An optimizing JIT byte-code compiler would do a far better job of hiding Python source than any of the ideas presented so far. The resulting executable would be no easier to decompile than a program made with C. The more optimization the compiler does, the harder it would be to decompile the results. Ideally, the compiler would maximally execute the Python program before freezing it into an executable. ("Maximal," in this sense, means performing all execution that does NOT depend on outside data or stimulus.)
Decompilation, Security software
Decompilation, Security software
Decompiling isn’t a criminal thing unless you’re using it on software that you didn’t write where the license forbids reverse engineering. Google shows a couple of Visual Basic decompilers but you’ll most likely be very disappointed with the results. Compiling process tends to further optimize the code and loses some of the original structure.
BTW, why didn’t you keep a set of backups offsite?
The lock boxes at the local bank are a perfect place to drop off a couple of backup CD’s at least once a month. Not only should you keep copies of your software but copies of your tools as well, like Visual Studio, basically anything you rely on to maintian your business should be burned onto backup CDs and stored offsite.
Decompilation
Decompilation
Algorithms are given to transform unstructured program schemas into equivalent structured forms. These algorithms are shown to have a computational complexity which is linearly related to schema size for almost all schemas, but at worst exponential with an exponent greater than but asymptotically close to one for large problems. Structuring is achieved by first identifying the forward paths of the schema and reducing them to an equivalent structured elementary path E. Each back path of E is then recursively structured to an equivalent single back arc, thus reducing the original schema to a single elementary path together with a set of possibly overlapping back arcs. The remaining unstructuredness is removed by recursive application of a loop-structuring algorithm. The algorithms are illustrated by application to a complex hypothetical schema and to two practical problems.
Decompilation
Decompilation
Abstract Advanced computer architectures rely mainly on compiler optimizations for parallelization, vectorization, and pipelining. Efficient code generation is based on a control dependence analysis to find the basic blocks and to determine the regions of control. However, unstructured branch statements, such as jumps and goto’s, render the control flow analysis difficult, time-consuming, and result in poor code generation. Branches are part of many programming languages and occur in legacy and maintenance code as well as in assembler, intermediate languages, and byte code. A simple and effective technique is presented to convert unstructured branches into hammock graph control structures. Using three basic transformations, an equivalent program is obtained in which all control statements have a well-defined scope. In the interest of predication and branch prediction, the number of control variables has been minimized, thereby allowing a limited code replication. The correctness of the transformations has been proven using an axiomatic proof rule system. With respect to previous work, the algorithm is simpler and the branch conditions are less complex, making the program more readable and the code generation more efficient. Additionally, hammock graphs define single entry single exit regions and therefore allow localized optimizations. The restructuring method has been implemented into the parallelizing compiler FPT and allows to extract parallelism in unstructured programs. The use of hammock graph transformations in other application areas such as vectorization, decompilation, and assembly program restructuring is also demonstrated
Decompilation
Decompilation
A decompiler accepts low-level object code and produces the high-level source code that compiles into the object code. This paper describes a technique for constructing decompilers using attribute grammars and functional programming. Given the grammars for the source and object languages, the authors show how to augment the source language grammar with attributes—values passed up and down the parse tree while it is being constructed—so that the grammar efficiently generates only acceptable source code. A decompiler is an implementation of an attribute grammar as a functional program. Some care is required when implementing infinite attributes (such as the set of “if†statements); an enumeration over a set of infinite attributes should result in all possible combinations. Defining list-manipulating operations with the proper interleaving behavior results in a straightforward translation from an attribute grammar to a functional program. Computability and abstract execution arguments show, among other things, that desirable general decompilation algorithms also solve the halting problem, and so do not exist, and that, for a properly behaved attribute grammar, the associated decompiler properly generates the infinity of source codes. This work represents a useful first step toward decompilation; it will be interesting to see how it can be extended, for example, to deal with optimized object code or to recover the original source code’s type structures. A familiarity with attribute grammars and functional programming speeds the reading along, but is not necessary for the diligent reader.
Decompilation
Decompilation
This is a common claim, and completely preposterous. Even if you could decompile to the absolute original source, including comments, local variable names etc, that wouldn’t make the application Open Source Software. The Open Source movement is about software licences – what you have the legal right to do. If the author of the software doesn’t let you have the source without reverse engineering it, that isn’t Open Source Software. (There’s more to it than that, of course, but that’s enough to show the absurdity of the myth.)
