Stack Overflow
Stack Overflow

Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

  • Decomposing assembler to a basic block.
  • Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

  • Retargetting code to a different instruction set.
  • Analyzing a binary for security issue.
  • Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also:

1056 questions
18
votes
2 answers

IDEA 14. Decompile my own classes(from output directory)

I want to look at the code generated from my own sources but it seems that IDEA doesn't decompile them using new fernflower plugin using IntelliJ API Decompiler instead. At least I have header comment // IntelliJ API Decompiler stub source generated…
Seagull
  • 13,484
  • 2
  • 33
  • 45
18
votes
2 answers

How are Scala closures transformed to Java objects?

I'm currently looking at closure implementations in different languages. When it comes to Scala, however, I'm unable to find any documentation on how a closure is mapped to Java objects. It is well documented that Scala functions are mapped to…
theDmi
  • 17,546
  • 6
  • 71
  • 138
18
votes
8 answers

Best (free?) decompiler for C# with Visual Studio integration?

In my Java development I have had great benefit from the Jad/JadClipse decompiler. It made it possible to know why a third-party library failed rather than the usual guesswork. I am looking for a similar setup for C# and Visual Studio. That is, a…
Soraz
  • 6,610
  • 4
  • 31
  • 48
18
votes
3 answers

How hard is it (really) to decompile assembly code?

I'm trying to find hard facts that will help my management understand how hard/easy it is to reverse-engineer compiled C code. Similar questions have been asked before on this site (see e.g. Is it possible to “decompile” a Windows .exe? Or at least…
lindelof
  • 34,556
  • 31
  • 99
  • 140
18
votes
1 answer

Alternative to dex2jar and jd-GUI?

it seems that either dex2jar and/or jd-GUI gives bad de-obfuscation even for the simplest code of if-else condition (they show a while(true) loop which has a return; on its first line . are there any other freeware apps that do the same work of…
android developer
  • 114,585
  • 152
  • 739
  • 1,270
17
votes
2 answers

Strange assignment, TextView to Bundle, after decompiling, why?

I created a simple application, a counter app, that upon pressing a button increments a integer by one and updates a textview. The code can be seen below: public class MainActivity extends Activity { public static int count = 0; @Override …
Rawa
  • 13,357
  • 6
  • 39
  • 55
17
votes
3 answers

How to remove class file in .jar file and change it with my own implementation

So, I have third party library, which is a .jar file. There are some classes in that jar. The problem is, there is one bug in one class in that .jar. I know it because I can decompile the jar file, to look at the java code, which is I am pretty…
Agung Pratama
  • 3,666
  • 7
  • 36
  • 77
16
votes
2 answers

how to decompile .jasper files into .jrxml files

I lost all my .jrxml files, but I have .jasper files. Can I decompile .jasper files to .jrxml files? If yes, that would be a great help for me.
diligent
  • 2,282
  • 8
  • 49
  • 64
16
votes
2 answers

Best tool(s) for decompiling Lua bytecode?

I am really having trouble finding a good working Lua bytecode decompiler. I'm trying to decompile some scripting files I found in a game but they appear to be compiled, yet don't seem impossible to decode. What's the best tool to decompile Lua…
Jonathan Prior
  • 6,114
  • 7
  • 29
  • 26
16
votes
0 answers

Decompiled Sources only show "throw null" for every .NET Framework class

I have installed Visual Studio Community 2019, version 16.3.3 (including "ASP.NET and Web development" and ".NET Core cross-platform development") and have checked "Enable Navigation to decompiled Sources", and created a new ASP.NET Core Web…
z_eb
  • 321
  • 2
  • 14
16
votes
1 answer

Simple hiding/obfuscation of strings in APK?

Sometimes you need to store a password in the app itself, such as a username/password for communicating with your own server. In these cases it's not possible to follow the normal process of storing passwords - i.e. hash the password, store the…
Magnus
  • 17,157
  • 19
  • 104
  • 189
16
votes
2 answers

java inner/outer class questions about outer class private variables access

I have the following java class: class Outer { private Integer a; private Long b; class Inner { public void foo() { System.out.println("a and b are " + a + " " + b); } } } when I run javap…
shrini1000
  • 7,038
  • 12
  • 59
  • 99
15
votes
5 answers

Is it legal to decompile an APK and use part of its code in your app

Is it legal to decompile an apk and use part of it's code? (more specifically: a URL connector (I haven't learned that yet)). The rest of the app (layouts and such) is made by me. Can I publish this app without being concerned on the legal front?
Felipe Suman
  • 421
  • 2
  • 5
  • 9
15
votes
1 answer

What does it mean when you have a variable like access$002 in Java?

I have a java jar I have decompiled with permission of the original developer that we are to use until they can get us a copy of the source code. I have run into a member of a class that looks like the following: Classname.access$002(Param1,…
codewario
  • 19,553
  • 20
  • 90
  • 159
15
votes
1 answer

How to decompile iOS apps?

I want to see the code of an iOS app. The app I downloaded is .deb. First question: Is it possible to install .deb file on iOS or I downloaded a wrong file? After unpacking the .deb file, I got some files, including .nib, .storyboard and some other…
ahmadhhh
  • 167
  • 1
  • 1
  • 5
1 2 3
70 71