Jump to content


Photo
- - - - -

Decompiling a program of unknown language


  • Please log in to reply
15 replies to this topic

#1 Zeldo

Zeldo

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 12 posts
  • Gender:Male

Posted 15 October 2009 - 07:09 PM

Does anyone have any suggestions to get what language a program was written in and decompile it? The program is not commercial, its a free bot that I want to see how works and it seems the developer quit even visiting the site. I will attach the program, any help is appreciated.


P.S. Coulden't find a better section, as I am a newbie and this didn't fit in anywhere else. Please move it if I posted it in the wrong section.

Thanks, Zeldo.

Attached File  FarmVilleBot.zip   1.32MB   6 downloads

Edited by Zeldo, 15 October 2009 - 07:10 PM.


#2 rainwater_stillicide

rainwater_stillicide

    SUP3R 31337 P1MP

  • Agents of the Revolution
  • 282 posts
  • Location:Scotland

Posted 15 October 2009 - 07:28 PM

Does anyone have any suggestions to get what language a program was written in and decompile it? The program is not commercial, its a free bot that I want to see how works and it seems the developer quit even visiting the site. I will attach the program, any help is appreciated.


P.S. Coulden't find a better section, as I am a newbie and this didn't fit in anywhere else. Please move it if I posted it in the wrong section.

Thanks, Zeldo.

Attached File  FarmVilleBot.zip   1.32MB   6 downloads


farmvillebot.exe appears to have been written using Delphi.

I have no idea about decompiling it.

#3 Zeldo

Zeldo

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 12 posts
  • Gender:Male

Posted 15 October 2009 - 07:29 PM


Does anyone have any suggestions to get what language a program was written in and decompile it? The program is not commercial, its a free bot that I want to see how works and it seems the developer quit even visiting the site. I will attach the program, any help is appreciated.


P.S. Coulden't find a better section, as I am a newbie and this didn't fit in anywhere else. Please move it if I posted it in the wrong section.

Thanks, Zeldo.

Attached File  FarmVilleBot.zip   1.32MB   6 downloads


farmvillebot.exe appears to have been written using Delphi.

I have no idea about decompiling it.


Thank you, can you tell me how you came to this conclusion?

Or if anyone has an idea of how this program actually works that would be great, I'm just trying to figure out the inner workings, I don't need the source code if someone can explain it to me.

Thanks, Zeldo.

Edited by Zeldo, 15 October 2009 - 07:32 PM.


#4 rainwater_stillicide

rainwater_stillicide

    SUP3R 31337 P1MP

  • Agents of the Revolution
  • 282 posts
  • Location:Scotland

Posted 15 October 2009 - 10:06 PM

Thank you, can you tell me how you came to this conclusion?

Or if anyone has an idea of how this program actually works that would be great, I'm just trying to figure out the inner workings, I don't need the source code if someone can explain it to me.

Thanks, Zeldo.


I ran the linux program strings on it.

#: strings farmvillebot.exe

Lots of output, at the end there is some xml:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
  	type="win32"
    name="DelphiApplication"
    version="1.0.0.0" 
  	processorArchitecture="*"/>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity
        type="win32"
        name="Microsoft.Windows.Common-Controls"
        version="6.0.0.0"
        publicKeyToken="6595b64144ccf1df"
        language="*"
        processorArchitecture="*"/>
    </dependentAssembly>
  </dependency>
</assembly>

Edited by rainwater_stillicide, 15 October 2009 - 10:06 PM.


#5 Zeldo

Zeldo

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 12 posts
  • Gender:Male

Posted 15 October 2009 - 10:41 PM


Thank you, can you tell me how you came to this conclusion?

Or if anyone has an idea of how this program actually works that would be great, I'm just trying to figure out the inner workings, I don't need the source code if someone can explain it to me.

Thanks, Zeldo.


I ran the linux program strings on it.

#: strings farmvillebot.exe

Lots of output, at the end there is some xml:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <assemblyIdentity
  	type="win32"
    name="DelphiApplication"
    version="1.0.0.0" 
  	processorArchitecture="*"/>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity
        type="win32"
        name="Microsoft.Windows.Common-Controls"
        version="6.0.0.0"
        publicKeyToken="6595b64144ccf1df"
        language="*"
        processorArchitecture="*"/>
    </dependentAssembly>
  </dependency>
</assembly>


Ah! Thank you.

