击此处下载该文件):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 | #!/usr/bin/python # [The "BSD licence"] # Copyright (c) 2008-2009 Dmitri Kornev # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # * The name of the author may not be used to endorse or promote products # derived from this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL Dmitri Kornev BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ''' Provides constants necessary for disassembly. Constants are the following: - opcodes - maps opcode with mnemonics, attribute length and doc-string. - cmp_op - maps byte representation of comparison operations with their string representation. - marshal_types - maps byte representation of data types with their string representation. - flags - maps byte representation of flags with their string representation. - rflags - reverse of flags mapping. - ropcodes - reverse of opcodes mapping. ''' opcodes = { ############# from opcodes.h ############# # with no arguments 0x00 : ['STOP_CODE', 0, 'Indicates end-of-code to the compiler, not used by the ' \ 'interpreter. '], 0x01 : ['POP_TOP', 0, 'Removes the top-of-stack (TOS) item.'], 0x02 : ['ROT_TWO', 0, 'Swaps the two top-most stack items.'], 0x03 : ['ROT_THREE', 0, 'Lifts second and third stack item one position up, moves top ' \ 'down to position three.'], 0x04 : ['DUP_TOP', 0, 'Duplicates the reference on top of the stack.'], 0x05 : ['ROT_FOUR', 0, 'Lifts second, third and forth stack item one ' \ 'position up, moves top down to position four.'], 0x09 : ['NOP', 0, 'Do nothing code. Used as a placeholder by the ' \ 'bytecode optimizer.'], 0x0A : ['UNARY_POSITIVE', 0, 'Implements TOS = +TOS.'], 0x0B : ['UNARY_NEGATIVE', 0, 'Implements TOS = -TOS.'], 0x0C : ['UNARY_NOT', 0, 'Implements TOS = not TOS.'], 0x0D : ['UNARY_CONVERT', 0, 'Implements TOS = `TOS`.'], 0x0F : ['UNARY_INVERT', 0, 'Implements TOS = ~TOS.'], 0x12 : ['LIST_APPEND', 0, 'Calls list.append(TOS1, TOS). Used to implement list ' \ 'comprehensions.'], 0x13 : ['BINARY_POWER', 0, 'Implements TOS = TOS1 ** TOS. '], 0x14 : ['BINARY_MULTIPLY', 0, 'Implements TOS = TOS1 * TOS.'], 0x15 : ['BINARY_DIVIDE', 0, 'Implements TOS = TOS1 / TOS when ' \ 'from __future__ import division is not in effect.'], 0x16 : ['BINARY_MODULO', 0, 'Implements TOS = TOS1 % TOS.'], 0x17 : ['BINARY_ADD', 0, 'Implements TOS = TOS1 + TOS.'], 0x18 : ['BINARY_SUBTRACT', 0, 'Implements TOS = TOS1 - TOS.'], 0x19 : ['BINARY_SUBSCR', 0, 'Implements TOS = TOS1[TOS].'], 0x1A : ['BINARY_FLOOR_DIVIDE', 0, 'Implements TOS = TOS1 // TOS.'], 0x1B : ['BINARY_TRUE_DIVIDE', 0,'Implements TOS = TOS1 / TOS when ' \ 'from __future__ import division is in effect.'], 0x1C : ['INPLACE_FLOOR_DIVIDE', 0, 'Implements in-place TOS = TOS1 // TOS.'], 0x1D : ['INPLACE_TRUE_DIVIDE', 0, 'Implements in-place TOS = TOS1 / TOS when ' \ 'from __future__ import division is in effect.'], 0x1E : ['SLICE', 0, 'Implements TOS = TOS[:].'], 0x1F : ['SLICE+1', 0, 'Implements TOS = TOS1[TOS:].'], 0x20 : ['SLICE+2', 0, 'Implements TOS = TOS1[:TOS].'], 0x21 : ['SLICE+3', 0, 'Implements TOS = TOS2[TOS1:TOS].'], 0x28 : ['STORE_SLICE', 0, 'Implements TOS[:] = TOS1.'], 0x29 : ['STORE_SLICE+1', 0, 'Implements TOS1[TOS:] = TOS2.'], 0x2A : ['STORE_SLICE+2', 0, 'Implements