I have a small utility that was originally written in VS2005.
I need to make a small change, but the source code for one of the dlls has been lost somewhere.
Is there a free or reasonably priced tool to reverse engineer the dll back to C++ code.
The source might be gone, but the "code" is still there. There's been a lot of effort in creating tools that can convert compiled code into c/c++ code (though they are FAR from perfect). But at the very least, you can change the assembly (after all, people write entire programs in assembly).
Grant Peters
2009-03-08 15:04:52
Hex rays decompiler does a great job, check it , it might change your views.
Sumit Ghosh
2009-09-17 00:50:55
A:
You cant turn meat back to a animal and even if you could you would have a dead animal :P
Petoj
2009-03-08 12:15:33
Yes you can. The animal will look hideous but will walk and function the same way as the original!
Paul Dixon
2009-03-08 14:11:47
yes i think so, or i dont think the java compiler changes the names when compiled to bytecode
Petoj
2009-10-07 08:46:54
A:
If your small change is to edit some text or to skip some routines, you could use a hex editor or a disassembler, but you won't be able to see the original C++ code, and even if you find a tool that turns the DLL back into code, all the variable names would be gone and it would be a big mess.
schnaader
2009-03-08 12:18:26
+9
A:
Hex-Rays decompiler is a great tool, but the code will be quite hard to read and you will have to spend a lot of time to reverse engineer the whole DLL.
Jonas Gulle
2009-03-08 12:19:40
Hex rays is probably the best but the code it will give you will only be usefull in figuring out how certain parts of it work and cant compile it. +1
Tim Matthews
2009-03-08 12:23:59
If the change is small enough you can use the output of the decompiler to patch the dll in assembly use OllyDbg for instance.
shoosh
2009-03-08 14:08:30
Yes, OllyDbg was always my favorite to patch dlls, but only after SoftICE. How can anybody forget the legendary "SoftICe" ?
AB Kolan
2009-03-08 14:16:04
+3
A:
I don't know the exact situation you have, and how much the functionality the DLL implements for your application. But I would argue that in most cases it would be better to rewrite the missing DLL based on the known functionality.
This is especially true if you have some documentation for it.
Trying to reverse engineer the binary code to assembler, then to C++ and then try to modify it to provide the existing functionality will be in most cases to time consuming, and maybe even impossible.
Dani van der Meer
2009-03-08 13:03:39
+4
A:
You might also want to have a look at OllyDbg which is a 32-bit assembler level analysing debugger. It's to analyze binary code in scenarios when you do not have a source code. It is light weight debugger. OllyDbg is a shareware so you can download & use it for free..!!
Visit OllyDbg is home page here
PS: Back in the day crackers used SoftICE from NuMega for debugging into an executable & grab a snapshot at the values of registers. SoftICE was an advanced debugger. It was definitely the favorite tool for the crackers. I don't know about the present status of the product. NuMega's site had no information about it. I may overlooked it but I could not find it. I recommend that you get your hands on a legacy version (4.0x) of SoftICE & apply the WindowsXP patch for SoftICE. Working with SoftICE is something of an "experience".
Further Read: Reversing: Secrets of Reverse Engineering by Eldad Eilam
AB Kolan
2009-03-08 14:02:16
A:
A little depending on your situation I would keep the legacy/binary DLL as-is and write a wrapper DLL that will change and/or add any additional behavior.
The idea is to aggregate the old functionality in a new DLL which imports the old one.
Subtwo
2009-03-08 14:13:13