Using a Decompiler for Real-World Source Recovery

W
WCRE
2004
11th Working Conference on Reverse Engineering (WCRE 2004)
Abstract - Using a Decompiler for Real-World Source Recovery

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Mike Van Emmerik Articles by Trent Waddington

11th Working Conference on Reverse Engineering (WCRE 2004)

Delft, The Netherlands

November 08-November 12

ISBN: 0-7695-2243-2

	ASCII Text	x
	Mike Van Emmerik, Trent Waddington, "Using a Decompiler for Real-World Source Recovery," Reverse Engineering, Working Conference on, pp. 27-36, 11th Working Conference on Reverse Engineering (WCRE 2004), 2004.

	BibTex	x
	@article{ 10.1109/WCRE.2004.42, author = {Mike Van Emmerik and Trent Waddington}, title = {Using a Decompiler for Real-World Source Recovery}, journal ={Reverse Engineering, Working Conference on}, volume = {0}, year = {2004}, issn = {1095-1350}, pages = {27-36}, doi = {http://doi.ieeecomputersociety.org/10.1109/WCRE.2004.42}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Reverse Engineering, Working Conference on TI - Using a Decompiler for Real-World Source Recovery SN - 1095-1350 SP27 EP36 A1 - Mike Van Emmerik, A1 - Trent Waddington, PY - 2004 KW - Reverse engineering KW - decompilation KW - source code recovery KW - native executable file KW - experience VL - 0 JA - Reverse Engineering, Working Conference on ER -

Mike Van Emmerik, University of Queensland

Trent Waddington, University of Queensland

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/WCRE.2004.42

Despite their 40 year history, native executable decompilers have found very limited practical application in commercial projects. The success of Java decompilers is well known, and a few decompilers perform well by recognising patterns from specific compilers.

This paper describes the experience gained from applying a native executable decompiler, assisted by a commercial disassembler and hand editing, to a real-world Windows-based application. The clients had source code for a prototype version of the program, and an executable that performed better, for which the source code was not available. The project was to recover the algorithm at the core of the program, and if time permitted, the recovery of other pieces of source code.

Despite the difficulties, the core algorithm was successfully decompiled, and a portion of the rest of the program as well. There were surprises, including the ability to recover almost all original class names, and the complete class hierarchy.

Index Terms:

Reverse engineering, decompilation, source code recovery, native executable file, experience

Citation:

Mike Van Emmerik, Trent Waddington, "Using a Decompiler for Real-World Source Recovery," wcre, pp.27-36, 11th Working Conference on Reverse Engineering (WCRE 2004), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.