Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

Decomposing assembler to a basic block.
Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

Retargetting code to a different instruction set.
Analyzing a binary for security issue.
Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also: disassembling reverse-engineering

1056 questions

votes

1 answer

Prevent Decompilation of jar containing Java 8 code

I am developing my app using Java 8 and I need to prevent my App from Decompilation. As I've done research in Progaurd too , as progaurd is supported until java 7 but am using java8 so anybody suggest any solution to prevent my App from decompiling.

jar decompiling java-8

asked Mar 04 '14 at 10:29

GowthamIyer

votes

1 answer

Working with decompiled java code

In my recent project, we are in need to modify some business rules, but we don't have source code. I took latest production deployed jar file and opened it through JD-gui. By using option save All resources i am able to get de compiled java files.…

java decompiling

asked Feb 26 '14 at 03:10

Apt

votes

1 answer

Error on decompiling apk

I'm trying to decompile an apk. but I face with this error: Could not find the main class: brut.apktool.Main. Program will exit. Exception in thread "main" ----------------------------------------------------- --------------------- |Wed 02/26/2014…

android reverse-engineering decompiling

asked Feb 25 '14 at 21:06

Husein Behboudi Rad

5,434
11
57
115

votes

1 answer

Decompiling - _thiscall expression

I'm using Hex-Rays's IDA Pro to decompile a binary. I have this switch: case 0x35: CField::OnDesc_MAYB(v6, a6); break; case 0x36: (*(void (__thiscall **)(_DWORD, _DWORD))(*(_DWORD *)(a1 - 8) + 28))(a1 - 8, a6); break; case 0x3A: …

decompiling decompiler ida

asked Feb 23 '14 at 15:44

user3265040

votes

1 answer

Can I decompile a x86 library, then compile it to ARM?

I know this is really hard, but I have a library that is in x86, and I want to compile it to ARM to run it on my Rasberry Pi. I've read that some software like Hex-Rays is capable of decompiling, after doing so, is it easy to recompile to arm? Or…

x86 arm shared-libraries cross-compiling decompiling

asked Feb 15 '14 at 20:41

MasterWizard

votes

2 answers

Hindering decompilation of android applications?

Is it possible to prevent or otherwise hinder the decompilation of your own applications? Programmatically or otherwise?

java android apk decompiling

asked Feb 13 '14 at 17:39

Christopher Lawless

1,057
2
12
19

votes

1 answer

aapt, ERROR: dump failed because no AndroidManifest.xml found

I know there are a lot of these topics around but none seem to help in my case, nor describe it exactly. My problem is when I run this command ./aapt d test.apk myfolder (in mac) I'm getting ERROR: dump failed because no AndroidManifest.xml found I…

android decompiling aapt

asked Feb 11 '14 at 08:21

Hesam

52,260
74
224
365

votes

2 answers

Extracting java class files from jar

I had running executable jar of a Java project. Unfortunately I have lost all the source code but I still got the executable jar of it. Is there any possibility to extract my classes from the jar? I have tried extracting but class files are in…

java decompiling

asked Feb 04 '14 at 10:11

Muthu

votes

3 answers

Are these encoded codes?

Possible Duplicate: What does the jsr keyword mean? i used a decompiler to decompile a .class file it seems that it decompiled everything except some code at the bottom are very strange and since im new to java im not sure what they mean: …

java applet decompiling

asked Jan 25 '10 at 21:41

mike

votes

1 answer

Are there any tools to extract basic blocks and CFG (Control Flow Graph) from executable files

I'm working on source code control flow obfuscation in native code such as C/C++. I'm researching on some techniques which do it and resulting spaghetti code. But we want to evaluate compiled file and compare the original one with equivalent…

c++ reverse-engineering decompiling

asked Jan 14 '14 at 11:03

Ali Adlavaran

3,697
2
23
47

votes

1 answer

Avoiding Eclipse Errors When Decompiling Android APK

I'm working on reverse engineering / decompiling an APK file - I was able to use: http://www.decompileandroid.com/ I'm sure APK tool is a better option (I'd love to hear the reasons why though) but in this instance it worked - sorta. My problem -…

eclipse reverse-engineering decompiling apk

asked Jan 02 '14 at 00:06

ClawWorm

votes

1 answer

apk terminal installation failed, recompiled as soon as decompiled

I'm trying to modify a theme for android (cm11). Since I failed to install the theme with my modifications, I tried to decompile it and recompile the apk without changing anything. The error that i have in return is always the same: Failure…

android apk decompiling

asked Dec 31 '13 at 09:55

Heavp

votes

2 answers

Decompiling Delphi .dcu to .pas

I'm running RAD Studio Delphi XE2. Something strange appears to have been done to one of my .pas files. Many of the lines from my unit1.pas have been replaced with simply 'º' and others are missing. I am left with a small section of code from…

delphi syntax-error decompiling

asked Dec 20 '13 at 15:56

Trojanian

votes

1 answer

Android apk decompilation from bat won't start

I'm trying apk tool, following the instruction I have create a folder with Where -myapp.apk is a sample app that I want to decompile My bat Decompile.bat is @echo off pushd "%~dp0" apktool if myapp.apk apktool if framework-res.apk apktool d…

android batch-file decompiling

asked Dec 13 '13 at 14:51

AndreaF

11,975
27
102
168

votes

3 answers

Decompile without CLI header?

Is it possible to decompile an executable that when trying to decompile w/ Reflector, errors out with "Module ... does not contain a CLI header.", and if so, how to decompile this to C#? Thank you.

c# .net decompiling

asked Jan 12 '10 at 01:54

ElHaix

12,846
27
115
203

Prev 1 2 3

…

70 71 Next