TOS1[:TOS] = TOS2.'], 0x2B : ['STORE_SLICE+3', 0, 'Implements TOS2[TOS1:TOS] = TOS3.'], 0x32 : ['DELETE_SLICE', 0, 'Implements del TOS[:].'], 0x33 : ['DELETE_SLICE+1', 0, 'Implements del TOS1[TOS:].'], 0x34 : ['DELETE_SLICE+2', 0, 'Implements del TOS1[:TOS].'], 0x35 : ['DELETE_SLICE+3', 0, 'Implements del TOS2[TOS1:TOS].'], 0x36 : ['STORE_MAP', 0, 'Store a key and value pair in a dictionary. Pops the key and ' \ 'value while leaving the dictionary on the stack.', '2.6.2'], 0x37 : ['INPLACE_ADD', 0, 'Implements in-place TOS = TOS1 + TOS.'], 0x38 : ['INPLACE_SUBTRACT', 0, 'Implements in-place TOS = TOS1 - TOS.'], 0x39 : ['INPLACE_MULTIPLY', 0, 'Implements in-place TOS = TOS1 * TOS.'], 0x3A : ['INPLACE_DIVIDE', 0, 'Implements in-place TOS = TOS1 / TOS when ' \ 'from __future__ import division is not in effect.'], 0x3B : ['INPLACE_MODULO', 0, 'Implements in-place TOS = TOS1 % TOS.'], 0x3C : ['STORE_SUBSCR', 0, 'Implements TOS1[TOS] = TOS2.'], 0x3D : ['DELETE_SUBSCR', 0, 'Implements del TOS1[TOS]. '], 0x3E : ['BINARY_LSHIFT', 0, 'Implements TOS = TOS1 < < TOS. '], 0x3F : ['BINARY_RSHIFT', 0, 'Implements TOS = TOS1 >> TOS.'], 0x40 : ['BINARY_AND', 0, 'Implements TOS = TOS1 & TOS.'], 0x41 : ['BINARY_XOR', 0, 'Implements TOS = TOS1 ^ TOS. '], 0x42 : ['BINARY_OR', 0, 'Implements TOS = TOS1 | TOS.'], 0x43 : ['INPLACE_POWER', 0, 'Implements in-place TOS = TOS1 ** TOS.'], 0x44 : ['GET_ITER', 0, 'Implements TOS = iter(TOS).'], 0x46 : ['PRINT_EXPR', 0, 'Implements the expression statement for the interactive mode. ' \ 'TOS is removed from the stack and printed. In non-interactive ' \ 'mode, an expression statement is terminated with POP_STACK.'], 0x47 : ['PRINT_ITEM', 0, 'Prints TOS to the file-like object bound to sys.stdout. There ' \ 'is one such instruction for each item in the print statement.'], 0x48 : ['PRINT_NEWLINE', 0, 'Prints a new line on sys.stdout. This is generated as the ' \ 'last operation of a print statement, unless the statement ' \ 'ends with a comma.'], 0x49 : ['PRINT_ITEM_TO', 0, 'Like PRINT_ITEM, but prints the item second from TOS to the ' \ 'file-like object at TOS. This is used by the extended print ' \ 'statement.'], 0x4A : ['PRINT_NEWLINE_TO', 0, 'Like PRINT_NEWLINE, but prints the new line on the file-like ' \ 'object on the TOS. This is used by the extended print ' \ 'statement.'], 0x4B : ['INPLACE_LSHIFT', 0, 'Implements in-place TOS = TOS1 < < TOS.'], 0x4C : ['INPLACE_RSHIFT', 0, 'Implements in-place TOS = TOS1 >> TOS.'], 0x4D : ['INPLACE_AND', 0, 'Implements in-place TOS = TOS1 & TOS.'], 0x4E : ['INPLACE_XOR', 0, 'Implements in-place TOS = TOS1 ^ TOS.'], 0x4F : ['INPLACE_OR', 0, 'Implements in-place TOS = TOS1 | TOS. '], 0x50 : ['BREAK_LOOP', 0, 'Terminates a loop due to a break statement.'], 0x51 : ['WITH_CLEANUP', 0, 'Cleans up the stack when a with statement block exits. On top ' \ 'of the stack are 1-3 values indicating how/why the finally ' \ 'clause was entered: ' \ '1) TOP = None ' \ '2) (TOP, SECOND) = (WHY_{RETURN,CONTINUE}), retval ' \ '3) TOP = WHY_*; no retval below it '\ '4) (TOP, SECOND, THIRD) = exc_info(). '\ 'Under them is EXIT, the context manager\'s __exit__() bound ' \ 'method. In the last case, EXIT(TOP, SECOND, THIRD) is called, ' \ 'otherwise