From b9810a79be94c07d2bd0e7ae2228605a71833f5a Mon Sep 17 00:00:00 2001
From: extremecoders-re <extremecoders@hotmail.com>
Date: Fri, 27 Mar 2020 02:13:42 +0530
Subject: [PATCH] Save embedded packages and modules with pyc extension

---
 pyinstxtractor.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pyinstxtractor.py b/pyinstxtractor.py
index c7cd073..f2ee07d 100644
--- a/pyinstxtractor.py
+++ b/pyinstxtractor.py
@@ -248,9 +248,17 @@ class PyInstArchive:
                 assert len(data) == entry.uncmprsdDataSize # Sanity Check
 
             if entry.typeCmprsData == b's':
+                # s -> ARCHIVE_ITEM_PYSOURCE
                 # Entry point are expected to be python scripts
                 print('[+] Possible entry point: {0}.pyc'.format(entry.name))
                 self._writePyc(entry.name + '.pyc', data)
+
+            elif entry.typeCmprsData == b'M' or entry.typeCmprsData == b'm':
+                # M -> ARCHIVE_ITEM_PYPACKAGE
+                # m -> ARCHIVE_ITEM_PYMODULE
+                # packages and modules are pyc files with their header's intact
+                with open(entry.name + '.pyc', 'wb') as f:
+                    f.write(data)
             
             else:
                 with open(entry.name, 'wb') as f: