I am really interested in assembly language and I want to learn about how exe files work how dlls run etc... and I have an idea of writing an application to decompile an exe to assembly code since i am not a very good assembly programmer and with the lack of knowledge of the inner working of exe I couldn't do it. Since I can read an exe in hex i think it is not impossible but I don't know how to write my own program. Any resources or any help would be appreciated.
I think you're looking for a disassembler not a decompiler. IDA pro seems to be popular and you can download an older version for free at http://www.hex-rays.com/idapro/idadownfreeware.htm
There are a lot of dissemblers already written for you (see above), but I don't think reading disassembled code is going to help you become a better assembly writer. The main reason for this is that compilers do A LOT of optimization before they generate assemblies. Often this makes for very tricky code to read but highly efficient code to analyze.
If you're interested in what a compiled program looks like at the a assembler level a much more meaningful approach would be compile and look at the generated assembly. For example with gcc/g++ this just requires gcc -c -S filename.c and will leave a clear text assembly file to look at.
Take a look at this Decompilation Wiki, I suspect it will answer most of your questions.
Related
We are looking for quick basic decompiler. The program is very old, written in DOS now we wish to enhance that code in Windows with additional functionalities. Unfortunately the developer is not traceable and only hope is decompilation.
Please suggest the best way to achieve this challenge.
Thank you
[ By Dan in the QB forum on http://qbasicnews.com , May 04, 2003 ]
Here's Microsoft's response to that question:
Microsoft does not currently offer any product capable of "decompiling" an object (.OBJ) or executable (.EXE) file back to the original source code (.BAS). The following are several reasons for this:
No decompiler could exactly reproduce the original source code.
When a program is compiled to an object and linked to produce an executable, most of the "names" used in the original program are converted to addresses. This loss of names means that a decompiler would have to create unique names for all the variables, procedures, and labels, and these names would not be meaningful in the context of the program.
Obviously, source language syntax no longer exists in the compiled object file or executable. It would be very difficult for a decompiler to interpret the series of machine language instructions that exist in an object or executable file and decide what the original source language instruction was.
If such a decompiler did exist and was available, anyone could use it to decompile any executable program produced in the language the decompiler was designed for.
For instance, if a Microsoft BASIC decompiler existed, anyone with that decompiler could use it on an executable that you had produced and from that executable obtain a copy of your source code. The source code to any program you wrote in Microsoft BASIC would be available to anyone with the decompiler. Few developers of commercial software would want to use a language product that could be deciphered, thus allowing others to obtain their source code.
There's some talk from ex-microsoft programmers who swear there was one made for thier private use. I've also seen a Basic decompiler service on a web site which does provide some working BAS code from your exe, but it's a mess and not worth the money asked for the service (http://02c1289.netsolhost.com).
I can tell you as a BASIC software developer for nearly all of my career that this is not what you want. When it came time to "port" my accounting software from DOS BASIC to Visual BASIC having the source code and a complete understanding of the code, since it was my own code, did not help in the least. It may be an over-used expression, but DOS and Windows are apples and oranges. You cannot simply convert the code, you must redesign and code the system.
All you need to do that is what you already have - a working version of the compiled code. Use it's screens to design your databases and screens in Windows, then write the underlying code. The design of those two things is often half to 90% of the work anyway. Now it did help me to have my own source for things like "how did I calculate those taxes again?" I could copy the pure logic code from DOS to Windows with little or no change, but anything involving the database or user interface had to be completely redone.
If you're not up to it, look for someone who is.
Again, you do NOT need the source code unless there's some kind of secret algorithm that you need to duplicate and don't understand yourself.
I have some source code for the BaNa Noise Resilient Pitch Detection Algorithm downloaded here, and I am planning to use the code they provided as a library for a mobile app I'm making. It's written in Objective-C for MATLAB and so I'd probably need to deploy it to a DLL to be able to use it for external applications.
The only thing is that I'm a student, and I don't really have the funds to purchase MATLAB just to be able to work with this algorithm, and so I'm downloading Octave, which was a suggested alternative. This should be able to make working and editing the code for my research possible, but my concern is if I can deploy the code into usable libraries for the application in which I'm going to make using the Unity Game Engine.
I'm not sure if the direction I'm going at will bring me to a dead-end or not, so I'd like to ask for insights regarding this.
What I have now:
1) Source code in MATLAB (.m files)
2) Octave (currently downloading, I'm not even sure if it has the built-in methods I need)
What I plan to do:
1) Use Octave to edit code and test out if the code I have works
2) Deploy it to a DLL file (Is this even possible with Octave?)
3) Use that DLL in Unity3D
Would you guys have any suggestions, alternative workarounds, or foreseeable problems I may encounter with this? Any advice would be greatly appreciated.
Thank you in advance,
Justin
Depending on what functionality from MATLAB (and especially toolboxes), the code should run just fine in Octave, maybe with some minor modifications. If however, the code relies heavily on some toolbox functionality that has not been implemented in Octave, then you have a fair amount of recoding to do.
There is not easy way that I know of to generate a DLL from Octave. Having said that, have a look at How do I create a simple Octave distributable without installing Octave and this section of the Octave documentation on the subject of generating standalone programs from Octave, it might point you in the right direction.
I'm going to give the source code of my program which need ws2_32 library to some rookie programmers who don't know a lot about c++. So it should be as simple as possible for them. the Compiler of Visual Studio supports #pragma comment with which i can add library but I don't know what to do with other compilers like MinGW or GCC. Is there any code that I can add to my source so that the library links automatically?
I would just write a makefile that pulls in all the stuff they need. Easiest for you and them I suppose.
Or is there any real reason not to handle it with makefiles? I can't imagine anything being much easier.
I don't know if this is the correct place to post this question, so sorry if it is in the incorrect place.
Question:
How easy is it for a third-party person to decompile my vb.net application? I mean is it even possible?
For example, I have an .exe, would someone just put that .exe into a decompiler and... BAAM!!, they can see all the code? Speaking of code, when compiling, does the code get encrypted? If not, is there a way to encrypt the code?
I have used SWF decompiler to decompile a .SWF to .FLA, and to decompile an SWF is really really easy with this tool. Would it be this easy to decompile an .exe?
Thanks.
Yes. You can decompile your code very easily. .Net Reflector is an excellent tool to do exactly as you describe.
Imagine if you encrypted the code. The runtime on the users computer would still need to decrpyt it to understand it.
Best you could do would be to obfuscate your code.
.net reflector is not free anymore, I recommend telerik JustDecompile, free and very easy to use, a great tool http://www.telerik.com/products/decompiler.aspx . It's able to decompile everything the way you described
I am trying to protect my dll from disassemblers.
I am using "Eazfuscator.NET Assistant" as dll encryption tool. but after that the Reflector still can read the source code. is it anything i need to do before using Eazfuscator or after? or can anybody can introduce me a free encryption tools which it is can help me to encrypt my source code?
Thank you very much.
You can consider .Net Reactor it works for me.
You can try code obfuscators. Also you can try to pack your dll with software like UPX. Although it could be disassembled it will be much harder do understand what's going on in the assembly.
There are some more techniques like:
Adding garbage code, which can confuse anyone reading disassembly.
Adding breakpoint detection code.
Adding self modifying code.
Doing PEB structure checks.