ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hei..
This may "X" question..but..okey.
Howto reverce compile virus.Like this (picture.txt.pif)Winvirus.
I use slacky 10.2
I try rec Decompiler..ain't work.
I only want to see source.
I hope sombody know and understand my spesial english
generally there is no way to decompile a binary file.. the compiler makes so many changes that to get it back to the highlevel source code impossible to do with accuracy..
there are disassemblers where you can break an executable down into assembly.. this is the most common way to do what you are requesting..
depending on what lang the binary was written in there can be some exceptions.. i believe there is a relatively good VB disassembler that can generate source.. but i am not familiar with them other than in just a quick read a long time ago..
btw there is no decompiling,, only thing that can be done is to disassemble and then generate highlevel code from the assembly..
This is a touchy topic. I guess no one will complain when "decompiling" viruses, but to do this to copyrighted software, i.e. anything made by Microsoft is very illegal. I don't know how to do it and where to get software to do it with, but I thought I should bring that up.
To add on to what xhi said: generally, you can disassemble an executable pretty easily using the "objdump -d" command. The output from this, however, will be essentially useless to you if you don't know assembly.
Depending on what type of file it is, it may be helpful to view the literal strings stored in the file; the "strings" program can do this. You can also try to view the whole file as text (using a program like "less") or with a hex dumper ("hexdump" or "hd").
These latter techniques might be most helpful for understanding a pif file; you can refer to a documentation about the format at http://http://www.smsoft.ru/en/pifdoc.htm
Distribution: Microsoft Windows XP Professional SP2; Slackware Linux 10.2
Posts: 215
Rep:
There's no "decompile." Like others have said, there are disassemblers, but only the most experienced of software engineers can really use them, and a lot of the programs used for doing this are rather... "fringe," in other words, they are developed by a few lone hackers, there's rarely any large support for them given the legal issues.
By the way, hex editors are completely useless to most of the computer using world, unless you know how to read machine language.
but to do this to copyrighted software, i.e. anything made by Microsoft is very illegal.
That depends very much what country you live in. E.g. in my country it is allowed, no matter what some license/EULA states about it. And rightly so IMO.
He
hee!
bill's bills.
In finland we have new law...If you write to here and ask..how to decoding something..you are griminal and you can get 1year in prison.
If you have decoding printed on you t-shirt it's griminal.
Today kids with mp3 player are griminal...Funny
Anyway I want to see that virus.Maybe I put winblows in my laptop and see what happend.
No Bill's.I try it with slacky..
And again you are wonderful!
Hups this ain't chat.Sorry
There aren't any international laws that would cover you
I heard "free speech" is sort of an international law. But that apparently doesn't cover "free reading" when it comes to reading code that runs on our computers. :-(
Micro$oft EULA's usually says that the software product is covered by the US legal restictions, so when you agree to the EULA you are giving up your country's right to disassemble and/or reverse engineer ms stuff.
This is a touchy topic. I guess no one will complain when "decompiling" viruses, but to do this to copyrighted software, i.e. anything made by Microsoft is very illegal.
hi all,
just a curious question from novice viewpoint. as
Quote:
there are disassemblers where you
can break an executable down into assembly..
this is the most common way to do what you are requesting..
Suppose I have a C file compiled on RH9. The a.out file shows all the information about on which OS the file was compiled using which compiler...
i tested it with vi editor and "vi a.out" shows (just the part of it, it was actually in single line, but I am breaking it into many lines):
Code:
GCC: (GNU) 3.2.2 20030222 (Red Hat Linux 3.2.)^@^@GCC: (GNU) 3.2.2 20030222 (Red Hat Linux 3.2.2-5)^
@^@GCC: (GNU) 3.4.5^@^@GCC: (GNU) 3.4.5^@^@GCC: (GNU) 3.4.5^@^@GCC: (GNU) 3.2.2 20030222 (Red Hat Li
nux 3.2.2-5)^@^@^\^@^@^@^B^@^@^@^@^@^D^@^@^@^@^@ <84>^D^H$^@^@^@^@^@^@^@^@^@^@^@,^@^@^@^B^@ ^@^@^D^
@^@^@^@^@D<96>^D^H^T^@^@^@T<83>^D^H^L^@^@^@D<84>^D^H#^@^@^@^@^@^@^@^@^@^@^@$^@^@^@^B^@Ã ^@^@^D^@^@^
@^@^@Z<96>^D^H^E^@^@^@i<83>^D^H^B^@^@^@^@^@^@^@^@^@^@^@!^@^@^@^B^@<84>^@^@^@<9c>^H^@^@<84>^H^@^@_IO_
stdin_used^@^@^@^@^@<80>^@^@^@^B^@^@^@^@^@^D^A^@^@^@^@ <84>^D^HD<84>^D^H../sysdeps/i386/elf/start.S^
@/usr/src/build/231499-i386/BUILD/glibc-2.3.2-20030313/csu^@GNU AS 2.13.90.0.18
now my question is what exactly do dissamblers do.
do they read the complete executable file and then create the assembly language of it or
do the a.out have to be executed on the machine to be able to create the assembly code.
in which case the kernel read line by line of the commands to be executed arising from a.out and create the assembly code???
Micro$oft EULA's usually says that the software product is covered by the US legal restictions, so when you agree to the EULA you are giving up your country's right to disassemble and/or reverse engineer ms stuff.
Read your EULA's people.
Not true the following is from section 17 APPLICABLE LAW of Microsoft's EULA for XP:
Quote:
If this Product was acquired outside the United States, then local law may apply.
An earlier thread discussed this in detail with a strong leaning towards it doesn't matter what they put in the EULA if it can't be enforced, and much of it is to scare you away.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.