decompiling back to C++?

Say you spent billions of dollars and hired all the best programmers in the world. Would they be able to come up with a program that decompiles applications back to their true C++ code?

Say you hired the worlds 100 best programmers and offered them 10 million dollars each if they did it.

Hypothetical.

[JMI]

And how long did you give them to accomplish the task?

Regards,

Give them a year.

They would failed.
But I think maybe scientists could do this job, with ten or more years.

Yeh, but what if those programmers were hired away from MS? What if they were the same programmers that wrote the C++ compiler in the first place? Maybe that would give them a edge; maybe they could do it in a year or less?

Sarge

I don't know, there are numerous optimizations which can result in totally throwing away the original source. Of course, this would also have the effect of optimizing the source, wouldn't it? But it would probably be much harder to read, and you wouldn't have comments anyway.

The problem is that converting back to C++ code doesn't really help you all that much, because you won't have comments, and you won't have variable names which make sense.

You will have constructs, and code flow.

But those you can still get from ASM disassemblers anyway (like IDA). Knowing the original high-level intent of the programmer (why something was done certain way, variable names, how variables connect to each other) in enough of a way to reconstruct a source is pretty much impossible. C++ really isn't a round trip language ( unlike .NET languages).

-Lunar

sorry, but I don't know much about this topic, but I have used IDA a few times. My question is: is always possible to disassemble a program???
what are those exe protectors for?

Thanks in advance.

[what are those exe protectors for?]

To protect the exe from disassembled

To protect the exe from debugging

Quote:

Originally Posted by hmora

sorry, but I don't know much about this topic, but I have used IDA a few times. My question is: is always possible to disassemble a program???
what are those exe protectors for?

Thanks in advance.

Yes, it is always possible to disassemble a program, but if the program is protected/packed, the code you see disassembled is the unpacking/protector code; the actual program gets unpacked at runtime. So, you either need to unpack the program to see its code in the disassembler, or you just look at the code at runtime using a debugger.

Regards

With C you can reach only a partial decompiling due to the complexities caused by the optimizations in the compiler. The source code can have many statements that are simply optimized away when it is complied.
With C++, well, sorry, it is impossible. How on the earth you can reach the source code of a STL vector or a Boost smart pointer by looking at the machine code? They are already lost in the first compilation phases and even dont make it to the backend....

Actually, I can remember true decompilers for FORTRAN created during the 70s and early 80s. Grad students would build such things during the wee hours. Each different machine had to have it's very own handcrafted version. The binary for a DEC and CDC were very different. As I recall, aside from the lost variable names, (no one commented their FORTRAN code), these programs did quite well in reproducing the original code. Of course by comparison, FORTRAN is a relatively simple language, no classes, simple data structures, etc.

I would be surprised if such custom-made decompilers don't exist for C++. I can't imagine that some kid from M$ with plenty of time at night hasn't coded one up for VC.

cheers, jsteed

It may be rewrite in C++, not decompile.

uncompiler is not a easy thing...
it needs more other experienced KB.
and more symbols and debug info ar lost during compiler,
so uncompiler endeaver recover these thing.
such as..
source code:
void SwapTwoNumber(int* a,in* b)
{.................
}

via uncompiler may be in these form:
sub_0121(DWORD* a1,DWORD* a2)
{......
}

yep,SwapTwoNumber is info, u maybe will soon master some funcs by name,,
So uncompiler will try to recover these name,this can be attained by AI.
the above is one easy instance...
Had time,we can dicuss these techz in detail..

Thre are actualy 2 asm>C plugins for IDA decompiler, sometimes I combine 2 of them to get more clear view on code. This are not serious decompilers only just one more look from other perspective. Decomile to C hase better output than Inquisition plugin but it sometimes skips some parts of code that can not understand. So you are back at asm and IDA representation of code

since there is optimization when compiling,compilier changed it too much.

I have try some decompiling tools before. But it very difficult to read and understand. The organization is very badly.