EvilZone
Hacking and Security => Reverse Engineering => : Dark Nebulae September 09, 2012, 02:46:02 PM
-
plz tell me how to find the source code of any program
-
Just go to the coder's office and steal it.
-
disassemble it...
-
Not possible.. Best you get is asm code.
it is possible to get java code though, but not always.
Better write it all from scratch.
-
You need to understand that there are software programs that were compiled into executable files (written by languages like C/C++), there are programs that are translated into bytecode which is then executed by the virtual machine (written in languages like Java), and there are programs that are interpreted and do not need to be compiled by the developer to be used (written in languages such as Python).
It is impossible to get the exact source code of a compiled program because compilation is an irreversible one-way process in such languages. There are decompilers that can analyze the executable and try to recreate the source code, but they are often very inaccurate and the resulting code is very hard to work with. The only sure thing you can do is disassemble the executable program using a disassembler such as IDA Pro or OllyDbg for Windows, or gdb for linux (there are many more). It will read the executable machine code and convert it into assembly code which can be analyzed and modified (other tools then the disassembler are required to do this, but they usually come together with the disassembler, or other way round). This process is often called reverse engineering, as you attempt to understand how the entity was created and how it works without having the original blueprints (or source code in our case).
It is more easy to decompile java or similar bytecode though. Check out Java Decompiler.
Finally, it you do not need to do anything to get the source code of interpreted programs because they are not compiled by the developer in most cases. All you need to do is just open the python or other interpreted program file with a plain text editor.
I hope this helped a bit.
Have fun reversing executables!
-
You need to understand that there are software programs that were compiled into executable files (written by languages like C/C++), there are programs that are translated into bytecode which is then executed by the virtual machine (written in languages like Java), and there are programs that are interpreted and do not need to be compiled by the developer to be used (written in languages such as Python).
It is impossible to get the exact source code of a compiled program because compilation is an irreversible one-way process in such languages. There are decompilers that can analyze the executable and try to recreate the source code, but they are often very inaccurate and the resulting code is very hard to work with. The only sure thing you can do is disassemble the executable program using a disassembler such as IDA Pro or OllyDbg for Windows, or gdb for linux (there are many more). It will read the executable machine code and convert it into assembly code which can be analyzed and modified (other tools then the disassembler are required to do this, but they usually come together with the disassembler, or other way round). This process is often called reverse engineering, as you attempt to understand how the entity was created and how it works without having the original blueprints (or source code in our case).
It is more easy to decompile java or similar bytecode though. Check out Java Decompiler.
Finally, it you do not need to do anything to get the source code of interpreted programs because they are not compiled by the developer in most cases. All you need to do is just open the python or other interpreted program file with a plain text editor.
I hope this helped a bit.
Have fun reversing executables!
Please Do not Misinform..
COMPILATION is not irreversible..
Java code is compiled.. It is reversible
Code compiled to machine code is not reversible.. Byte code is a result of java code being compiled.
-
I was talking about languages that are compiled straight to machine code. I didn't say compilation is irreversible. I said "compilation is an irreversible one-way process in such languages". Note the words "in such languages" and read the first part of the first paragraph. Now read the first two sentences of the second paragraph. I am clearly talking about executable files that are executed by the machine and that such programs need to be disassembled. Bytecode is not even assembled, meaning that obviously it can not be disassembled using a disassembler. I do address that Java bytecode can be decompiled in the ending lines of the second paragraph.
No missinformation is taking place as far as I can see. Sorry if it is not as clear as you might like it to be p_2001. Just re-read the post a few times next time you post a reply please.
-
There are ways to disassemble applications however there is not one method to do it for every exe out there. It all depends, some are easier then others.
-
You need to understand that there are software programs that were compiled into executable files (written by languages like C/C++), there are programs that are translated into bytecode which is then executed by the virtual machine (written in languages like Java), and there are programs that are interpreted and do not need to be compiled by the developer to be used (written in languages such as Python).
It is impossible to get the exact source code of a compiled program because compilation is an irreversible one-way process in such languages. There are decompilers that can analyze the executable and try to recreate the source code, but they are often very inaccurate and the resulting code is very hard to work with. The only sure thing you can do is disassemble the executable program using a disassembler such as IDA Pro or OllyDbg for Windows, or gdb for linux (there are many more). It will read the executable machine code and convert it into assembly code which can be analyzed and modified (other tools then the disassembler are required to do this, but they usually come together with the disassembler, or other way round). This process is often called reverse engineering, as you attempt to understand how the entity was created and how it works without having the original blueprints (or source code in our case).
It is more easy to decompile java or similar bytecode though. Check out Java Decompiler.
Finally, it you do not need to do anything to get the source code of interpreted programs because they are not compiled by the developer in most cases. All you need to do is just open the python or other interpreted program file with a plain text editor.
I hope this helped a bit.
Have fun reversing executables!
+1 i think we have this covered
-
You need to understand that there are software programs that were compiled into executable files (written by languages like C/C++), there are programs that are translated into bytecode which is then executed by the virtual machine (written in languages like Java), and there are programs that are interpreted and do not need to be compiled by the developer to be used (written in languages such as Python).
