How to obfuscate Python source code

A lot of the Python code you will come across is open source. The whole point is to distribute it freely, share knowledge and let people play around with it and learn from it.

Sometimes, though, you might want to prevent the end-user from reading the code. Maybe you are selling commercial software or maybe you just want to share the solution to a tricky coding challenge with your friends without giving the game away.

Whatever your reasons, there are a few approaches you can take:

Using pyobfuscate

One is obfuscation. I like a package called pyobfuscate. It transforms your normal and clearly written (right?) Python source code into new source code that is hard to read, by making changes to whitespace and names, stripping comments, removing functions, etc.

The package doesn’t seem to be on PyPI, but you can install it from the Github repo:

git clone https://github.com/astrand/pyobfuscate.git
cd pyobfuscate/
python setup.py install

git clone https://github.com/astrand/pyobfuscate.git

cd pyobfuscate/

python setup.py install

Let’s try it out. Save the following code in example.py :

def fibonacci(n):
    if n == 0: return 0
    if n == 1: return 1
    return fibonacci(n-1) + fibonacci(n-2)


def main():
    for i in range(10):
        result = fibonacci(1)

if __name__ == "__main__":
    main()

def fibonacci(n):

if n == 0: return 0

if n == 1: return 1

return fibonacci(n-1) + fibonacci(n-2)

def main():

for i in range(10):

result = fibonacci(1)

if __name__ == "__main__":

main()

Obfuscate it using the pyobfuscate command, which should be on your path now that you have installed the package:

pyobfuscate example.py

1	pyobfuscate example.py

Thee obfuscated code will be printed to the console:

def oo000 ( n ) :
 if n == 0 : return 0
 if n == 1 : return 1
 return oo000 ( n - 1 ) + oo000 ( n - 2 )
 if 9 - 9: Ii . o0o00Oo0O - iI11I1II1I1I
 if 71 - 71: ii
def iIIii1IIi ( ) :
 for o0OO00 in range ( 10 ) :
  oo = oo000 ( 1 )
  if 27 - 27: oO0OooOoO * o0Oo
if __name__ == "__main__" :
 iIIii1IIi ( )

def oo000 ( n ) :

if n == 0 : return 0

if n == 1 : return 1

return oo000 ( n - 1 ) + oo000 ( n - 2 )

if 9 - 9: Ii . o0o00Oo0O - iI11I1II1I1I

if 71 - 71: ii

def iIIii1IIi ( ) :

for o0OO00 in range ( 10 ) :

oo = oo000 ( 1 )

if 27 - 27: oO0OooOoO * o0Oo

if __name__ == "__main__" :

iIIii1IIi ( )

That’s pretty illegible!

Unfortunately pyobfuscate only works on one source file at a time, so it’s not really suitable for large projects. It also appears to only work with Python 2 at the moment.

Distributing bytecode

Another, arguably easier, method is to just distribute the .pyc files. The Python standard library includes a compileall module that can scan your source directory and compile all of your files into Python bytecode. Then you can distribute them without the source files. The .pyc files can still be decompiled into source code, but the code will not be as readable as it was before.

One problem with this method is that the initial .py script that you run cannot be compiled in this way. You can solve this problem by making a simple wrapper script that gives away no information about your program.

from mymodule import main

if __name__ == "__main__":
    main()

from mymodule import main

if __name__ == "__main__":

main()

These two methods are really just a deterrent, not a secure way of hiding the code.

If you want something a bit more robust, you should take a look at Nuitka, which compiles Python code to C++, so you can compile that and just distribute the executable. It seems to be broadly compatible with different libraries and different versions of Python.

How to obfuscate Python source code

Using pyobfuscate

Distributing bytecode

自怼圈/年度番新