Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

Decomposing assembler to a basic block.
Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

Retargetting code to a different instruction set.
Analyzing a binary for security issue.
Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also: disassembling reverse-engineering

1056 questions

votes

4 answers

Is there a program to decompile Delphi?

Someone just sent me a decompile of a program into C. It was a very good decompile, producing nice, mostly readabe C code (if you overlook the fact that none of the variables or functions had a human-readable name) that mostly looked like it would…

delphi reverse-engineering decompiling

asked Dec 02 '08 at 19:17

Mason Wheeler

82,511
50
270
477

votes

2 answers

How does decompiling work?

I have heard the term "decompiling" used a few times before, and I am starting to get very curious about how it works. I have a very general idea of how it works; reverse engineering an application to see what functions it uses, but I don't know…

decompiling

asked Apr 25 '12 at 07:28

Ephraim

8,352
9
31
48

votes

5 answers

How to protect compiled Java classes?

I know, many similar questions has been asked here. I am not asking if I can protect my compiled Java class - because obviously you will say 'no you can't'. I am asking what is the best known method of protecting Java classes against de-compiling?…

java decompiling source-code-protection

asked Mar 14 '10 at 20:00

Registered User

3,050
5
26
32

votes

2 answers

Null or empty lambda as default value

Which solution is better? Using a nullable lambda or passing an empty lambda as a default parameter? Would kotlin somehow optimize empty lambda, or create a new instance that does nothing? class Test1(val action: () -> Unit = {}) Unfortunately, I do…

lambda kotlin decompiling jvm-bytecode

asked Aug 05 '16 at 08:43

Paweł Byszewski

votes

1 answer

Decompile XAPK file

I have worked pretty a lot analyzing Android projects with different reverse engineering tools, generally for secure purposes, to see what can be seen by a hacker when he/she gets my app. I've met a problem that I couldn't find any of decompilers…

android apk reverse-engineering decompiling decompiler

asked Jan 28 '16 at 19:13

Jenya Pu

votes

2 answers

Is it possible to decompile a .dll/.pyd file to extract Python Source Code?

Are there any ways to decompile a dll and/or a .pyd file in order to extract source code written in Python? Thanks in advance

python dll decompiling extract pyd

asked Feb 24 '16 at 11:42

Youssef Imam

votes

11 answers

Best free Java .class viewer?

I've used DJ Java Decompiler, which has a handy GUI, but it seems as if the latest version is only a trial and forces you to purchase the software after some period of days (I recall using an earlier free version about a year ago at a previous…

java decompiling

asked Oct 14 '08 at 20:04

matt b

138,234
66
282
345

votes

7 answers

Java Decompiler

Can you recommend a Java decompiler for Eclipse? My other questions is what restrictions is there for using a decompiled code from an other Java program? Illegal or what? I dont know much about licenses. Thanks for reading.

java eclipse licensing decompiling

asked Dec 07 '10 at 09:19

MartK

votes

5 answers

How to extract C source code from .so file?

I am working on previously developed software and source code is compiled as linux shared libraries (.so) and source code is not present. Is there any tool which can extract source code from the linux shared libraries? Thanks, Ravi

c linux extract decompiling shared-libraries

asked May 09 '11 at 05:55

Ravi

votes

4 answers

Software like DotPeek to decompile and edit DLL's?

I just got DotPeek and I found it is PERFECT for looking into .dll files. However I can't edit them at all. Is there free software like DotPeek that also lets me edit the DLL instead of just looking at it? UPDATE: I was able to save all the .cs…

.net decompiling dotpeek

asked Mar 21 '16 at 19:57

Anton Nel

votes

6 answers

APKtools (APK Studio) Could not decode arsc file

I am tring to decompile an APK with AKP-Studio (it uses Apktool 2.0.0-Beta9) but on every APK I get this error: May 05, 2015 5:38:30 PM brut.androlib.ApkDecoder decode INFO: Using Apktool 2.0.0-Beta9 on com.****-1.apk May 05, 2015 5:38:30 PM…

android apk decompiling apktool

asked May 05 '15 at 13:18

MscEliot

votes

6 answers

What tools or libraries are there for decompiling python and exploring bytecode?

Lets say I have: >>> def test(a): >>> print a Now, I want to explore see how test looks like in its compiled form. >>> test.func_code.co_code '|\x00\x00GHd\x00\x00S' I can get the disassembled form using the dis module: >>> import dis >>>…

python decompiling

asked Jul 19 '09 at 08:59

idontreg

votes

4 answers

Why is it so easy to decompile .NET IL code?

Why is it so easy to decompile .NET IL-code into source code, compared to decompiling native x86 binaries? (Reflector produces quite good source code most of the time, while decompiling the output of a C++ compiler is almost impossible.) Is it…

.net bytecode cil decompiling intermediate-language

asked Mar 22 '09 at 18:30

compie

10,135
15
54
78

votes

5 answers

How do I detect if the app uses React Native, given APK file?

I downloaded APK file from Google Play, and want to know if the develop of the application have used React Native library. What's a quick and stable way to do that? (Would be even better if it's something I can potentially automate later - but such…

android apk react-native decompiling

asked Jun 01 '17 at 08:25

Max Yankov

12,551
12
67
135

votes

2 answers

How to decompile an android app from the google play store

I want to decompile one android app that is available on google play store. Can anybody suggest to me an online tool or any apktool that will help me to decompile source code of apk? Thanks in advance.

android decompiling apktool

asked May 03 '17 at 06:17

Sushant Patekar

Prev 1 2

…

70 71 Next