It is impossible to get the exact source code of a compiled program because compilation is an irreversible one-way process in such languages. There are decompilers that can analyze the executable and try to recreate the source code, but they are often very inaccurate and the resulting code is very hard to work with. The only sure thing you can do is disassemble the executable program using a disassembler such as IDA Pro or OllyDbg for Windows, or gdb for linux (there are many more). It will read the executable machine code and convert it into assembly code which can be analyzed and modified (other tools then the disassembler are required to do this, but they usually come together with the disassembler, or other way round). This process is often called reverse engineering, as you attempt to understand how the entity was created and how it works without having the original blueprints (or source code in our case).
It is more easy to decompile java or similar bytecode though. Check out Java Decompiler.
Finally, it you do not need to do anything to get the source code of interpreted programs because they are not compiled by the developer in most cases. All you need to do is just open the python or other interpreted program file with a plain text editor.
I hope this helped a bit.
Have fun reversing executables!
Is it also one way ir-reversible in programs that are made in RUBY?
-
Is it also one way ir-reversible in programs that are made in RUBY?
Depends on the implementation. I.e.: MRI is interpreted. JRuby and Rubinius are compiled to bytecode.
-
I am developing a facebook hacker(ya, I know its totally for making noobs fool) in NetBeans. I want to ask how can I make it a exe file?
And one thing also, how can we get source code of JAVA programs?
-
I am developing a facebook hacker(ya, I know its totally for making noobs fool) in NetBeans. I want to ask how can I make it a exe file?
And one thing also, how can we get source code of JAVA programs?
1. EXE's are for compiled languages. Netbeans support a lot of languages because it's an IDE. I assume you code it in Java, in which case you cannot make it an EXE, because it's not how Java works.
2. Look up JDGUI.
-
1. EXE's are for compiled languages. Netbeans support a lot of languages because it's an IDE. I assume you code it in Java, in which case you cannot make it an EXE, because it's not how Java works.
There are compilers that comile java code into maschine code,like the aot-comiler gcj
More about gcj: http://gcc.gnu.org/java/
-
I am developing a facebook hacker(ya, I know its totally for making noobs fool) in NetBeans. I want to ask how can I make it a exe file?
And one thing also, how can we get source code of JAVA programs?
It is possible to create .exe files of Java programs, but not recommended. Java's strenght is its portability. Why would you want to destroy it by turning it to an .exe file?
If you don't care about portability use another language.
Here is a tool for creating .exe out of .jar files: http://www.jar2exe.com/
Here is a decompiler for Java bytecode (so you get .java files out of .class files): http://www.varaneckas.com/jad/
-
I know how to decompile java .class files but how would I go about decompiling a .exe file? Can I find out what language was used to code the app then go from there?
-
Well its a bit complex.
For some languages you can use decompilers like VB decompiler or DeDe for delphi.
C also has a decompiler but its expensive as hell and hard to get. Google HexRays.
Also do some reading about Boomerang (http://boomerang.sourceforge.net/). It is an interesting project but I personally couldn't get it to work properly.
However, if you fail to find a decompiler for your exe program, you can still dissasemble it. Modern disasemblers make it rather easy to debug and analyze assembly code. I recommend OllyDbg.
-
Can I find out what language was used to code the app?
Yes, you can determine the language and sometimes even a compiler from the PE header.
PE header is embedded in every EXE by the compiler, unless the EXE was scrambled with a crypter or obfuscator of some sort or a packer (if UPX then you can depack the EXE with UPX as well).
There is also a tool for that here: http://www.woodmann.com/collaborative/tools/index.php/ExeInfo_PE
-
I can't get the linux version of boomerang to work myself either.
-
Yes, you can determine the language and sometimes even a compiler from the PE header.
PE header is embedded in every EXE by the compiler, unless the EXE was scrambled with a crypter or obfuscator of some sort or a packer (if UPX then you can depack the EXE with UPX as well).
There is also a tool for that here: http://www.woodmann.com/collaborative/tools/index.php/ExeInfo_PE
this, or you can look at the registers and see how the packer works and manually unpack the file...
the theory is simple enough and that's why programs still get cracked ; D
-
this, or you can look at the registers and see how the packer works and manually unpack the file...
the theory is simple enough and that's why programs still get cracked ; D
Yeah, crackers dont even bother what language the program was written in, because its easy to crack binary software by disassembling it and simply debugging the binary in run time and changing some logic operations that do the "bouncer" work. The problem is, these days software developers are making it harder to correctly debug the code by introducing new protection methods, like VM/disasembler/debugger detection and so on.
-
namespace7
your tutorial is very powerful and instructive i like it and thank you very much
after reading your tutorial i can sum it up in 3 ideas
1) decompiling does not give the exact program code
2) as a consequence of one the resulting source code will be very complicated and hard to deal with and it will take a lot of time and cost a lot of energy especially for thousands of lines to understand and grasp
3)some programs are immunized against decompiling
so disassembling is the best way to work with a program
this is good
-
OP
Ida pro is pretty good.....pretty expensive if you buy it tho ;)
-
OP
Ida pro is pretty good.....pretty expensive if you buy it tho ;)
Though I've heard the "Swedish AppStore" has it on sale.. If your lucky it includes free malware, so better run it in a virtual machine.
Hex-Rays's compiler, which is included in some Ida pro versions, actually does a great job decompiling. I've been told by friends that Hopper [1] is getting decent, but I have no experience with it. It's also well priced, compared to Hex-Rays!
[1] http://www.hopperapp.com/