EvilZone
Hacking and Security => Reverse Engineering => : Axon March 03, 2013, 12:57:31 PM
-
The IDC tool is an interactive decompiler, where the user starts with an almost literal translation of Assembly code in C language, which he progressively decompiles by the successive application of low-level refactorings, ultimately leading to high-level C code.
(http://idc.sourceforge.net/wiki/idc-boxview.png)
http://idc.sourceforge.net/wiki/index.html
-
hello
can you tell me if this decompiler is able to provide the exact program code as it is written and what are the software that it is unable to decompile them
what are the advantages and disadvantages of this decompiler??
-
I know ASM and C quite well, but I haven't actually done any decompiling of executables yet and I'm thinking about maybe going for a job within malware analysis. Would this be a great learning tool for me?
-
can you tell me if this decompiler is able to provide the exact program code as it is written and what are the software that it is unable to decompile them
I have no experience with this particular tool, but I think you have high expectations in retrieving "exact program code". Decompilers in general are hit-and-miss by nature as it is very difficult to abstract machine code to a higher-level language unless the target language is compiled to an intermediary language [bytecode] which has extensive metadata, such as Java.
Depends on the decompiler itself though. If it's more sophisticated and has good type analysis, you'll yield better results.
-
Decompilers wont give you the EXACT source code of a binary, they will give you an aproximation, which quality will depend on the compiler used and what optimization flags were used. I have got results from a REALLY good decompilarion (~90% like my original code) to total garbage (I mean, reading ASM was easier than the decompiled source).
The best decompiler I've used is X-Rays (IDA), and most of the times it actually helps to understand large chunks of ASM code.
I have not tried this one, but judging from Axon's description and screenshots in its website, it seems like "more interactive". You constantly modify the decompilarion until you get a decent enough source, instead of letting the tool do all the work for you. Seems interesting, I'll try it.
-
I have not tried this one, but judging from Axon's description and screenshots in its website, it seems like "more interactive". You constantly modify the decompilarion until you get a decent enough source, instead of letting the tool do all the work for you. Seems interesting, I'll try it.
Ah nice, that's really cool for people studying this I suppose.