hello can anyone share with me any free download for a program to decompile exe file. i want to extract source code of that program. thanks
exe is an extension on an 'executable', executable were converted to machine code during their compilation. So unless the code was written with an old version of Visual Basic such as VB6 or earlier, decompiling the exe to source is impossible. You can't 'extract' the source code because there is no source included, it had already been converted to machine language.
so i know this is a bit off-topic, but if .exe's are 'converted to machine language' then how come Zend encoded php source is still decryptable? surely the source has gotta be in there somewhere. if it is just machine code then it shouldn't be decodable back into source ...
Um... because php is not an .exe .... And a ZendGaurd encrypted PHP file is still being decoded by an outside source such as the Zend Optimizer (which is why you can't run the encrypted php on a server without Zend Optimizer installed) Totally apples and Oranges there. I take it you never did anything beyond scripting? When it comes to Desktop development we're not dealing with an interpretor (least we haven't in over a decade) like we would with PHP, ASP, CF, etc. When you write code with a desktop programming language, the code is validated and then run thru a compiler. The compiler takes the code and converts their meaning into machine code. The end result is a mostly self-sufficient executable. PhP, encrypted or otherwise is still reliant on a PHP interpreter or a loader (such as Zend Optimizer or Ioncube Loader). Also it is nearly impossible to automatically reverse low level machine instructions back into a high level language format, especially if you have no clue which of the dozens of desktop programming languages available were used to write it. I say 'nearly' impossible because it would be possible by someone who already knew how to program the thing to think of ways you would write it in a higher level language to accomplish the same task. I grew up programming C++, Visual Basic, VC++, Pascal, etc before moving onto web scripting languages such as ASP and PHP, I would think I know what I'm talking about especially in the area of reverse engineering (which was very easy to do on Visual Basic 6 and earlier because the code was never 'completely' compiled)
hi thanks for your help guys.. but i find lots of decompilers... available... i know that its in c++. so I any of you find a good decompiler for c++ files then please let me know.. I also THINK that this exe has been created by php to exe... converter ( for win32 desktop) not sure but have seen similar codes in php...with same file names for external text files... same purpose of these files... this exe has little extra features...and usability... thanks for your time and and effort to help me guide me.........
Then use one of the decompilers. How do you know it was in C++? If you can see C++ code its not compiled yet. I thought there was a lot of decompilers already? Programmers tend to use similar variable names accross almost any programming language.
actually no, i've only ever learned web scripting languages...which is why i actually thought that when Zend 'encodes' php into 'machine code' it's actually taking the php source and compiling it into code that 'can't be reversed' - since it becomes machine code, there's no way of knowing what the 'source' language was that created it; e.g. the resulting machine code is simply decoded by the cpu. i think that's what you're saying above, but only in the case of Desktop languages...so excuse me if i seem to be telling you like it is - but i'm only suggesting how i think it is, not that i'm correct and you aren't!
Essentially thats how it goes, Zend Guard or Ioncube encoder, essentially obfusicates and turnes into 'bytecode' the original PHP script, but to actually run it requires the loader (Zend Optimzier and Ioncube Loaders) to interpret the data that was encoded, so in a sense its not a self substaining encoding. Where as with most desktop-oriented languages (say C++ for example) , you have an editor, that can also include a runtime compiler. Basically allowing you to test and debug the code. When you're finally ready for the final output the code is sent thru a compiler, this essentially takes the language and replaces everything with the raw assembly instructions used to accomplish those tasks. The end result is a machine language of pretty much processor instruction codes (a lot of push/peek/jump instructions). Some functionalities may exist in collective libraries such as DLL files which are still compiled but it allows developers to reuse functionality and keep the original exe smaller (such as the .net framework, or long time ago when you needed a VB runtime file). The exception of course was languages that didn't fully compile the code but instead took a loader and embeded the code at the tail, so it was the same as running the code from the editor, and old example would be QuickBasic for dos. Course I remember being able to decompile Visual Basic programs up until verison 6.0, since the code was essentially intact, just used a loader at the head of the executable to pass the code thru to the VB runtime files. Now days its rarely done that way to prevent piracy. I pretty much went from a background of QBasic, C/C++, 8bit assembly, Pascal, Fortran, Visual Basic, Visual C++, Delphi etc, and just hopped into webdevelopment starting with ASP M$ SQL and then eventually PHP/MySQL and Python where I'm at now. The "art" of reversing machine code is called Reverse Engineering, and there are some people who make a very good living at it, but it is never done on full automation like the OP is hoping for, and requires that the person breaking the code would essentially have the programming ability to know how to rewrite the code once learning what it does.
EXE2ASM - Exe can be decompiled back to Assembly language instructions. then: ASM2C - but will definitely very costly may be if there still exists one. .NET executables - Fully decompilable if not obfuscated PHP2EXE - Fully decompilable, since php interpreter is embedded alongwith php sources and extensions in the resources of the executable. First decompress using upx then extract resources. Or sendm me file link to try. ----------------------------- EXE2ASM: Decompiling most of the networking utilities found in the windows directory, So to use their source code in our own appz. So far I have reconstructed and optimized Ping.asm, If you have some knowledge in Winsock API's and reverse engineering in general, give me a hand. These utilities use plain C functions and few win32 APIs, plus little winsocks. http://3564020356.org/cgi-bin/xprj.cgi http://www.program-transformation.org/Transform/DecompilationResources Besides: decompiling executables back to normal c or c++ source is not a small job. regards