X hits on this document





20 / 120

decompilers for binary executables, but recognizes that other experts disagree—raising

the point that some information is “irretrievably lost during the compilation process.”

Boomerang is a well-known open-source decompiler project that seeks to one day be able

to decompile machine code to high-level language source code with respectable results

[11]. For those reverse engineers interested in recovering the source code of a program,

decompilation may not offer much hope because as [11] states “a general decompiler

does not attempt to reverse every action of the compiler, rather it transforms the input

program repeatedly until the result is high level source code. It therefore won't recreate

the original source file; probably nothing like it.”

To get a sense of the effectiveness of Boomerang as a reversing tool, a simple

program, HelloWorld.c was compiled and linked using the GNU C++ compiler for

Microsoft Windows® and then decompiled using Boomerang. The C code generated by

the Boomerang decompiler when given HelloWorld.exe as input was quite disappointing:

the generated code looked like a hybrid of C and assembly language, had countless

syntax errors, and ultimately bore no resemblance to the original program. Table 4.1

contains the source of HelloWorld.c and some of the code generated by Boomerang.

Incidentally, the Boomerang decompiler was unable to produce any output when

HelloWorld.exe, was built using Microsoft's Visual C++ 2008 edition compiler.

The full length of the C code generated by Boomerang for the HelloWorld.exe

program contained 180 lines of confusing, nonsensical control structures and function

calls to undefined methods. It is surprising to see such a poor decompilation result, but as


Document info
Document views194
Page views195
Page last viewedMon Oct 24 04:18:48 UTC 2016