Re: Decompile...

Re: Decompile...

[Fred Reimer]

I don't know about this.  I've thought of it many times in the past, and I
don't see a reason why it can't be done.  Obviously, it's possible to
disassemble an exe.  The asm that compilers create usually have to adhere to
specific standards so that the resulting code can be linked with other
vendor's libraries, etc.  Windows code has additional "restrictions" over
and above what the standard C standard has (and I mean the linking standard
that everyone uses, not necessarily in the C "standard").

I would think that it would be possible to create cryptic C code for an exe
that at least shows the types of variables passed between functions and the
auto variables used within the function in addition to the general flow of
the function.  If you backtrace from calls to the Windows API, you can
extrapolate what types of structures are passed from the user code.  Of
course, all the variable names would be pretty meaningless, unless whoever
made the exe left the symbols in it.  But Windows may make it simpler, with
it's "standardized" variable naming system (i.e., lpszString1).

I don't mean to make it sound easy, but I don't agree that it's impossible,
just impractical


-----Original Message-----
From: Stipe Tolj <tolj@uni-duesseldorf.de>
To: Marcel R. <marshall@cwb.matrix.com.br>
Cc: <gnu-win32@cygnus.com>
Date: Friday, July 10, 1998 6:21 AM
Subject: Re: Decompile...


>Marcel R. wrote:
>>
>> Hi 4 all...
>> I want to know if there is some way to "Decompile" a file... I mean, get
a
>> exe file and make it be a cpp file, and view the code to do some things
>> that the program do...
>> Thanks...
>
>no way. A binary (exe) file consists of assembler instructions for the
>cpu. Their is no way to "decompile" the compiled and linked file to an
>source code file, since the function f: source -> binary is not
>injective so say it in mathematical terms.
>
>The only way to find out "what" a binary file does is to disassembler
>it, and perform aseemlber instructions step by step, controlling the cpu
>registers and assembler registers that change within execution of the
>analyzed program.
>
>PS: If it would be possible to "decompile" exes to source code files, I
>would be the first to "decompile" windows 98 and modify a bit to sell it
>under an other name.
>
>Regards, Stipe.
>
>--
>stud.rer.pol. Stipe Tolj <tolj@uni-duesseldorf.de>
>HTTP Server Development Management
>Department of Economical Computer Science
>University of Cologne, Germany
> http://www-public.rz.uni-duesseldorf.de/~tolj
>
>
>-
>For help on using this list (especially unsubscribing), send a message to
>"gnu-win32-request@cygnus.com" with one line of text: "help".
>

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Re: Decompile...

[Ian Flanigan]

Fred Reimer wrote:
> 
> I would think that it would be possible to create cryptic C code for an exe
> that at least shows the types of variables passed between functions and the
> auto variables used within the function in addition to the general flow of
> the function.

Actually, there have been many decompiler projects in the past.  One was
used to de-compile the Internet Worm back in '88.  I had another for
MSDOS around '90 or so.  The one used on the worm, if I recall
correctly, made use of some "features" of the code generation routines
in pcc (the old portable C compiler on which nearly all C compilers
shipped with UNIX used to be derived from) to re-generate the source
code.  The MSDOS one was just nasty and basically turned assembly code
into C, complete with bit shifts and carry testing.  It was gross and
unuseful.

Ian
---
flan@lean.to
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Re: Decompile...

[Stipe Tolj]

raf wrote:
> 
> Stipe wrote:
> 
> >PS: If it would be possible to "decompile" exes to source code files, I
> >would be the first to "decompile" windows 98 and modify a bit to sell it
> >under an other name.
> 
> would that be DOS98?

nop, that would be "frames2000" :))


-- 
stud.rer.pol. Stipe Tolj <tolj@uni-duesseldorf.de>
HTTP Server Development Management
Department of Economical Computer Science        
University of Cologne, Germany                  
http://www-public.rz.uni-duesseldorf.de/~tolj

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Re: Decompile...

[Mike Lerwill]

Of course you are correct it can be done the real question is how well.

See http://www.teknema.com/~cg/work.htm
 
for an idea of the work being done in this area.


-----Original Message-----
From: Fred Reimer <Fred.Reimer@bellsouth.net>
To: tolj@uni-duesseldorf.de <tolj@uni-duesseldorf.de>; Marcel R. <marshall@cwb.matrix.com.br>
Cc: gnu-win32@cygnus.com <gnu-win32@cygnus.com>
Date: Saturday, July 11, 1998 11:37 PM
Subject: Re: Decompile...