How Severe Is The Problem?
Many developers have been shocked by how easy it is to decompile their code, and fear that it means they no longer have any way of protecting their intellectual property. In practice, I don’t believe the problem is nearly as big as it’s claimed to be. Firstly, intellectual property is almost always within the design of a system, not in the individual bits of implementation. If you design a world-beating application, chances are that the reason it’s world-beating will be obvious to anyone who uses it anyway. Only a very few areas in computing are really all about which algorithms are used, and how they’re implemented – areas such as sound and video compression.
Have you ever tried to read a large amount of code without any documentation, comments or meaningful local variable names? In my experience, it can be hard enough to understand code when you do have design documents and comments, let alone without it. Now, let’s make it even harder
ASP.NET security, Decompilation
algorithms, ASP.NET security, ASP.NET-security, Decompilation, developers, intellectual_property, open_source_movement, open_source_software, reverse_engineering
Obfuscation is the process of making code harder to understand in decompiled form, without changing the semantics. Simple obfuscators could just change the names of private variables and methods, while more complex ones can (with suitable configuration) change even public names to be unintelligible, changing references to those names from different assemblies etc. Others can make the code flow harder to follow, and some obfuscators can confuse some decompilers enough to stop them from being able to produce any code at all. Others will even encrypt your code, only decrypting it at runtime.
I don’t have any personal experience with .NET obfuscators, though I have used some for Java (which has the same characteristics in terms of decompilation). Unfortunately, that means I can’t actually recommend any. I’d strongly advise you to try several different obfuscators before settling on one – look at the results of decompilation with a few different tools if possible. Before buying one, try getting someone who you trust but who hasn’t been part of the development of your code to try to read the decompiled version of your non-obfuscated application – you may well decide you don’t need to use an obfuscator in the first place. Once you’ve settled on an obfuscator, use it all the time though – you should carry out as much testing as possible on the obfuscated version rather than the "clear" version, as obfuscation can raise some subtle problems.
Decompilation
Decompilation
There are many situations when decompilation can be used…
- To recover lost source code. You may have written a program for which you only have the executable now (or you got the exe of a program you wrote long back, from someone else!). If you want to have the source for such a program, you can use decompilation to recover it. In all rights, you are the owner of the program, so nobody is going to question you.
- Just as stated above, applications written long back for a legacy computer may not have the source code now, and you may need to port it to a new platform. Either you have to rewrite the application from the scratch, or use decompilation to understand the working of the application and write it again.
- Say you have code written in some language for which you cant find a compiler today! If you have the executable, just decompile it and rewrite the logic in the language of your choice today.
- To discover the internals of someone else’s program (like what algorithm they have used…)
Usually all software are copyrighted by the authors. This means, copying or expressing the same idea in another program is prohibited. Hence if you are using decompilation to discover the internals of a program and if that particular part is breaching the copyright of the owner, you are liable for legal action. However, there are some permitted uses of decompilation, like the first three cases stated above. Also, decompilation of parts of software which do not come under the copyright laws (e.g. algorithms) is permitted. In any case, it is better to contact your legal advisor if you are doing any serious work with decompilation.
In all practical purposes, decompiling programs which were created by you can’t be questioned! After all, you are the owner of all rights to the program. But be careful if you are trying it out on someone else’s programs.
Decompilation
Decompilation
This short entry is just to tell you that the decompiler got a name: Hex-Rays and it goes to the phase of closed beta testing. The qualified beta testers already received their copies and I have some very positive feedback. Thank you, guys!
For the curious about the decompiler, I put the user manual online. It is very short for the moment. I’d like to keep it like this forever but…
http://www.hexblog.com/hexrays/manual
The quick primer section shows in more detail how to work with the plugin.
Let the fun begin!
Read more at Security Wonk
Decompilation
Decompilation
If you used IDA Pro for a while, you might have noted that it contents itself
with simple things. It neatly displays the disassembly listing.
It allows you to improve the listing by adding names and comments. You can manually define
your symbols, types, functions. IDA itself can add some types and discover some
program properties, but
overall the performed analyses appear to be rather modest.
Original post by Security Wonk and a wordpress plugin by Elliott
Decompilation
Decompilation