# Obfuscating Python Code with Subdora

## **🤔 What is "obfuscation"?**

In the context of programming, obfuscation or ***Code Obfuscation*** is the practice of making the source code of an application difficult for humans to understand while still allowing it to function correctly when executed by a computer.

![](https://i.giphy.com/media/v1.Y2lkPTc5MGI3NjExNGdld2g2bGN1ZjkzZG9wc3Jtczh0em84YjZjZXRrOGRrdzF0eDkwaiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/hoyBmp5ccZjGUCmmM5/giphy.gif align="center")

## **📃 Why do we need Code Obfuscation?**

1. Safeguarding Intellectual Property
    

Developers can ensure it's significantly harder for malicious actors to reverse engineer the source code, which is often an outcome of several years/months of R&D along with financial expenditure.

2. Preventing Reverse Engineering to Find Exploits
    

Beyond just protecting the source code against plagiarism, if it's successfully reverse engineered, it can lead to revealing of inner workings. Malicious actors would use this knowledge to test vulnerabilities and create potential exploits to compromise the integrity and security of the application

3. Reducing File Size and Improving Performance
    
4. Mitigating Piracy and Unauthorized Use
    

## **💥 What is Subdora?**

Subdora is a lightweight tool built by \[Lakshit\]([https://github.com/Lakshit-Karsoliya/](https://github.com/Lakshit-Karsoliya/Subdora/pulls)) that makes code obfuscation for Python applications super simple!

## **🏗️ Setup**

![](https://media.giphy.com/media/MpLphYAo2vO4P2Facx/giphy.gif?cid=790b7611311xyef1ed0j0yy1vjrzz6wkdg7aqj7s80cqpql7&ep=v1_gifs_search&rid=giphy.gif&ct=g align="center")

* Open your terminal
    
    * Windows:
        
        * Press Windows + R
            
        * Type "wt"
            
        * Press Enter
            
    * Mac:
        
        1. Press Command + Space
            
        2. Type "terminal"
            
        3. Press Enter
            
    * Linux
        
        * Press CTRL + ALT + T
            
* Create a new directory
    
    ```powershell
    mkdir codeObfuscation
    ```
    
* Navigate Inside the newly created directory cd codeObfuscation
    
    ```powershell
    cd codeObfuscation
    ```
    
* Create a Virtual environment
    
    ```powershell
    python -m venv env
    ```
    
* Activate the virtual environment
    
    ```powershell
    # Mac/Linux
    source venv/bin/activate
    ```
    
    ```powershell
    # Windows
    env/Src/Activate.ps1
    ```
    
* Install the package
    
    ```powershell
    pip install Subdora
    ```
    
* Open VS code inside this directory
    
    ```powershell
    code .
    ```
    
* Create a Python file named `main.py` (Can call it anything) and add some code to it. Here, I have added a simple binary search code. You may directly copy paste it for the purpose of this tutorial
    

```python
def binary_search(nums:list[int],target:int)->list[int]:
    N = len(nums)
    if N <= 1:
        return nums
    start,end = 0,N-1
    while start <= end:
        mid = start + (end-start)//2
        if target < nums[mid]:
            end = mid - 1
        elif target > nums[mid]:
            start = mid + 1
        else:
            return mid 
    return -1
```

## ▶️ Basic Usage

* To obfuscate the python file
    
    ```powershell
     subdora --obfuscate main.py
    ```
    
* An obfuscated file with the same name and the extension `.myst` is created in the project directory. In our case, it would be `main.myst`. While attempting to load and read the file inside VS Code, it can be observed that it is no more human readable.
    

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1720427334615/3cb32a02-8883-47f4-ad49-378921cd5834.png align="center")

* This is the file you would be sharing to your clients or stakeholders from whom you wish to hide the source code.
    
* This file can be run using the following command
    
    ```powershell
    subdora --run ./main.myst
    ```
    
    ![](https://cdn.hashnode.com/res/hashnode/image/upload/v1720427547048/a861b9d3-d25f-490a-9c38-a784b380c1a7.png align="center")
    
    ## **🌬️ Setting Code Expiry**
    
* Beyond basic code obfuscation, it is possible to use Subdora to set a limit for the number of times this obfuscated file can be run to get the desired output/application working
    
    ```powershell
     subdora --obfuscate main.py --itr 5
    ```
    
* The `--itr` flag species the number of times after which obfuscated file can no longer be run as seen below
    

## **⌚ Adding a trial timer**

Along with setting up the number of times the software can be executed from the obfuscated file, it is also possible to add a timer that limits the duration of running each file. This may not be relevant for an algorithmic solution of a problem but useful for GUI applications such as games where one wishes to allow the client to use the software for a few minutes or hours

```powershell
 subdora --obfuscate main.py --itr 2 --time 5m
```

## 📸 Obfuscation-as-a-Image

Instead of creating a `main.myst` file, it is possible to have an obfuscated file as an image. Not only does it sound interesting but also it is effective in terms of security since we are not even revealing the fact that there is some executable code hiding there.

* Download any image of your choice from internet or choose on locally available. Here I am using the image of a tiger
    
* Copy the path of the image
    

```powershell
subdora --obfuscate main.py --itr 5 --img tiger.jpg
```

* The output is indistinguishable from the original image to naked eye
    

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1720428362851/f4205b1b-e41e-4e2d-b9cb-368d69fbeb2b.png align="center")

## 🔖 Closing Notes

I hope this short tutorial provided you with valuable insights to incorporate code obfuscation as part of your development journey using Python!

Thank you🙏🙏 for your time and attention.

If you have any queries, feel free to reach out👋over [**LinkedIN**](https://www.linkedin.com/in/smaranjitghose/). I would love to know about your experience👩‍💻 of incorporating this in your projects/products.

Happy Building!🚀🚀

![](https://media.giphy.com/media/42D3CxaINsAFemFuId/giphy.gif?cid=790b7611ra2eoq39qwvb1aq03tz5iu36jxhlj14q3gwjohi4&ep=v1_gifs_search&rid=giphy.gif&ct=g align="center")
