#decompiler — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #decompiler, aggregated by home.social.
-
*vineflowering*
-
This presentation remains the go-to reference for learning the inner workings of the IDA Pro Hex-Rays decompiler:
(video) https://www.youtube.com/watch?v=T-YkhNElvng
(article) https://i.blackhat.com/us-18/Thu-August-9/us-18-Guilfanov-Decompiler-Internals-Microcode-wp.pdf
#decompiler #reverseengineer #informationsecurity #cybersecurity
-
Decomp2dbg:
"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."
-
Decomp2dbg:
"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."
-
Decomp2dbg:
"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."
-
Decomp2dbg:
"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."
-
Decomp2dbg:
"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."
-
JVM exceptions are weird: a decompiler perspective
https://purplesyringa.moe/blog/jvm-exceptions-are-weird-a-decompiler-perspective/
#HackerNews #JVM #exceptions #decompiler #perspective #programming #blog #tech #insights
-
JVM exceptions are weird: a decompiler perspective
https://purplesyringa.moe/blog/jvm-exceptions-are-weird-a-decompiler-perspective/
#HackerNews #JVM #exceptions #decompiler #programming #tech #blog
-
https://github.com/Hexorg/Ouroboros #decompiler written in #rust can now open PE32 files and decompile them. Decompiler isn’t complete of course - expect unresolved expressions and crashes too. But basics work. Open a file, then hover over a byte And press D to disassemble from from that byte onwards. Then hover over instruction address and press F to define function start there. This will show the function in decompile view.
-
@myfear Oh no, #IntelliJ #IDEA comes with a #decompiler? 🫨 Better uninstall it before visiting Germany, because simply having one on your computer could get you thrown in #jail! 🚔
-
🤦♂️ Behold the #Fernflower Java #Decompiler, where #JetBrains bravely attempts to turn inscrutable #bytecode gibberish back into Java—truly the hero we neither asked for nor needed. Meanwhile, #GitHub leaps in with #AI wizardry to help developers write "better" code, because clearly, human-written code just isn't confusing enough. 🌟
https://github.com/JetBrains/fernflower #CodeDevelopment #HackerNews #ngated -
One Open-source Project Daily
Python decompiler for 3.7-3.8 Stripped down from uncompyle6 so we can refactor and start to fix up some long-standing problems
https://github.com/rocky/python-decompile3
#1ospd #opensource #bytecode #decompiler #python -
Aside of the awesome diagrams that Mermaid.js can generate I'd like to highlight this script that is really helpful when you want to figure out how #decompiler represents different pieces of code:
https://github.com/v-p-b/ghidra-cheat-sheet/blob/main/scripts/dump_clang.py
Sample output:
https://scrapco.de/ghidra-cheat-sheet/decompiler/structure_samples/ -
"AI-Powered Reverse Engineering: Decompiling Binaries with AI" https://www.youtube.com/watch?v=f9-fop5dttg by @secfatal #llm #decompiler #radare2
-
RULECOMPILE - Undocumented Ghidra decompiler rule language
-
Time for another blog post!
This time we are tackling .NET debuggers and make them display garbage data with the help of proxy objects and debugger display attributes.
Full post: https://washi.dev/blog/posts/debugger-proxy-objects/
PoC Implementation: https://github.com/Washi1337/ProxyObjects#dotnet #obfuscation #reversing #asmresolver #cil #dnspy #decompiler #debugger #poc
-
Time for another blog post!
This time we are tackling .NET debuggers and make them display garbage data with the help of proxy objects and debugger display attributes.
Full post: https://washi.dev/blog/posts/debugger-proxy-objects/
PoC Implementation: https://github.com/Washi1337/ProxyObjects#dotnet #obfuscation #reversing #asmresolver #cil #dnspy #decompiler #debugger #poc
-
🪲 Heads up, Bug Hunters 🪲 We’re still searching for vulnerabilities in IDA and the Decompiler. Help us find one, and you might earn a nice cash reward. Read more 🌐 https://hex-rays.com/bugbounty/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=bug-bounty-december-2023
-
🔎🐞 We are on the lookout for vulnerabilities in IDA and the Decompiler, and if you find one, you might earn a reward. Learn more about our Bug Bounty Program and start hunting today 🌐 https://hex-rays.com/bugbounty/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=bug-bounty-june-2023
-
Ready to test your skills? Start hunting for security bugs, send us a report, and get a reward 🌐 https://hex-rays.com/bugbounty/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=bug-bounty-feb-2023
-
It has been a long time since a security bug was reported! Can you find one? We’ve got a reward waiting for you! More info 🌐 https://hex-rays.com/bugbounty/?utm_source=Social-Media-Post&utm_medium=Twitter&utm_campaign=bug-bounty-jan-2023
-
[RSS] Reko #decompiler version 0.11.6 released
https://github.com/uxmal/reko/releases/tag/version-0.11.6 -
Stiver, author of the #Fernflower #decompiler for #Java, has passed away. His decompiler is used in tools such as #IntelliJ IDEA and #minecraft MCP for #modding projects.
