Is it possible to decompile a program while running
https://stackoverflow.com/questions/8687548
-
10-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I was wondering about cracking computer games to mod them since I like making my own game rules. The problem is that game files are encrypted and it makes game modding quite difficult. I however thought of a way around it. Since a computer cannot execute encrypted assembly data directly, it must first decrypt the information before running the instructions. Given the program has the correct key, it can then go on to decrypt the data before loading the instructions into ram or the processor. After program execution the decrypted data is thrown out of ram memory. I was however thinking that if one where to advert this problem, theoretically if you could run a side program that made a duplicate copy of all the code after decryption ... you should be able to piece together the entire program without having to decrypt it yourself. You just need to make a copy of the code during run time and then store it in rom afterwards. Later, you would then decompile the code into whatever language you want.
Is the scheme that I described accurate in regards to data encryption? 2nd of all, if my ideas are right ... would it be possible to create a duplicate of the program while running and decompile it into a language of choice afterwards?
Thanks for any response
Solution
As a direct answer, yes, that's generally how you hack programs, and this is the reason why DRM schemes (such as encrypting application logic) normally fail. Of course, the actual process may be pretty daunting, and I would contact persons with similar interests to get where you want to be. For instance, much of the data (such as variable names) are lost after the program has been compiled. You are indeed better of creating your own game as Greg proposed. Normally, these kind of things are only done to (illegally) remove protection from a game, not alter it in any significant way.
Tools you would be looking at are a debugger (for stepping through the application logic and looking at the program state in memory) and a decompiler for recreating the source in some form or other. Mind you that it may not be legal to do this in your particular jurisdiction, you've been warned.