>I don't know about this.  I've thought of it many times in the past, and I
>don't see a reason why it can't be done.  Obviously, it's possible to
>disassemble an exe.  The asm that compilers create usually have to adhere to
>specific standards so that the resulting code can be linked with other
>vendor's libraries, etc.  Windows code has additional "restrictions" over
>and above what the standard C standard has (and I mean the linking standard
>that everyone uses, not necessarily in the C "standard").
>
>I would think that it would be possible to create cryptic C code for an exe
>that at least shows the types of variables passed between functions and the
>auto variables used within the function in addition to the general flow of
>the function.  If you backtrace from calls to the Windows API, you can
>extrapolate what types of structures are passed from the user code.  Of
>course, all the variable names would be pretty meaningless, unless whoever
>made the exe left the symbols in it.  But Windows may make it simpler, with
>it's "standardized" variable naming system (i.e., lpszString1).
>
>I don't mean to make it sound easy, but I don't agree that it's impossible,
>just impractical
>
>
>-----Original Message-----
>From: Stipe Tolj <tolj@uni-duesseldorf.de>
>To: Marcel R. <marshall@cwb.matrix.com.br>
>Cc: <gnu-win32@cygnus.com>
>Date: Friday, July 10, 1998 6:21 AM
>Subject: Re: Decompile...
>
>
>>Marcel R. wrote:
>>>
>>> Hi 4 all...
>>> I want to know if there is some way to "Decompile" a file... I mean, get
>a
>>> exe file and make it be a cpp file, and view the code to do some things
>>> that the program do...
>>> Thanks...
>>
>>no way. A binary (exe) file consists of assembler instructions for the
>>cpu. Their is no way to "decompile" the compiled and linked file to an
>>source code file, since the function f: source -> binary is not
>>injective so say it in mathematical terms.
>>
>>The only way to find out "what" a binary file does is to disassembler
>>it, and perform aseemlber instructions step by step, controlling the cpu
>>registers and assembler registers that change within execution of the
>>analyzed program.
>>
>>PS: If it would be possible to "decompile" exes to source code files, I
>>would be the first to "decompile" windows 98 and modify a bit to sell it
>>under an other name.
>>
>>Regards, Stipe.
>>
>>--
>>stud.rer.pol. Stipe Tolj <tolj@uni-duesseldorf.de>
>>HTTP Server Development Management
>>Department of Economical Computer Science
>>University of Cologne, Germany
>> http://www-public.rz.uni-duesseldorf.de/~tolj
>>
>>
>>-
>>For help on using this list (especially unsubscribing), send a message to
>>"gnu-win32-request@cygnus.com" with one line of text: "help".
>>
>
>-
>For help on using this list (especially unsubscribing), send a message to
>"gnu-win32-request@cygnus.com" with one line of text: "help".
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Re: Decompile...

[raf]

Stipe wrote:

>PS: If it would be possible to "decompile" exes to source code files, I
>would be the first to "decompile" windows 98 and modify a bit to sell it
>under an other name.

would that be DOS98?

raf :)

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Re: Decompile...

[Stipe Tolj]

Marcel R. wrote:
> 
> Hi 4 all...
> I want to know if there is some way to "Decompile" a file... I mean, get a
> exe file and make it be a cpp file, and view the code to do some things
> that the program do...
> Thanks...

no way. A binary (exe) file consists of assembler instructions for the
cpu. Their is no way to "decompile" the compiled and linked file to an
source code file, since the function f: source -> binary is not
injective so say it in mathematical terms.

The only way to find out "what" a binary file does is to disassembler
it, and perform aseemlber instructions step by step, controlling the cpu
registers and assembler registers that change within execution of the
analyzed program.

PS: If it would be possible to "decompile" exes to source code files, I
would be the first to "decompile" windows 98 and modify a bit to sell it
under an other name.

Regards, Stipe.

-- 
stud.rer.pol. Stipe Tolj <tolj@uni-duesseldorf.de>
HTTP Server Development Management
Department of Economical Computer Science        
University of Cologne, Germany                  
http://www-public.rz.uni-duesseldorf.de/~tolj


-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".

Decompile...

[Marcel R.]

Hi 4 all...
I want to know if there is some way to "Decompile" a file... I mean, get a
exe file and make it be a cpp file, and view the code to do some things
that the program do...
Thanks...


-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Home Page: http://i.am/marshall/
e-mail: marshall@cwb.matrix.com.br ou marshall@i.am

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".