views:

3001

answers:

9

I have a small utility that was originally written in VS2005.

I need to make a small change, but the source code for one of the dlls has been lost somewhere.

Is there a free or reasonably priced tool to reverse engineer the dll back to C++ code.

A: 

No such tools exist - once the code is compiled, the source is gone.

anon
The source might be gone, but the "code" is still there. There's been a lot of effort in creating tools that can convert compiled code into c/c++ code (though they are FAR from perfect). But at the very least, you can change the assembly (after all, people write entire programs in assembly).
Grant Peters
Hex rays decompiler does a great job, check it , it might change your views.
Sumit Ghosh
A: 

You cant turn meat back to a animal and even if you could you would have a dead animal :P

Petoj
Maybe except when the animal is Java..
Subtwo
Yes you can. The animal will look hideous but will walk and function the same way as the original!
Paul Dixon
agreed to paul on this..
Sumit Ghosh
@Subtwo: can you recover variable names in java?
static_rtti
yes i think so, or i dont think the java compiler changes the names when compiled to bytecode
Petoj
A: 

If your small change is to edit some text or to skip some routines, you could use a hex editor or a disassembler, but you won't be able to see the original C++ code, and even if you find a tool that turns the DLL back into code, all the variable names would be gone and it would be a big mess.

schnaader
+9  A: 

Hex-Rays decompiler is a great tool, but the code will be quite hard to read and you will have to spend a lot of time to reverse engineer the whole DLL.

Jonas Gulle
Hex rays is probably the best but the code it will give you will only be usefull in figuring out how certain parts of it work and cant compile it. +1
Tim Matthews
If the change is small enough you can use the output of the decompiler to patch the dll in assembly use OllyDbg for instance.
shoosh
Yes, OllyDbg was always my favorite to patch dlls, but only after SoftICE. How can anybody forget the legendary "SoftICe" ?
AB Kolan
+3  A: 

I don't know the exact situation you have, and how much the functionality the DLL implements for your application. But I would argue that in most cases it would be better to rewrite the missing DLL based on the known functionality.

This is especially true if you have some documentation for it.

Trying to reverse engineer the binary code to assembler, then to C++ and then try to modify it to provide the existing functionality will be in most cases to time consuming, and maybe even impossible.

Dani van der Meer
A: 

You have to do it like game and app crackers do: Use a disassembler and hack the Assembler code.

+4  A: 

You might also want to have a look at OllyDbg which is a 32-bit assembler level analysing debugger. It's to analyze binary code in scenarios when you do not have a source code. It is light weight debugger. OllyDbg is a shareware so you can download & use it for free..!!

Visit OllyDbg is home page here

PS: Back in the day crackers used SoftICE from NuMega for debugging into an executable & grab a snapshot at the values of registers. SoftICE was an advanced debugger. It was definitely the favorite tool for the crackers. I don't know about the present status of the product. NuMega's site had no information about it. I may overlooked it but I could not find it. I recommend that you get your hands on a legacy version (4.0x) of SoftICE & apply the WindowsXP patch for SoftICE. Working with SoftICE is something of an "experience".

Further Read: Reversing: Secrets of Reverse Engineering by Eldad Eilam

AB Kolan
A: 

A little depending on your situation I would keep the legacy/binary DLL as-is and write a wrapper DLL that will change and/or add any additional behavior.

The idea is to aggregate the old functionality in a new DLL which imports the old one.

Subtwo
A: 

IF it was done in .NET then why not use the dotNet Reflector.

Linoxxis