Announcement

Collapse
No announcement yet.

32bit Windows C/C++ Decompiler

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • 32bit Windows C/C++ Decompiler

    Greetings.

    I was wondering if anyone here could point me to some tool(s), freeware/share/commercial that would simplify the process of creating decent source code from an executable.

    It's been a long time since I tinkered with software without source, but I have a program I like, that nontheless is getting outdated, has been abandoned, and I've decided to take on as a hobby if I can :-)

    The last time I did any fun work like this was .. hum .. on the MC680x0, on an Amiga. One of the nicest asm languages, the 68K.. anyway, I am babbling.

    I would appreciate any help or pointers.

  • #2
    Originally posted by Salt
    I would appreciate any help or pointers.
    Try nasm; it might be what you're looking for. It's been a long time since I've done anything involving assembly, but I do seem to remember it also has decompilation tools included in the package. http://nasm.sourceforge.net .

    Comment


    • #3
      Originally posted by skroo
      Try nasm; it might be what you're looking for. It's been a long time since I've done anything involving assembly http://nasm.sourceforge.net .
      Thanks for the pointer. However, I was looking more for tools to help me create C source code from the binary/or disassembled code, which I can then use to expand & mantain the program once I have a decent source.

      It is sort of possible to do this by hand with a disassembler, but ... ouch.

      Just like a profiler traces the code of a program to optimize it, what I'm looking for is something that allows me to trace the execution, and translate the executing code to C code, and the data to well, data. :)

      Then my task would be simpler, I would only have to beautify and improve the generic code.

      The alternative is to trace the executing asm myself and manually create C code from it.. which is a most tedious task.

      Btw, for anyone looking for a nice disassembler, IDA Pro is pretty nice. They even offer a free version for those on a tight budget.

      Comment


      • #4
        Originally posted by Salt
        Thanks for the pointer. However, I was looking more for tools to help me create C source code from the binary/or disassembled code, which I can then use to expand & mantain the program once I have a decent source.
        Tools that do this are extremely rare. In fact, the only one I've seen was for HP-UX and targeted the output of a single compiler only. I don't think you'll be able to find one for Win32, but if you do let me know...
        45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
        45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
        [ redacted ]

        Comment


        • #5
          Hi. I'm learning some fundamental computer theory, but I'm ignorant about reverse-engineering executable programs. From a company I did business with, I received a link in an email to a suspicious program, so I've downloaded it and am curious what I can find out about it. It's 161 bytes, and could be completly harmess, but I'd like to know. Aside from allowing it to run in an isolated environment, what can I do to understand it?

          Thanks,
          -Mike

          Comment


          • #6
            Originally posted by itsstillmike
            Hi. I'm learning some fundamental computer theory, but I'm ignorant about reverse-engineering executable programs. From a company I did business with, I received a link in an email to a suspicious program, so I've downloaded it and am curious what I can find out about it. It's 161 bytes, and could be completly harmess, but I'd like to know. Aside from allowing it to run in an isolated environment, what can I do to understand it?
            Step 1: Learn the fundamentals how your target architecture works (x86 I'm guessing) such as how many registers it has, what execution units it has, etc.

            Step 2: Learn the target architecture's machine instructions and their assembly language representation.

            Step 3: Learn the system call interface for the underlying platform, or at least find a chart to use as a reference and have a basic understanding of what various system calls do.

            Step 4: Find a disassembler for the particular architecture/platform.

            Step 5: Disassemble the executable and scruitinize the resulting assembly code.
            45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
            45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
            [ redacted ]

            Comment


            • #7
              Originally posted by bascule
              Step 1: Learn the fundamentals how your target architecture works (x86 I'm guessing) such as how many registers it has, what execution units it has, etc.

              Step 2: Learn the target architecture's machine instructions and their assembly language representation.

              Step 3: Learn the system call interface for the underlying platform, or at least find a chart to use as a reference and have a basic understanding of what various system calls do.

              Step 4: Find a disassembler for the particular architecture/platform.

              Step 5: Disassemble the executable and scruitinize the resulting assembly code.
              Bascule, Thanks for the prompt response. So you're telling me that this is way beyond the scope of someone who's assembly language knowledge is minimal. Thanks for the informative reply.

              -Mike

              Comment


              • #8
                Im new here but i didi a search and found this site.



                http://www.programming-x.com/program...ranslator.html

                Comment


                • #9
                  Originally posted by Data Hunter
                  Im new here but i didi a search and found this site.



                  http://www.programming-x.com/program...ranslator.html
                  Thank you, banned dude, for dredging this thread up from nearly 2 year old mire only to contribute nothing useful.
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
                  [ redacted ]

                  Comment

                  Working...
                  X