Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

Decomposing assembler to a basic block.
Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

Retargetting code to a different instruction set.
Analyzing a binary for security issue.
Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also: disassembling reverse-engineering

1056 questions

votes

5 answers

What's a good C decompiler?

I am searching for a decompiler for a C program. The binary is a 32-bit x86 Linux executable. Objdump works fine, so basically I am searching for something which attempts to reconstruct the C source from the asm source.

c linux reverse-engineering decompiling assembly

asked Oct 11 '08 at 09:35

Sec

7,059
6
31
58

votes

8 answers

Decompile an APK, modify it and then recompile it

I need to modify an existing APK, modify the sources and then recompile it. I can decompile it using dex2jar or apktool, it's working great From the jar file I can obtain the java sources (using jd-gui) Then I can modify the java files But now I…

java android decompiling recompile

asked Sep 11 '12 at 13:01

darkheir

8,844
6
45
66

votes

1 answer

How to secure an API REST for mobile app? (if sniffing requests gives you the "key")

It's probable a newbie question but I'll try to create an interesting debate. I know there are some authentication methods for API Basic Authentication, API Keys, OAuth 2.0 ... all of those methods add a header or a formData param in the…

java rest api mobile decompiling

asked Mar 06 '20 at 07:30

FlamingMoe

2,709
5
39
64

votes

10 answers

Is it really impossible to protect Android apps from reverse engineering?

As we know, Android apps are written in Java. In Java, no matter what you do, it is impossible to protect compiled code from decompilation or reverse-engineering, as the Stack Overflow question How to lock compiled Java classes to prevent…

java android reverse-engineering decompiling

asked Dec 02 '10 at 15:30

Android Eve

14,864
26
71
96

votes

3 answers

Decompiling a compiled program with Go

I have built a simple executable program with Go. I've compiled the code into a static binary program. I want to decompile the output binary file and get the Go source code. Is this possible or not?

compiler-construction go decompiling

asked Jul 30 '14 at 10:06

Temüjin

15,371
8
35
57

votes

6 answers

Is there a Visual Basic 6 decompiler?

I lost the source code from one project I did on the company I'm working for and haven't been able to find a Visual Basic 6 decompiler; does that even exists? I only have the EXE that I've rescued from a user's machine.

vb6 decompiling

asked Jan 05 '09 at 18:38

Rismo

6,487
11
37
33

votes

2 answers

Why is it so easy to decompile Java Code?

So I've just realized how easy it is to decompile my Java code. I've been searching around the net and I can't seem to figure out WHY its so easy. Every time I google something like "Why can I decomilple .class files?" or "Why does Java decompile so…

java decompiling

asked Sep 16 '12 at 20:35

user818502

votes

3 answers

Decompiling Objective-C libraries

I've just finished a library in Objective-C that I compiled as a Static Library for distribution. I'd wanted to know what chances to get this decompiled are out there. Do you know any software that can do this? If so, how could I protect me…

objective-c xcode decompiling cracking

asked Feb 25 '10 at 12:56

Cy.

2,125
4
26
35

votes

10 answers

How to change already compiled .class file without decompile?

I want to change .class file's method. I installed JD Eclipse Decompiler and opened the .class file. I added some codes and save .class file. But, .class file is not changing. I don't know how to use decompiler. And if is it possible, how to change…

java ubuntu decompiling decompiler .class-file

asked Dec 28 '12 at 11:49

Breed Hansen

1,159
5
13
21

votes

1 answer

Why does GCC move variables to a temporary location before assigning them?

When looking at some decompiled C code I saw this: movl -0xc(%rbp), %esi movl %esi, -0x8(%rbp) This corresponds to this C code: x = y; This got me thinking: how come gcc moves y to %esi and then move %esi to x instead of just moving y to x…

c assembly x86 decompiling

asked Aug 06 '17 at 14:05

Charanor

votes

4 answers

.NET decompiler for Mac or Linux

I need to decompile a small application written in .NET and convert it to C++. I don't have Windows installed and I know there're a number of .NET decompilers for Windows. Since I have only Mac and Linux and don't want to install Windows only to be…

c# .net linux macos decompiling

asked Dec 11 '14 at 00:38

user266003

votes

4 answers

Reflector for Java?

Is there a Java equivalent to .NET Reflector? Edit: more specifically, decompiling is what I'm after.

java .net decompiling

asked Apr 06 '09 at 17:19

bdd

3,436
5
31
43

votes

6 answers

What tool can decompile a DLL into C++ source code?

I have an old DLL that stopped working (log2vis.dll) and I want to look inside it to see what objects it uses. The DLL was written in C++ (not .NET). Is there a tool that will decompile/disassemble C++ files?

c++ dll decompiling

asked Aug 24 '09 at 12:48

Lea Cohen

7,990
18
73
99

votes

5 answers

Batch decompiling of Java files with JD-GUI

I'm looking for a program to batch decompile Java classes. I found JAD, but it didn't support some new features of Java, and the benefit of this program is that it can execute from command line and generate a *.java file automatically. I also found…

java decompiling

asked Sep 06 '09 at 00:53

MemoryLeak

7,322
23
90
133

votes

10 answers

How to prevent decompilation of any C# application

We are planning to develop a client server application using C# and MySQL. We plan to sell the product on the shelf like any other software utility. We are worried about the decompilation of our product which does have some sort of edge over our…

c# licensing obfuscation decompiling piracy-prevention

asked Aug 14 '09 at 05:44

Kalpak

3,510
4
22
21

Prev 1

…

70 71 Next