Decompiler
A decompiler is the name given to a computer program that performs the reverse operation to that performed by a compiler. That is, it translates a file containing information at a relatively low level of abstraction (often designed to be computer readable rather than human readable) in to a form having a higher level of abstraction (often designed to be human readable). This term is most commonly applied to the translation of executable programs (the output from a compiler) into source code in a (relatively) high level language (that when compiled will produce an executable whose behavior is the same as the original executable program). By comparison, a disassembler translates an executable program into assembly language (an assembler could be used to assemble it back into an executable program).
Decompilation is the act of using a decompiler, although the term can also apply to the decompiled output. It can be used for the recovery of lost source code, and is also useful in some cases for computer security, interoperability, error correction, and more (see "Why Decompilation"). The success of decompilation depends on the amount of information present in the code being decompiled and the sophistication of the analysis performed on it. The bytecode formats used by many virtual machines (such as Java's JVM) often include extensive metadata and high-level features that make decompilation quite feasible. Machine code has typically much less metadata, and is therefore much harder to decompile.
Some compilers and post compilation tools obfuscate the executable code (that is, attempt to produce output that is very difficult to decompile). This is done to make it more difficult to reverse engineer the executable.
See also
- disassembler
- compiler
- linker
- interpreter
- abstract interpretation
- obfuscating software
- obfuscated code
- reverse engineering
External links
General information
- The DeCompilation Wiki discusses various aspects of decompilation: history, research, decompilers for machine code, Java, Visual Basic, and so on.
- Legality of Decompilation, part of the above Wiki, discusses legal aspects of decompilation.
- A detailed article on various aspects of decompilation, including how to decompile an executable by hand.
- Citations from CiteSeer
Decompilers
- Lutz Roeder's .NET Reflector is a widely adopted tool combining a class browser and a decompiler for the purpose of navigating and understanding code libraries.
- Dis# - .NET decompiler which allows you to edit local variables and other names in the decompiled code and keep the changes in a project file.
- The Boomerang Decompiler is an open-source attempt at a retargetable machine code decompiler. It is presently capable of decompiling small binary files (Pentium, SPARC, and PowerPC) to the C language. Boomerang is available under a BSD-like licence, and can be run on various Unix and Windows platforms.
- REC - Reverse Engineering Compiler by Giampiero Caprino. REC is a portable reverse engineering compiler, or decompiler. It reads machine code file for one of several architectures, and attempts to produce a C-like representation of the code and data used to build the executable file. Versions of REC for several platforms can be downloaded for free.
- dcc - Dos C Decompiler decompiles .exe files from the (i286, DOS) platform to C programs.