https://blog.jetbrains.com/idea/2024/11/in-memory-of-stiver/#MinecraftMod #JVM #ReverseEngineering #JetBrains #IntelliJIDEA
-
The Legend of Zelda: Decompiled - Keeping source code to programs closed is something that is generally frowned upon... - https://hackaday.com/2021/12/24/the-legend-of-zelda-decompiled/ #ocarinaoftime #decompiler #sourcecode #decompile #compiler #nintendo #games #zelda #n64 #c
-
Dear everyone in the academia (and maybe elsewhere) doing #bindiffing research: #SymbolicExecution does not work for comparing different architectures, unless you are using as input for your symbolic execution tool *decompiled code*.
If you are using assembly or using an IR (Intermediate Representation) based on assembler (like Ghidra' p-code, IDA's microcode, LLVM's IR, etc), it will inevitably produce different outputs.
Your best IR for #diffing is pseudo-code, the #decompiler's output.
-
Optionally, if I have enough time and it proves to be really useful: use #symbolic #execution to determine if #decompiled code corresponds to original sources code. It doesn't look trivial at all, as codes written by humans tends to be much more verbose, logical, etc, than codes generated by compilers.
In summary: it's hard to compare, say, humans written Abstract Syntax Trees against the #AST given by an optimising #decompiler taking as input code optimised by a #compiler.
-
Did you know that enums can be used in pseudocode and not just disassembly 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-149-using-symbolic-constants-in-the-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-149
-
Observing some strange-looking address expressions in the pseudocode? No problem, see how you can improve them 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-143-fixing-wrong-address-references-in-the-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-143
-
We know that Rust is gaining more popularity, and we will enhance our support. We’ve reached the first milestone–string literals recovery 🎉 It is a valuable addition that can benefit many of you right away. Give it a try 🌐 https://hex-rays.com/blog/rust-analysis-plugin-tech-preview/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=rust-plugin-01
-
Some arguments passed to a function seem a bit weird? Check if this attribute can help get you better decompilation 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-177-unused-argument-attribute/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-177
-
Your function seems to use the same stack slot for different purposes? "Split variable" might help 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-176-handling-stack-reuse-in-the-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-176
-
Need to edit a type used in decompiler but having trouble locating it among all the others? Quickly jump to the exact type you need using these small tricks 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-173-navigating-to-types-from-pseudocode/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-173
-
Did you know you can do some small edits to the types directly in the Pseudocode View? 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-172-type-editing-from-pseudocode/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-172
-
The decompiler complains that a function is too big? Learn how to ask nicely to decompile it anyway 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-166-dealing-with-too-big-function/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-166
-
Another reason for getting a shorter pseudocode than disassembly could be a missing function argument. Check how to handle this 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-164-wheres-my-code-the-case-of-missing-function-arguments/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-164
-
Pseudocode looks too short, but the previous post did not help? See if your situation is covered by this one🌐 https://hex-rays.com/blog/igors-tip-of-the-week-162-wheres-my-code-the-case-of-no-return-call/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-162
-
Distracted by all those casts, and you don’t really need to see them? You can hide them, but beware of wrong results 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-160-hiding-casts-in-the-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-160
-
The pseudocode looks too short compared to the disassembly, and the decompiler mentions "constant data"? Maybe you need to tell it otherwise 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-159-wheres-my-code-the-case-of-not-so-constant-data/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-159
-
You’ve made some changes to the database, but the pseudocode listing is still the same? See how to make sure it is up-to-date 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-158-refreshing-pseudocode/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-158
-
A closer look at the decompiled code shows strange function arguments? See how you can help IDA optimize the listing
🌐 https://hex-rays.com/blog/igors-tip-of-the-week-157-removing-function-arguments-in-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-157 -
These decompiler-created variables look wrong, and you think you know better? You might be able to fix things by editing the stack frame 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-155-splitting-stack-variables-in-the-decompiler/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-155
-
Did you know you can work in Pseudocode and at the same time consult the relevant line in disassembly? See how to synchronize them 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-154-synchronized-views/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-154
-
Prefer disassembly view but still want to consult decompilation? Try out this feature 🌐 https://hex-rays.com/blog/igors-tip-of-the-week-153-copying-pseudocode-to-disassembly/?utm_source=Social-Media-Post&utm_medium=Mastodon&utm_campaign=Igor-Tip-153
-
LLM4Decompile – Quand l’ #IA se met à #décompiler du #binaire
https://korben.info/llm4decompile-modele-decompilation-open-source-revolutionnaire.html
