Thank you, banned dude, for dredging this thread up from nearly 2 year old mire only to contribute nothing useful.

Im new here but i didi a search and found this site.



https://www.programming-x.com/progra...ranslator.html

Bascule, Thanks for the prompt response. So you're telling me that this is way beyond the scope of someone who's assembly language knowledge is minimal. Thanks for the informative reply.

-Mike

Step 1: Learn the fundamentals how your target architecture works (x86 I'm guessing) such as how many registers it has, what execution units it has, etc.

Step 2: Learn the target architecture's machine instructions and their assembly language representation.

Step 3: Learn the system call interface for the underlying platform, or at least find a chart to use as a reference and have a basic understanding of what various system calls do.

Step 4: Find a disassembler for the particular architecture/platform.

Step 5: Disassemble the executable and scruitinize the resulting assembly code.

Hi. I'm learning some fundamental computer theory, but I'm ignorant about reverse-engineering executable programs. From a company I did business with, I received a link in an email to a suspicious program, so I've downloaded it and am curious what I can find out about it. It's 161 bytes, and could be completly harmess, but I'd like to know. Aside from allowing it to run in an isolated environment, what can I do to understand it?

Thanks,
-Mike

Tools that do this are extremely rare. In fact, the only one I've seen was for HP-UX and targeted the output of a single compiler only. I don't think you'll be able to find one for Win32, but if you do let me know...

Thanks for the pointer. However, I was looking more for tools to help me create C source code from the binary/or disassembled code, which I can then use to expand & mantain the program once I have a decent source.

It is sort of possible to do this by hand with a disassembler, but ... ouch.

Just like a profiler traces the code of a program to optimize it, what I'm looking for is something that allows me to trace the execution, and translate the executing code to C code, and the data to well, data. :)

Then my task would be simpler, I would only have to beautify and improve the generic code.

The alternative is to trace the executing asm myself and manually create C code from it.. which is a most tedious task.

Btw, for anyone looking for a nice disassembler, IDA Pro is pretty nice. They even offer a free version for those on a tight budget.

Try nasm; it might be what you're looking for. It's been a long time since I've done anything involving assembly, but I do seem to remember it also has decompilation tools included in the package. http://nasm.sourceforge.net .