5

I have a project that I am trying to fix from a guy that left (let go) from my company. He has violated every fundamental principle of software engineering, not using source control, not backing up the source before you make more changes, etc. etc.

I need to make changes to an application that is in the field and I don't have the original source code, but I have an executable. What I need is a decompiler that will decompile a Visual Studio 6 C++ application and provide me with some type of source code. Anyone got any ideas.....

Mark
  • 1,368
  • 5
  • 13
  • 26
  • 2
    Have you thought about using a 21st century compiler? – AshleysBrain Oct 13 '10 at 22:20
  • 2
    Making sense of a decompiled program is usually not a trivial task. If the source code has been completely lost, it might actually be more worthwhile to rewrite the program (and use proper source control) instead of trying to reverse engineer the existing executable. Especially if this is a program that your company is going to need to maintain for the foreseeable future, then this should be taken into consideration. – TheUndeadFish Oct 13 '10 at 22:34
  • 2
    If your company does not have the source, don't blame the programmer, blame his former boss if he is still in your company! – Doc Brown Oct 13 '10 at 22:46
  • Thank you to everyone who provide input. I have a good direction to go now. – Mark Oct 14 '10 at 21:52

3 Answers3

8

Well there's the Decompiler from Hex-Rays: https://www.hex-rays.com/products/decompiler/

It is pretty good for the fact that it is creating C code from Assembler but it works pretty good. It's also pretty expensive

Edit: Additional note it is combined with IDA Pro the pretty well-known disassembler from them. That already can show you a lot of information in the combination with the decompiler it is even easier to reverse code.

Alistair Carscadden
  • 1,198
  • 5
  • 18
Vinzenz
  • 2,749
  • 17
  • 23
  • 1
    +1 IDA Pro + Hexrays as it does make use of knowledge of win32 to help decompile and give better code. – Greg Domjan Oct 13 '10 at 22:10
  • Expensive, but if it does the job well it's possibly worth it. I do wonder why the ARM version is $1 (or €1) more than the x86 version? – Michael Burr Oct 14 '10 at 01:01
  • In german there'd be a good joke about that: 'Die wollen uns wohl auf den ARM nehmen' unfortunately it's not so nice translated. The only reason I could imagine is that they want to show that this is not included and that both have different prices. (Just a wild guess) – Vinzenz Oct 14 '10 at 01:05
  • All I can see is X86 type of coding like push mov. I want to decompile the exe but don't know the source code language. At loading I have selected portable executable and meta pc.I see the start function but it is in assembly language type. Can some one help me to view actual code like C or C++? – Sarveshwar Oct 13 '19 at 06:43
4

I've used RecStudio (rec22) and IDAPro to try and decompile a C++ project, together they probably wouldn't have been enough to do the job I had except that I worked out the demo project the program was based on so they gave just enough info that I could make something like the same project again.

In the end one other thing I was doing was compiling code that I thought matched and checking that I got the same result in the decompiler.

Good Luck.

Greg Domjan
  • 13,943
  • 6
  • 43
  • 59
3

Decompile to what - assembler?

There isn't anything that is going to give you meaningfull C from an exe.

Martin Beckett
  • 94,801
  • 28
  • 188
  • 263
  • 1
    As Vinzenz has pointed out - there is at least one product that can do this (to be fair - I would not expect the generated code to be as meaningful as the original C++ source). – Doc Brown Oct 13 '10 at 22:06
  • @Doc Brown: With your work of renaming variables and function names after analyzing them and writing comments you can get a lot from that. Just watch the short decompilation demo on the page I linked. But of course it won't be like the original but that's basically just 'lost in translation' ;-) But still it is amazing what it can produce. – Vinzenz Oct 13 '10 at 22:13
  • That's pretty impressive (at least for the examples they show) decompilers used to be worse than just reading the asm – Martin Beckett Oct 13 '10 at 23:15