Decompile An Exe
26 March 2003, 03:17 PM
#1
We had a breakin at one of our offices over the w/end & they took a CE device with some proprietry s/ware on it. The s/ware did something quite sexy & novel & there is good commercial potential.
Written in C++ & compiled in the form of an exe. How hard is it to decompile to get at the sourcecode & hence the IP?
Its not the end version or anything & as far as we can tell, its not been used yet, but just like to know the potential.
We're reasonably sure 99.5% that we were targeted for the s/ware
(a team were 30 mins in a small office & the device was all that was taken in an office full of computers, laptops etc )
Thanks
Written in C++ & compiled in the form of an exe. How hard is it to decompile to get at the sourcecode & hence the IP?
Its not the end version or anything & as far as we can tell, its not been used yet, but just like to know the potential.
We're reasonably sure 99.5% that we were targeted for the s/ware
(a team were 30 mins in a small office & the device was all that was taken in an office full of computers, laptops etc )Thanks
26 March 2003, 03:33 PM
#2
Scooby Regular
Join Date: Sep 2002
Location: French side of the border at Geneva, Switzerland
Posts: 5,703
Likes: 0
Received 0 Likes
on
0 Posts
I'm no expert on the subject but there are various disassemblers out there which can take an exe file and display the assembler code. If the IP is in the string table it'll pop up quite quickly.
You could try downloading W32Dasm which I believe is one of the better ones, run it over a backup copy of your exe and see what it produces.
Sorry if this sounds scary but it's what the reverse engineers use to break things like serial number registration - or so I read.
[Edited by STi-Frenchie - 3/26/2003 3:45:21 PM]
You could try downloading W32Dasm which I believe is one of the better ones, run it over a backup copy of your exe and see what it produces.
Sorry if this sounds scary but it's what the reverse engineers use to break things like serial number registration - or so I read.
[Edited by STi-Frenchie - 3/26/2003 3:45:21 PM]
26 March 2003, 03:35 PM
#3
Scooby Regular
Join Date: Jan 2003
Posts: 40
Likes: 0
Received 0 Likes
on
0 Posts
Hi,
I work as a C++ developer and am 99.99999% sure that there is no way to back out anything meaningful from an exe.
100% sure you can't back out the kind of 'high level' code that you wrote in the first place, but it might be possible to access assembly language type output.
If you are targeted by the kind of people who are sophisticated enough to analyse that type of code then I would say that you are more at risk from them hacking into your network and nicking the source code.
Hope this helps.
I work as a C++ developer and am 99.99999% sure that there is no way to back out anything meaningful from an exe.
100% sure you can't back out the kind of 'high level' code that you wrote in the first place, but it might be possible to access assembly language type output.
If you are targeted by the kind of people who are sophisticated enough to analyse that type of code then I would say that you are more at risk from them hacking into your network and nicking the source code.
Hope this helps.
26 March 2003, 04:16 PM
#5
Scooby Regular
Join Date: May 2001
Posts: 2,537
Likes: 0
Received 0 Likes
on
0 Posts
How hard is it to decompile to get at the sourcecode & hence the IP
Dont see the relivance of the IP? Copying a peice of software is a dodle(ie. writing from scratch), decompiling to get code is tough (laughably so in windows code) but possible. Anything that is in the Resources is very easy to get at. and anything that is hardcoded as a string i.e. "This is my app isn't it wizzy" will appear in the compiled code.If you have VC++ just open an EXE file and rather than "auto" select the binary or Resource option.
26 March 2003, 04:20 PM
#6
Scooby Regular
As a C/C++ programmer, agree with all the above. If there's an IP address in there, it probably could be found.
I'm just amazed no-one's queried what this sexy little product is.....
*cough* *cough*.....
I'm just amazed no-one's queried what this sexy little product is.....
*cough* *cough*.....
Trending Topics
26 March 2003, 04:33 PM
#8
Puff,
Are you referring to an IP address hardcoded into the program, or the Intellectual Property Rights over the "sexy" bit of software ?
If it's the former, then it's relatively easy to get at, unless the code was obfuscated before (or during) compilation.
If it's the latter, then get a copy of the app and its sources onto a CD and send it to yourself in tonight's post ... being careful that nobody opens the envelope when it arrives tomorrow
Make sure that you use a normal post box, rather than a company franking machine!!
Are you referring to an IP address hardcoded into the program, or the Intellectual Property Rights over the "sexy" bit of software ?
If it's the former, then it's relatively easy to get at, unless the code was obfuscated before (or during) compilation.
If it's the latter, then get a copy of the app and its sources onto a CD and send it to yourself in tonight's post ... being careful that nobody opens the envelope when it arrives tomorrow
Make sure that you use a normal post box, rather than a company franking machine!!
27 March 2003, 09:39 AM
#12
Scooby Regular
Join Date: Jul 2000
Location: Islington
Posts: 2,145
Likes: 0
Received 0 Likes
on
0 Posts
Why do you want to decompile an exe when you've said "good job the source code's not on the network", implying you do have the code.
Did I misinterpret that?
Did I misinterpret that?
27 March 2003, 09:43 AM
#14
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
I think he's worried about the thieving scum decompiling it, getting some source code of sort, and ruining what they have probably spent loads on working out.
Given that they seemed to have targeted it specifically, they may be at least able to reverse engineer to assembler so they may know how the code works and re-engineer it themselves....it happens
Given that they seemed to have targeted it specifically, they may be at least able to reverse engineer to assembler so they may know how the code works and re-engineer it themselves....it happens
27 March 2003, 11:18 AM
#18
Scooby Regular
Join Date: Mar 2002
Posts: 337
Likes: 0
Received 0 Likes
on
0 Posts
If they will go to the effort of stealing the hardware, stealing the software is a doddle. Patent the idea asap.
All you need to do is hire a competent assembler programmer and use win32dasm.
Good luck, industrial espionage stinks.
All you need to do is hire a competent assembler programmer and use win32dasm.
Good luck, industrial espionage stinks.
27 March 2003, 11:52 AM
#19
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
Puff,
How do they know what you are doing? Is it publicised within your industry? Leaked information? Inside job?
Seems a bit too specialised an op for a chance opportunity given what they did not take. How do they know what you do, and who are they likely to be or give the information to?
Intrigued at how specialised what they nicked was
How do they know what you are doing? Is it publicised within your industry? Leaked information? Inside job?
Seems a bit too specialised an op for a chance opportunity given what they did not take. How do they know what you do, and who are they likely to be or give the information to?
Intrigued at how specialised what they nicked was
27 March 2003, 12:02 PM
#20
We're hoping that a non-specialist was behind it (possible) but its a LOT of effort to go to just for that - plus the other members of the team need to be paid etc etc, as the risk is high. If its in the hands of a non-specialist, then the program will be completely useless in a couple of days
If not then we'll have to wait & see...
If not then we'll have to wait & see...
Thread
Thread Starter
Forum
Replies
Last Post