#6 thepcdude

thepcdude

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 353 posts
  • Location:Computer, Desk

Posted 15 October 2009 - 11:13 PM

.exe's aren't compiled into bytecode, so there is no way to get an even remotely good source code from it. You can't decompile exe's.
ALTHOUGH
You can dissasemble them. It will give you the Intel ASM instructions of it, and you can work from there. There also appears to be certain code segments in Delphi Executables. Read this article to learn more: http://delphi.about....decompiling.htm
If you need help on disassembling/reversing at all, feel free to PM me.

#7 livinded

livinded

    Dangerous free thinker

  • Agents of the Revolution
  • 1,942 posts
  • Location:~/

Posted 16 October 2009 - 11:48 AM

.exe's aren't compiled into bytecode, so there is no way to get an even remotely good source code from it. You can't decompile exe's.
ALTHOUGH
You can dissasemble them. It will give you the Intel ASM instructions of it, and you can work from there. There also appears to be certain code segments in Delphi Executables. Read this article to learn more: http://delphi.about....decompiling.htm
If you need help on disassembling/reversing at all, feel free to PM me.


Of course you can decompile an executable, it just may not give code that is much easier to read than than disassembling it. Hex Rays puts out a C decompiler that attempts to map the disassembled code to the C language that it was compiled from. You wont get any of the variable names but for the most part it will give you valid C code including all the function names and make it a bit easier to read than assembly.

#8 thepcdude

thepcdude

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 353 posts
  • Location:Computer, Desk

Posted 16 October 2009 - 06:31 PM


.exe's aren't compiled into bytecode, so there is no way to get an even remotely good source code from it. You can't decompile exe's.
ALTHOUGH
You can dissasemble them. It will give you the Intel ASM instructions of it, and you can work from there. There also appears to be certain code segments in Delphi Executables. Read this article to learn more: http://delphi.about....decompiling.htm
If you need help on disassembling/reversing at all, feel free to PM me.


Of course you can decompile an executable, it just may not give code that is much easier to read than than disassembling it. Hex Rays puts out a C decompiler that attempts to map the disassembled code to the C language that it was compiled from. You wont get any of the variable names but for the most part it will give you valid C code including all the function names and make it a bit easier to read than assembly.


Oooh yeesss! I forgot about that software. It's still nothing close to what decompilation of things like java is.

#9 SigFLUP

SigFLUP

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 367 posts
  • Gender:Not Telling

Posted 16 October 2009 - 10:54 PM

I wonder what the legalities of reverse engineering through decompilation is. Anyone know of any court cases regarding this?

#10 BinaryLust

BinaryLust

    SCRiPT KiDDie

  • Members
  • 23 posts
  • Gender:Female

Posted 17 October 2009 - 12:20 AM

I wonder what the legalities of reverse engineering through decompilation is. Anyone know of any court cases regarding this?


I don't know of any cases per se (there are tons for sure) but by definition Reverse Engineering is legal. The question usually is was it "really" reverse engineering or was it simple copying of an idea which would then be illegal.

From what I understand "legal" reverse engineering is actually fairly difficult since you have to be sequesered with a given product and with minimal exposure to published documentation that relates to the material. You then have to document every step along the way so that a reasonable person familiar with the field could then conclude that you "independently" rediscovered the idea and hence legally reverse engineered the product.

For software, I think that it is way harder. If you use a program to reverse engineer a product you are basically admitting that you didn't "somehow" independentaly discover the algorithm of a given product. Ergo, you now moved you into the world of illegality. Software is tricky though because there are so many "standard" algorithms out there.

But I second Sigflug, if anyone has some links to the briefs of real cases that would be so helpful.


#11 Seal

Seal

    Not a fan of clubs.

  • Agents of the Revolution
  • 2,440 posts
  • Country:
  • Gender:Male
  • Location:Canada

Posted 01 November 2009 - 01:03 AM

I wonder what the legalities of reverse engineering through decompilation is. Anyone know of any court cases regarding this?


Wikipedia to the resuce! From this entry:
http://en.wikipedia....mpiler#Legality

In the United States, the copyright fair use defense has been successfully invoked in decompilation cases. For example, in Sega v. Accolade, the court held that Accolade could lawfully engage in decompilation in order to circumvent the software locking mechanism used by Sega's game consoles.[3]


...Mind you that particular case would not be valid now, as the DMCA in the US specifically prohibits that kind of TPM circumvention (the whole reason for which it was enacted.) Arguably, any decompilation could earn a court case thanks to the DMCA, whether legitimate or not.

