Stack Overflow
Stack Overflow

Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

  • Decomposing assembler to a basic block.
  • Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

  • Retargetting code to a different instruction set.
  • Analyzing a binary for security issue.
  • Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also:

1056 questions
0
votes
2 answers

can vb.net application get decompiled into a source code?

Possible Duplicate: How can I protect my .NET assemblies from decompilation? I'm working on VB.NET application , and my question is : Can this application get decompiled into the source code ? if yes , how can I protect my source code from…
user1970090
  • 215
  • 4
  • 7
  • 15
0
votes
2 answers

Hide math formula/algorithm from decompilation in Java

I'm writing a desktop java application. The program receives XML files from the customer's server. The data in a couple of tags is of type integer and is "encrypted" with some math formulas. When my program parses XML files, I need to decrypt those…
Dmitry Stril
  • 1,385
  • 4
  • 16
  • 34
0
votes
1 answer

Adding new activity to Decompiled APK

I know a little about the dextool and apktool which can be used to decompile the apk. but neither of them explicitly explain adding any new activity to the decompiled APK. is it possible, and if its can you give me an example or any link directs me…
KaanB
  • 133
  • 15
0
votes
1 answer

Decompile a win32-virus-executable on linux

How can I decompile a win32 x68 executable with ubuntu linux 32 bit? I worked on Windows with IDA Pro, but as this is a windows-virus I cannot do this on my windows-machine. Edit: Please name me an application for that.
Johannes Mittendorfer
  • 1,102
  • 10
  • 17
0
votes
4 answers

Add try catch in a java class file

I have a java class file, 3rd part, I do not have its source, but it always throw some exception in one of its methods, I want edit that method, to add a try catch block for it. I tried to de-compile it, but the source is not good for use, it looks…
virsir
  • 15,159
  • 25
  • 75
  • 109
0
votes
1 answer

CAVAJ java decompiler see all the code ofuscated by CodeGuard

I am trying to protect one java program. I am using CodeGuard but when i use a decompiler as CAJAV I can see all the code of my program. I am using maven2. I use this pom.xml in MAVEN:
dlopezgonzalez
  • 4,217
  • 5
  • 31
  • 42
0
votes
1 answer

Database password from VB6 application

I've inherited a Visual Basic 6 application that accesses a database directly, and I intend to rewrite it in Java. However, something I NEED is the database user+password, which I believe is hard-coded into the application's source. Unfortunately, I…
WhyNotHugo
  • 9,423
  • 6
  • 62
  • 70
0
votes
1 answer

What information contains in gap between method table and method body in java bytecode

I'm trying to figure out structure of java bytecode. and till the method table it all flows as described in http://en.wikipedia.org/wiki/Java_class_file but after that, there is a huge gap between method body (which I found by passing hex codes for…
Andrey
  • 810
  • 1
  • 9
  • 20
0
votes
0 answers

Decompile method from assembly (ICSharpCode)

I'm trying to decompile a method programmatically using ICSharpCode. I'm able to decompile the entire type, but whenever I try to decompile a single method, I get a null reference exception. The approach is much like this question…
jaspernygaard
  • 3,098
  • 5
  • 35
  • 52
0
votes
3 answers

how to write code in asp.net to stop reverse engineering of asp.net application

We are having an application that is downloadable. We want to stop the application being reverse engineered by someone to lose our business. It there any way to stop this?
Jalpesh Vadgama
  • 13,653
  • 19
  • 72
  • 94
0
votes
1 answer

How should I reverse engineer this simple javascript animation?

I came across this Slate article that presents data in a new and interesting way. How can I reverse engineer the website so I can learn, and potentially imitate the technique on my own. To keep this constructive for future websites, please describe…
makerofthings7
  • 60,103
  • 53
  • 215
  • 448
0
votes
1 answer

How to identify the annotation based configured transaction details?

When I decompile the source code of a class, which is using a transaction in a method. I am not able to see the configured transaction details. class A { @Transactional(readOnly = false, propagation = Propagation.REQUIRED) public List
subodh
  • 6,136
  • 12
  • 51
  • 73
0
votes
1 answer

In C# what does expressionStack_xx_x mean?

I just decompiled an assembly file using .net reflector in C# and noticed a lot of expressionStack_xx_x expressions which I never encountered before. From my understanding, the compiler replaces variables with this expression but I am not certain.…
Arthur Mamou-Mani
  • 2,303
  • 10
  • 43
  • 69
0
votes
2 answers

Extract the content in a swf file

I have an .swf file and i need to extract the content inside the .swf file in this case are .mp3 files, is there any way to parse or decompile the .swf file to extract its content?
Nudier Mena
  • 3,254
  • 2
  • 22
  • 22
0
votes
1 answer

jad "Version mismatch: major.minor = 49.0, expected = 45.3", what's version of .class file?

I used jad to decompile the class but in AIX system, such error thrown. Version mismatch: major.minor = 49.0, expected = 45.3 I don't know what's the version of .class file, how can I avoid this?
JerryCai
  • 1,663
  • 4
  • 21
  • 36
1 2 3
70 71