EXIT(None, None, None). EXIT is removed from the ' \ 'stack, leaving the values above it in the same order. In ' \ 'addition, if the stack represents an exception, and the ' \ 'function call returns a "true" value, this information is ' \ '"zapped", to prevent END_FINALLY from re-raising the ' \ 'exception. (But non-local gotos should still be resumed.) ' \ 'All of the following opcodes expect arguments. An argument is ' \ 'two bytes, with the more significant byte last.'], 0x52 : ['LOAD_LOCALS', 0, 'Pushes a reference to the locals of the current scope on the ' \ 'stack. This is used in the code for a class definition: After ' \ 'the class body is evaluated, the locals are passed to the ' \ 'class definition.'], 0x53 : ['RETURN_VALUE', 0, 'Returns with TOS to the caller of the function.'], 0x54 : ['IMPORT_STAR', 0, 'Loads all symbols not starting with "_" directly from the ' \ 'module TOS to the local namespace. The module is popped after ' \ 'loading all names. This opcode implements ' \ 'from module import *.'], 0x55 : ['EXEC_STMT', 0, 'Implements exec TOS2,TOS1,TOS. The compiler fills missing ' \ 'optional parameters with None.'], 0x56 : ['YIELD_VALUE', 0, 'Pops TOS and yields it from a generator.'], 0x57 : ['POP_BLOCK', 0, 'Removes one block from the block stack. Per frame, there is a ' \ 'stack of blocks, denoting nested loops, try statements, and ' \ 'such.'], 0x58 : ['END_FINALLY', 0, 'Terminates a finally clause. The interpreter ' \ 'recalls whether the exception has to be re-raised, or whether ' \ 'the function returns, and continues with the outer-next block.'], 0x59 : ['BUILD_CLASS', 0, 'Creates a new class object. TOS is the methods dictionary, ' \ 'TOS1 the tuple of the names of the base classes, and TOS2 the ' \ 'class name.'], # with argument 0x5A : ['STORE_NAME', 2, 'Implements name = TOS. /namei/ is the index of name in the ' \ 'attribute co_names of the code object. The compiler tries to ' \ 'use STORE_LOCAL or STORE_GLOBAL if possible.'], 0x5B : ['DELETE_NAME', 2, 'Implements del name, where /namei/ is the index into co_names ' \ 'attribute of the code object.'], 0x5C : ['UNPACK_SEQUENCE', 2, 'Unpacks TOS into /count/ individual values, which are put ' \ 'onto the stack right-to-left.'], 0x5D : ['FOR_ITER', 2, 'TOS is an iterator. Call its next() method. If this yields a ' \ 'new value, push it on the stack (leaving the iterator below ' \ 'it). If the iterator indicates it is exhausted TOS is popped, ' \ 'and the byte code counter is incremented by /delta/.'], 0x5F : ['STORE_ATTR', 2, 'Implements TOS.name = TOS1, where /namei/ is the index of ' \ 'name in co_names.'], 0x60 : ['DELETE_ATTR', 2, 'Implements del TOS.name, using /namei/ as index into co_names.'], 0x61 : ['STORE_GLOBAL', 2, 'Works as STORE_NAME(/namei/), but stores the name as a global.'], 0x62 : ['DELETE_GLOBAL', 2, 'Works as DELETE_NAME(/namei/), but deletes a global name.'], 0x63 : ['DUP_TOPX', 2, 'Duplicate /count/ items, keeping them in the same order. Due ' \ 'to implementation limits, count should be between 1 and 5 ' \ 'inclusive.'], 0x64 : ['LOAD_CONST', 2, 'Pushes "co_consts[/consti/]" onto the stack.'], 0x65 : ['LOAD_NAME', 2, 'Pushes the value associated with "co_names[/namei/]" onto ' \ 'the stack.'], 0x66 : ['BUILD_TUPLE', 2, 'Creates a tuple consuming /count/ items from the stack, and ' \ 'pushes the resulting tuple onto the stack.'], 0x67 : ['BUILD_LIST', 2, 'Works as BUILD_TUPLE(/count/), but creates a list.'], 0x68 : ['BUILD_MAP', 2, 'Pushes a new empty dictionary object onto the stack. The ' \ 'argument is ignored and set to /zero/ by the compiler.'], 0x69 : ['LOAD_ATTR', 2, 'Replaces TOS with getattr(TOS, co_names[/namei/]).'], 0x6A : ['COMPARE_OP', 2, 'Performs a Boolean operation. The operation name can be found ' \ 'in cmp_op[/opname/].'], 0x6B : ['IMPORT_NAME', 2, 'Imports the module co_names[/namei/]. The module object is ' \ 'pushed onto the stack. The current namespace is not ' \ 'affected: for a proper import statement, a subsequent ' \ 'STORE_FAST instruction modifies the namespace.'], 0x6C : ['IMPORT_FROM', 2, 'Loads the attribute co_names[/namei/] from the module found ' \ 'in TOS. The resulting object is pushed onto the stack, to ' \ 'be subsequently stored by a STORE_FAST instruction. '], 0x6E : ['JUMP_FORWARD', 2, 'Increments byte code counter by /delta/.'], 0x6F : ['JUMP_IF_FALSE', 2, 'If TOS is false, increment the byte code counter by /delta/. ' \ 'TOS is not changed.'], 0x70 : ['JUMP_IF_TRUE', 2, 'If TOS is true, increment the byte code counter by /delta/. ' \ 'TOS is left on the stack.'], 0x71 : ['JUMP_ABSOLUTE', 2, 'Set byte code counter to /target/.'], 0x74 : ['LOAD_GLOBAL', 2, 'Loads the global named co_names[/namei/] onto the stack.'], 0x77 : ['CONTINUE_LOOP', 2, 'Continues a loop due to a continue statement. /target/ is the ' \ 'address to jump to (which should be a FOR_ITER instruction).'], 0x78 : ['SETUP_LOOP', 2, 'Pushes a block for a loop onto the block stack. The block ' \ 'spans from the current instruction with a size of /delta/ ' \ 'bytes.'], 0x79 : ['SETUP_EXCEPT', 2, 'Pushes a try block from a try-except clause onto the block ' \ 'stack. /delta/ points to the first except block.'], 0x7A : ['SETUP_FINALLY', 2, 'Pushes a try block from a try-except clause onto the block ' \ 'stack. /delta/ points to the finally block.'], 0x7C : ['LOAD_FAST', 2, 'Pushes a reference to the local co_varnames[/var_num/] onto ' \ 'the stack.'], 0x7D : ['STORE_FAST', 2, 'Stores TOS into the local co_varnames[/var_num/].'], 0x7E : ['DELETE_FAST', 2, 'Deletes local co_varnames[/var_num/].'], 0x82 : ['RAISE_VARARGS', 2, 'Raises an exception. /argc/ indicates the number of ' \ 'parameters to the raise statement, ranging from 0 to 3. ' \ 'The handler will find the traceback as TOS2, the parameter as ' \ 'TOS1, and the exception as TOS.'], 0x83 : ['CALL_FUNCTION', 2, 'Calls a function. The low byte of /argc/ indicates the number ' \ 'of positional parameters, the high byte the number of keyword ' \ 'parameters. On the stack, the opcode finds the keyword ' \ 'parameters first. For each keyword argument, the value is on ' \ 'top of the key. Below the keyword parameters, the positional ' \ 'parameters are on the stack, with the right-most parameter on ' \ 'top. Below the parameters, the function object to call is on ' \ 'the stack.'], 0x84 : ['MAKE_FUNCTION', 2, 'Pushes a new function object on the stack. TOS is the code ' \ 'associated with the function. The function object is defined ' \ 'to have /argc/ default parameters, which are found below TOS.'], 0x85 : ['BUILD_SLICE', 2, 'Pushes a slice object on the stack. /argc/ must be 2 or 3. If ' \ 'it is 2, slice(TOS1, TOS) is pushed; if it is 3, ' \ 'slice(TOS2, TOS1, TOS) is pushed. See the slice() built-in ' \ 'function for more information.'], 0x86 : ['MAKE_CLOSURE', 2, 'Creates a new function object, sets its func_closure slot, ' \ 'and pushes it on the stack. TOS is the code associated with ' \ 'the function. If the code object has N free variables, the ' \ 'next N items on the stack are the cells for these variables. ' \ 'The function also has /argc/ default parameters, where are ' \ 'found before the cells.'], 0x87 : ['LOAD_CLOSURE', 2, 'Pushes a reference to the cell contained in slot /i/ of the ' \ 'cell and free variable storage. The name of the variable is ' \ 'co_cellvars[i] if i is less than the length of co_cellvars. ' \ 'Otherwise it is co_freevars[i - len(co_cellvars)].'], 0x88 : ['LOAD_DEREF', 2, 'Loads the cell contained in slot /i/ of the cell and free ' \ 'variable storage. Pushes a reference to the object the cell ' \ 'contains on the stack.'], 0x89 : ['STORE_DEREF', 2, 'Stores TOS into the cell contained in slot /i/ of the cell ' \ 'and free variable storage.'], 0x8C : ['CALL_FUNCTION_VAR', 2, 'Calls a function. /argc/ is interpreted as in CALL_FUNCTION. ' \ 'The top element on the stack contains the variable argument ' \ 'list, followed by keyword and positional arguments.'], 0x8D : ['CALL_FUNCTION_KW', 2, 'Calls a function. /argc/ is interpreted as in CALL_FUNCTION. ' \ 'The top element on the stack contains the keyword arguments ' \ 'dictionary, followed by explicit keyword and positional ' \ 'arguments.'], 0x8E : ['CALL_FUNCTION_VAR_KW', 2, 'Calls a function. /argc/ is interpreted as in CALL_FUNCTION. ' \ 'The top element on the stack contains the keyword arguments ' \ 'dictionary, followed by the variable-arguments tuple, ' \ 'followed by explicit keyword and positional arguments.'], 0x8F : ['EXTENDED_ARG', 2, 'Support for opargs more than 16 bits long.'] } cmp_op = { 0x00 : '< ', 0x01 : '<=', 0x02 : '==', 0x03 : '!=', 0x04 : '>', 0x05 : '>=', 0x06 : 'in', 0x07 : 'not in', 0x08 : 'is', 0x09 : 'is not', 0x0a : 'EXC_MATCH', 0x0b : 'BAD' } marshal_types = { 0x28 : ['TUPLE'], # ( 0x2E : ['ELLIPSIS'], # . 0x30 : ['NULL'], # 0 0x3C : ['SET'], # < 0x3E : ['FROZENSET'], # > 0x3F : ['UNKNOWN'], # ? 0x46 : ['FALSE'], # F 0x49 : ['INT64'], # I 0x4E : ['NONE'], # N 0x52 : ['STRINGREF'], # R 0x53 : ['STOPITER'], # S 0x54 : ['TRUE'], # T 0x5B : ['LIST'], # [ 0x63 : ['CODE'], # c 0x66 : ['FLOAT'], # f 0x67 : ['BINARY_FLOAT'], # g 0x69 : ['INT'], # i 0x6C : ['LONG'], # l 0x73 : ['STRING'], # s 0x74 : ['INTERNED'], # t 0x78 : ['COMPLEX'], # x 0x79 : ['BINARY_COMPLEX'], # y 0x7B : ['DICT'], # { 0x75 : ['UNICODE'] # u } flags = { 0x0001 : 'OPTIMIZED', 0x0002 : 'NEWLOCALS', 0x0004 : 'VARARGS', 0x0008 : 'VARKEYWORDS', 0x0010 : 'NESTED', 0x0020 : 'GENERATOR', 0x0040 : 'NOFREE', 0x1000 : 'GENERATOR_ALLOWED', 0x2000 : 'FUTURE_DIVISION', 0x4000 : 'FUTURE_ABSOLUTE_IMPORT', 0x8000 : 'FUTURE_WITH_STATEMENT' } |
原创文章,转载请注明: 转载自 obaby@mars
本文标题: 《Python ByteCode(opcode) & HexCode》
本文链接地址: http://h4ck.org.cn/2012/03/python-bytecodeopcode-hexcode/