There's more cases related to hardware reverse engineering. From:
http://en.wikipedia....ean_room_design

Sony Computer Entertainment, Inc. v. Connectix Corporation was a 1999 lawsuit which established an important precedent in regard to reverse engineering. Sony sought damages for copyright infringement over Connectix's Virtual Game Station emulator, alleging that its proprietary BIOS code had been copied into Connectix's product without permission. Sony won the initial judgment, but the ruling was overturned on appeal. Sony eventually purchased the rights to Virtual Game Station to prevent its further sale and development. This established a precedent addressing the legal implications of commercial reverse engineering efforts.


Edited by Seal, 01 November 2009 - 01:14 AM.


#12 livinded

livinded

    Dangerous free thinker

  • Agents of the Revolution
  • 1,942 posts
  • Location:~/

Posted 03 November 2009 - 04:21 PM

Reverse Engineering in and of itself is legal, unless it falls under one of the categories that the DMCA defines. The real issue however is the EULA that is included with the software. In most EULAs there is a clause that specifies that you are not allowed to reverse engineer the software. So depending if the EULA holds up, you could potentially be violating that though I don't know what legal consequences that would really lead to. If you were able to get the software onto your computer without having to agree to the EULA though, I don't see how you would be doing anything illegal though.

#13 DarkWarrior_

DarkWarrior_

    the 0ne

  • Members
  • 1 posts
  • Gender:Male

Posted 06 November 2009 - 03:06 PM

rainwater_stillicide used a linux (modual? I don't know much about lunix.) Would there be any way to find a programs code through a windows alternative? I want to make the move to linux but I can't break away from my games.

#14 phr34kc0der

phr34kc0der

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 469 posts
  • Country:
  • Gender:Male

Posted 09 November 2009 - 07:53 AM

rainwater_stillicide used a linux (modual? I don't know much about lunix.) Would there be any way to find a programs code through a windows alternative? I want to make the move to linux but I can't break away from my games.


If you *really* can't live without Windows (nothing to be ashamed of, I still need to use it occasionally) there are lots of ways to have the best of both worlds. The easiest way would be to use a live cd or, even better, install Linux to a flash drive (check out a program called unetbootin). With a persistent install you can save the changes you make and once you reboot you'll be back into windows.

Another good way would be to install a virtual machine and install Linux into that (check out vmware or virtualbox. There are plenty of others to). This will allow you to run Linux *on top of* Windows within an application which is pretty damn handy if you want to use both at the same time.

Wubi is an installer for Ubuntu which will set up your machine to dual boot (where you choose which OS to start when you boot your machine). The difference is that Linux is installed inside a file on Windows so if you dont have the confidence to play around with your filesystem you dont need to. It can also be removed with the "add/remove" program in control panel.

If none of these appeal to you, you could just get a second machine. Something cheap will work but IMO alot of the modern distros are wasted on older hardware. You really want a machine that can do it justice, but it's still an option.

Finally you could just suck it up, be a man, and install it on your main machine :p

I know you posted a few days ago so might not even still be around but maybe this post will help someone else (even if it is slightly off topic)

#15 Nick'

Nick'

    Will I break 10 posts?

  • Members
  • 2 posts
  • Gender:Male

Posted 09 November 2009 - 08:09 AM

When talking about disassembly, I am very interested as it is my main interest to learn assembly. I know assembly (preferably GAS syntax). However, i have no idea how to read a disassembled program written for windows. I mean, if the program is a basic program like 2+3, it is fine, but when it is a complicated software, i don't really understand. Can you guys help me out with this, or how i should go around with this.

#16 phr34kc0der

phr34kc0der

    SUPR3M3 31337 Mack Daddy P1MP

  • Members
  • 469 posts
  • Country:
  • Gender:Male

Posted 09 November 2009 - 12:12 PM

When talking about disassembly, I am very interested as it is my main interest to learn assembly. I know assembly (preferably GAS syntax). However, i have no idea how to read a disassembled program written for windows. I mean, if the program is a basic program like 2+3, it is fine, but when it is a complicated software, i don't really understand. Can you guys help me out with this, or how i should go around with this.


Just practice my friend. Practice and the right tools. It's not something i'm too amazing at yet (although i think it's something i'm going to start looking into more) but I suggest a book called Hacker Disassembling Uncovered by Kris Kaspersky. A big part of disassembling applications in knowing the Windows API. You dont need to know exactly whats happening but you know the application is setting a set of variables and calling an API to do some task.

If anyone is interested in working though some stuff together PM me sometime and it might be easier to work in a small group or something.




BinRev is hosted by the great people at Lunarpages!