published on in Creations Tech Tips & Tricks

Dropbox Bytecode Decryption Tool

Dropbox is actually just a python application, so it is shipping the bytecode of its modules which one could theoretically use in other applications. Also building a more lightweight dropbox-client, that does not come with its own interpreter, might be a goal. Apparently though, dropbox does not want this and makes it slightly harder to get to the bytecode. So here is a project I’ve been working on quite some time ago, which converts the encrypted python modules of dropbox to real python-2.5 modules usable in a normal interpreter. This works just fine, but as I don’t have the time to pursue this any further I’ll just provide the results (or the source) and hope that others use this as a base to continue.


The encryption scheme is actually quite simple. It uses the TEA cipher along with an RNG seeded by some values in the code object of each python module. They adjusted the interpreter accordingly so that it a) decrypts the modules and b) prevents access to the decrypted code-objects. This would have been the straightforward path just letting dropbox decrypt everything and dump the modules using the builtin marshaller. Another trick used is the manual scrambling of the opcodes. Unfortunately this could only be fixed semiautomatically thus their monoalphabetic substitution cipher proved quite effective in terms of winning some time.


You’ll find the source at github/dropboxdec

Grab and unpack the prerequisites::

wget -nv -O - | tar xzv
wget -nv -O - | tar xzv
# use dropbox-lnx.x86_64-1.1.45.tar.gz if you're running a 64bit os
cd .dropbox-dist; unzip; chmod a+rw -R .; cd ..

Run the decryption tool::

python dropboxdec*/ .dropbox-dist

From here

The decrypted modules are python-2.5 bytecode, thus will only work in a 2.5 bytecode interpreter. There are some decompilers for other python-versions which will need some adjustments to be able to decompile the code, if anyone wants to dive deeper into the protocol. The decryption also only works for the 1.1.45 version of dropbox. In the 1.2 branch the simple RNG was exchanged to the Mersenne Twister, so the decryption program would need to be adjusted accordingly.

If you do anything cool with it, I’d very much appreciate if you’d drop me a line and let me know :) Other than that, have fun hacking!