93Views7Replies

Author Options:

Are there any cilent programs for win, mac and linux that can translate exe codes back into scripts words and numbers? Answered

i will need to translate EXE files back to their default script codes so that i can look for any suspicious contents. is there a program that can do that? if there is than tell me it's name and it's download link. Freeware software only.

Comments

The forums are retiring in 2021 and are now closed for new topics and comments.
0
NachoMahma
NachoMahma

Best Answer 11 years ago

decompiler  (see also disassembler)
.  Not really. If you have to ask, you won't be able to understand the generated code any better than than the machine language.

0
NachoMahma
NachoMahma

Answer 11 years ago

.  hmmmm  In some cases, it may not be impossible:
"The bytecode formats used by many virtual machines (such as the Java Virtual Machine or the .NET FrameworkCommon Language Runtime) often include extensive metadata and high-level features that make decompilation quite feasible. The presence of debug data can make it possible to reproduce the original variable and structure names and even the line numbers. Machine language without such metadata or debug data is much harder to decompile." - Wikipedia entry for "Decompiler"

0
Grathio
Grathio

Answer 11 years ago

The readability of the code depends on what was used to make the EXE to begin with.  However reading and interpreting decompiled code is generally a very advanced programming task.  Usually for binary executables and bytecoded languages all contextual information is removed, as well as all comments and readable formatting. When that happens it's very difficult to find anything suspicious. 

For example, how suspicious is this code, which would be something like you'd get out of a good decompiler?

You're going to get something like this:
 void a(){    for (var b=0;b<c();b++){d(b);} } 
Not very obvious what it does, right ?  But the original code looked like this:
 /* Nefarious function to wipe hard drive */ void wipeHardDrive(){      for (var i=0;i<hardDriveSectorCount();i++){           eraseSector(i);      } } 
Both of these bits of code function identically, but you'll only ever get the first example of code out of a decompiler.

0
orksecurity
orksecurity

11 years ago

Not really. There are disassemblers. But they will give you something not much more informative than the raw bytes.

0
seandogue
seandogue

11 years ago

Not really. Your best bet is a good antiviral program, since antiviral programs are taylored to the job of looking for suspicious code embedded in programs.

0
lemonie
lemonie

11 years ago

De-compiling machine-code is a bit like taking all the stitching out of a shirt: You end up with the bits of material that matter, but not the whole piece of material they were cut from, or in what order the pieces were sewn together.

Look for the dodgy-sequences in the executable code.

L

0
steveastrouk
steveastrouk

11 years ago

As Nacho and Grathio say, its not practical to use it, decompilation, especially after being passed through most modern optimising compilers, generates nothing but a pile of meaningless labels.

Believe it or not, writing real software, in a real language, and not in a "script", and writing "on the metal" is a seriously difficult thing to do.

Steve