UnDeveloper Studio
- 1. UnDeveloper Studio The Practical Decompiler
- 2. What is a decompiler? A compiler is a tool used by developers to create binary executables from source form. All programs start as a set of source files in a programming language (such as C or C++) and are ‘compiled’ into machine-specific binary files called executables. A decompiler performs the reverse action, converting machine code executables into human readable source files.
- 3. A theoretical problem For many years, computer scientists and engineers have debated about the feasibility of writing a decompiler. Some people say it can’t be done (or done correctly). Others have written theses on ways to design and build decompilers. Still, others have actually written decompilers specific to particular languages and architectures.
- 4. Examples of decompilers Mocha (1996) Java decompiler, produced somewhat readable source code. Decomp (1988) A Vax BSD 4.2 decompiler used to port ‘Empire’ to the VMS environment Forth Decompiler (1982) A useful tool built on a recursive descent parser. More of a de-parsing tool than a decompiler.
- 5. Sociopolitical Issues A good decompiler is a sociopolitical taboo. If it could be demonstrated that a generalized decompiler is possible, that produces natural, human-readable source code from any previously compiled executable, then it would prove the equivalence of source code and binary form. Most law surrounding the protection of software rights imply that source code is private intellectual property, and that executables are public distributables.
- 6. Problems with decompilers They are difficult to write. There isn’t much reference on them, and very few exist. The are usually highly focused on solving one particular problem. They generally produce barely legible output that is rarely compilable and still looks very machine generated.
- 7. REVERSE ENGINEERING DOES NOT EXIST The existence of a generalized software decompiler proves that
- 8. Well, not exactly… Reverse engineering until this point has required human intervention. It’s akin to language translation. It’s as if people expected us to be able to write something in English, translate and publish it in French, and then never be able to translate it back to English. The Digital Millennium Copyright Act states that reverse engineering executables (unless it’s for security testing purposes) is illegal.
- 9. So, compilation isn’t one way You have access to source code to all software products. All source is really open source. You can fix problems without waiting for the vendor to fix them. “Information is meant to be free” – well guess what? It is now
- 10. Current state of events There exists no practical decompiler for Windows/Intel platforms. There exists no practical decompiler for Linux, or Solaris/Sparc, or *BSD Unix. There exists no practical decompiler anywhere that guarantees that the generated source code will be recompilable.
- 11. What we can do The R&D Team has determined that building a generalized decompiler is both feasible and practical. The R&D Team has determined that writing a decompiler that generates recompilable source code without errors is possible for the Windows/x86 and Solaris/Sparc platforms. The R&D Team has determined that a decompiler can be written to produce meaningful output in various programming languages.
- 12. How can we utilize this? We can perform audits on software based solely on their binaries. Fidelity could pay us to audit MS SQL Server from the source level. We can use the software to perform outsourced source code recovery. We can provide patches along with advisories on software that we don’t have source code to. We get industry and educational recognition as being the innovators of this new technology, as well as possibly patent rights.
- 13. UnDeveloper Studio How the Decompilation Process Works
- 15. Four Stage Process Machine/OS Specific Front-End Platform Independent Universal Decompilation Engine Language Specific Back-End Environment Specific Output Engine
- 16. Machine/OS Specific Frontend Loader Signature Generator Static Library Identifier Syntax Analyzer Semantic Analyzer Intermediate Code Generation Control Flow Graph Generation
- 17. Universal Decompilation Engine Data Flow Analysis Control Flow Analysis Type Analysis Symbol Type Manager
- 18. Language Specific Back-End Language Element Identifier Unprecompiler Source Code Renderer Project File/Makefile Generator
- 19. UnDeveloper Studio New Concepts in Decompilation
- 20. Things people expect Meaningful, understandable code output Correct code output that decompiles the entire program Decompilation to a particular language (C) Decompilation from a particular platform/architecture
- 21. What we can provide Recompilable code generation Partial decompilation allowing partial recompilation Output to C and C++, possibly other languages. Generation of compiler-specific code, such as code for GCC, or MS DevStudio Decompilation for various platforms, possibly providing code portability
- 22. First Development Phase 1 Developer (DilDog) 9 Months – Internal Release of Initial Version Decompilation of Win32 Intel x86 Binaries Decompilation to C Full recompilability MS DevStudio compatible output
- 23. Second Development Phase Two Developers 6 months (15 month mark) Decompilation to C++ Partial decompilation/recompilation
- 24. Third Development Phase Four Developers 6 Months (21 month mark) Decompilation from Linux, Solaris, and *BSD binaries, MacOS 9/X, Windows CE Decompilation from Sparc, UltraSparc, G3/G4, Crusoe, StrongARM, SH-3, DragonBall and Embedded Microcontrollers Output to GCC, CodeWarrior, Sun CC, Visual Basic, Perl
- 25. Take over the world Use UDS to discover security flaws in the major world powers information infrastructure Redirect national revenue centers and disrupt electronic commerce Implement electronic transaction embargo stranglehold Enforce world tyranny with computer controlled nuclear arsenal Just kidding. Hi Echelon
- 26. The End