Why can't EXE's be reverse-engineered?

OSR_Community_User · February 7, 2003, 12:44am

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

OSR_Community_User · February 7, 2003, 12:59am

Because of several reasons.
We dont know the language used for coding that binary
We dont know the compiler / assembler used.
These are the most common reasons that comes immediately in my mind… But iam sure there are plenty enough…

Regards,
Vijay Anand
----- Original Message -----
From: Seshagiri Babu K V
To: NT Developers Interest List
Sent: Friday, February 07, 2003 11:13 AM
Subject: [ntdev] Why can’t EXE’s be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

You are currently subscribed to ntdev as: xxxxx@moschip.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · February 7, 2003, 2:29am

User will not .obj files, he can get assembly code from DLL/EXE using disassemblers like IDA ( more over, it can some more info which helps to reverse eng some logic or so ). If u want to know what it is difficult, just give a Try

Regards,
Satish K.S

----- Original Message -----
From: Seshagiri Babu K V
To: NT Developers Interest List
Sent: Friday, February 07, 2003 11:13 AM
Subject: [ntdev] Why can’t EXE’s be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

You are currently subscribed to ntdev as: xxxxx@aalayance.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Don_Burn_1 · February 7, 2003, 6:59am

As a guy who developed compilers for a number of years, the
problem is that a good compiler will optimize the heck out of
the code, and make it unrecognizable. If you have debugging
turned on, with little optimization it can be done, but you still
need to know how particular the compiler generates code.

Don Burn
Egenera, Inc
----- Original Message -----
From: Seshagiri Babu K V
To: NT Developers Interest List
Sent: Friday, February 07, 2003 12:43 AM
Subject: [ntdev] Why can’t EXE’s be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

OSR_Community_User · February 7, 2003, 8:16am

Try it yourself and you will understand
----- Original Message -----
From: Seshagiri Babu K V
To: NT Developers Interest List
Sent: Friday, February 07, 2003 8:43 AM
Subject: [ntdev] Why can’t EXE’s be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · February 7, 2003, 9:16am

You are right!!! One more hobby for me
----- Original Message -----
From: Maxim S. Shatskih
To: NT Developers Interest List
Sent: Friday, February 07, 2003 6:47 PM
Subject: [ntdev] Re: Why can’t EXE’s be reverse-engineered?

Try it yourself and you will understand
----- Original Message -----
From: Seshagiri Babu K V
To: NT Developers Interest List
Sent: Friday, February 07, 2003 8:43 AM
Subject: [ntdev] Why can’t EXE’s be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@sasken.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

OSR_Community_User · February 7, 2003, 12:40pm

At 11:29 AM 2/7/03 +0530, anand wrote:

Because of several reasons.
We dont know the language used for coding that binary
We dont know the compiler / assembler used.
These are the most common reasons that comes immediately in my mind… But
iam sure there are plenty enough…

Actually, there are some fairly amazing decompilers out there that can even
roughly reconstruct loops, etc. from nothing more than the assembly code. I
wouldn’t presume that your .EXE’s are safe from reverse engineering.

Christine_Ames · February 7, 2003, 1:05pm

> -----Original Message-----

From: Richard L Hartman [mailto:xxxxx@realresume.com]
Sent: Friday, February 07, 2003 9:44 AM

At 11:29 AM 2/7/03 +0530, anand wrote:
>Because of several reasons.
>We dont know the language used for coding that binary
>We dont know the compiler / assembler used.
>These are the most common reasons that comes immediately in
my mind… But
>iam sure there are plenty enough…

Actually, there are some fairly amazing decompilers out there
that can even
roughly reconstruct loops, etc. from nothing more than the
assembly code. I
wouldn’t presume that your .EXE’s are safe from reverse engineering.

Exactly. The answer to the question, “Why can’t EXE’s be
reverse-engineered?”, is that they can be. It’s called “disassembling”.

For disassemblers try:

IDA Pro from http://www.datarescue.com/ida.htm
Sourcer from http://www.v-com.com
I’ve also had suggested “debug.com”, and “dumpbin /disasm”

More discussion in the archives under the subject “Disassembler
Suggestions”.

“Anything that one person can do, another can undo.”

–Christine

OSR_Community_User · February 8, 2003, 12:30am

Decompilers??? Can you pls give us a link/pointers…
I hope you are not talking about disassemblers…

----- Original Message -----
From: “Richard L Hartman”
To: “NT Developers Interest List”
Sent: Friday, February 07, 2003 11:14 PM
Subject: [ntdev] Re: Why can’t EXE’s be reverse-engineered?

> At 11:29 AM 2/7/03 +0530, anand wrote:
> >Because of several reasons.
> >We dont know the language used for coding that binary
> >We dont know the compiler / assembler used.
> >These are the most common reasons that comes immediately in my mind… But
> >iam sure there are plenty enough…
>
> Actually, there are some fairly amazing decompilers out there that can
even
> roughly reconstruct loops, etc. from nothing more than the assembly code.
I
> wouldn’t presume that your .EXE’s are safe from reverse engineering.
>
>
>
> —
> You are currently subscribed to ntdev as: xxxxx@moschip.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>

Why can't EXE's be reverse-engineered?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

Doesn’t the EXE (or a dll or whatever) format be used for reverse-engineering. Doesn’t obj files tell everything about the code? Why is reverse-engineering so difficult in this case?

You are currently subscribed to ntdev as: xxxxx@storagecraft.com To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntdev as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com