Questions tagged [decompiling]

Decompilers analyze binary code outputting source code in a higher level language such as C. The output is generally not any easier to analyze than the original assembler due to loss of information during compilation.

The concept of a decompiler seems simple to most people. A compiled binary was created from source code, so the operation seems like it should be reversible. However, there are some challenges that a decompiler faces:

Decomposing assembler to a basic block.
Lose of information during compilation.

Decomposing Basic blocks

Hand crafted assembler may confound analysis into a basic block, which will prohibit the creation of a control flow graph. For example, hand crafted assembler is not bound to follow a function prologue and epilogue. Assembler may make use of instructions that do not map to a higher level language. It may use self-modifying code and multiple entry points (even mid-instruction) for legitimate purposes or to foil reverse engineering. Aggressive compiler optimization may produce the same effects under some cases.

Loss of information

Comment and variable names are obviously lost information in the decompilation process. As well, compilers aggressively optimize code; a key part being to keep high level variable in registers. Because of this, a register maybe re-used for many different high level variable. This may result in the decompiled code have a different amount of variables and control structure from the original code. Also, different compilers (or even different optimization levels) generate different code for the same source code. Ie, the source to machine mapping is compiler dependent. Without hints to the decompiler, it cannot generically re-generate the same source. Often the decompiled code will resemble obfuscated code.

Cristina Cifuentes's research paper from Queensland University of Technology give more technical details of a decompiler. The Boomerang project is an example of an Open Source decompiler.

Some general uses of a decompiler:

Retargetting code to a different instruction set.
Analyzing a binary for security issue.
Patching code for an operating system update.

Due to the loss of information, decompiled code may not assist in understanding assembler code. It certainly can not produce the original source code. Examining decompiled code can give an appreciation of good variable naming.

See also: disassembling reverse-engineering

1056 questions

-1

votes

2 answers

What does "-~~--~-~~" mean in obfuscated C# code?

I'm hunting for a potential logic bomb in some C# code, which is obfuscated. Using JetBrains DotPeek, Visual Studio and some search&replace I was able to mostly reconstruct an executable program that can undergo some dynamic analysis. Problem: the…

c# obfuscation decompiling

asked Jun 10 '21 at 15:22

usr-local-ΕΨΗΕΛΩΝ

26,101
30
154
305

-1

votes

1 answer

decompile and compile Jar File

we have a problem at work right now. We have a jar file without corresponding source code from a software. We only have older versions of the code. But we need to make changes to the current source code. So I tried to decompile the jar file with…

java javafx jar compilation decompiling

asked May 07 '20 at 07:52

TJAY

-1

votes

3 answers

How to protect intellectual property on someone else's server

Person A owns a server (in particular, an Amazon EC2 instance). I have to upload a binary (written in C++) onto this server which periodically receives data from a third party server, and then periodically and strategically sends HTTP requests to…

c++ reverse-engineering disassembly decompiling copy-protection

asked Nov 26 '19 at 20:31

galpo

-1

votes

1 answer

.exe MATLAB file decompilation

I am trying to decompile a 32KB .exe MATLAB file. I tried the Boomerang software, it extracts the project m-files and figures. the figures are ok and the MATLAB can show them. but when I open the m-files, it contains unmeaning characters. how can I…

matlab decompiling matlab-deployment matlab-compiler

asked Apr 30 '11 at 08:02

user732194

-1

votes

1 answer

loop optimization difference for

Is there any difference between these two in terms of efficiency? Is the second more optimized? I compiled the first code, and then I decompiled it, resulting second code. for (i = 0; i < n; ++i) { if (a[i] == x) { printf("%d", a[i]); …

c optimization compilation decompiling

asked May 03 '19 at 19:56

DanielC

-1

votes

1 answer

Obtaining ASM of a program using C++

I was wondering if there is a simple way of using C++ to take a path of an executable and then fetch it's ASM? External library or command-line program solutions are accepted :)

c++ decompiling

asked Oct 21 '18 at 05:31

siroot

-1

votes

3 answers

Im trying to figure out how I can decompile this obfuscated Lua script

So I've been trying to figure out how to decompile dlls, java, and Lua files but once I ran into this one I got stumped. Does anyone have any ideas on how I can decompile this? Since the script was way too big I put it in a pastebin link.…

lua decompiling roblox deobfuscation

asked Jun 14 '18 at 23:36

xSniivy

-1

votes

1 answer

How to Decompile an unknown packed .exe

I'm new to decompiling, so I'm sorry if I sound like an idiot. Using Process Explorer I found out that the .exe I want to decompile is packed, and via PEiD it says "Nothing found *" . Due to it being packed, I am clueless on how to proceed. Any…

decompiling ida ollydbg

asked Feb 07 '18 at 23:39

Denis

-1

votes

2 answers

How does Android compile a Java method to an compiled method?

Recently I decompiled some Android APKs with dex2jar, jd-gui and Android studio. Why can some classes' methods see the source code, and some classes' method can only see /compiled code/? What's the difference between these two class when…

android compilation decompiling

asked Jan 10 '18 at 07:43

zccneil

-1

votes

1 answer

Why is it looking like this?

I am trying to decompile a .swf file so I can read and understand it but when I am decompiling the .swf it looks like this. Have I found the right .swf file or what is the problem?

actionscript-3 flash decompiling source-code-protection

asked Oct 27 '17 at 21:42

GoingForIt

-1

votes

1 answer

How to understand what my vb decompiler have decompiled

Ok, guys, I have decompiled a program which has decompiled this solution. Can someone translate this solution because I don't have any clue what is that. Language is VB.net Structure proizvod indeks is index kriterij is norm proizvod is…

vb.net decompiling

asked Jun 20 '17 at 18:23

Chumpa Chumpa

-1

votes

1 answer

Encrypt Visual Basic Project

Can I encrypt a Visual Basic project so it can't be decompiled by dotPeek or any other software? I have done some research and I can't find anything.

vb.net visual-studio obfuscation decompiling

asked May 14 '17 at 02:59

TheSpiralNetwork

-1

votes

2 answers

Get source code of my installed Android app

I made an app and installed it on my phone and it's working on my phone, can I get that source code back? Formatted my hard drive and didn't backup the project. It's not a big project but it'd be nice if I could get it back easily.

java android apk decompiling

asked Dec 23 '16 at 19:11

qwert

-1

votes

2 answers

Delphi dfm bad compiler

All exes compiled can be decompiled (but with some hardship ) but delphi application forms are saved as dfms inside exe which can be seen easily (with reshacker) (soooo easily ) can i overcome these problems ,first i thought of copying dfm data to…

delphi hex decompiling dfm

asked Nov 01 '10 at 15:24

Vibeeshan Mahadeva

7,147
8
52
102

-1

votes

1 answer

SDK to extract code out of .net assembly to recreate the source code?

Is there a SDK I can use to extract code out of .net assembly to recreate the source code?

.net decompiling system.reflection

asked Nov 09 '16 at 00:30

user3845056

Prev 1 2 3

…

70 71 Next