Question

I have a small utility that was originally written in VS2005.

I need to make a small change, but the source code for one of the dlls has been lost somewhere.

Is there a free or reasonably priced tool to reverse engineer the dll back to C++ code.

Was it helpful?

Solution

Hex-Rays decompiler is a great tool, but the code will be quite hard to read and you will have to spend a lot of time to reverse engineer the whole DLL.

OTHER TIPS

You might also want to have a look at OllyDbg which is a 32-bit assembler level analysing debugger. It is used to analyze binary code in scenarios where you do not have a source code. It is light weight debugger. OllyDbg is a shareware so you can download & use it for free..!!

Visit OllyDbg is home page here

PS: Back in the day crackers used SoftICE from NuMega for debugging into an executable & grab a snapshot at the values of registers. SoftICE was an advanced debugger. It was definitely the favorite tool for the crackers. I don't know about the present status of the product. NuMega's site had no information about it. I may have overlooked it but I could not find it. I recommend that you get your hands on a legacy version (4.0x) of SoftICE & apply the WindowsXP patch for SoftICE. Working with SoftICE is something of an "experience".

Further Read: Reversing: Secrets of Reverse Engineering by Eldad Eilam

I don't know the exact situation you have, and how much the functionality the DLL implements for your application. But I would argue that in most cases it would be better to rewrite the missing DLL based on the known functionality.

This is especially true if you have some documentation for it.

Trying to reverse engineer the binary code to assembler, then to C++ and then try to modify it to provide the existing functionality will be in most cases to time consuming, and maybe even impossible.

If your small change is to edit some text or to skip some routines, you could use a hex editor or a disassembler, but you won't be able to see the original C++ code, and even if you find a tool that turns the DLL back into code, all the variable names would be gone and it would be a big mess.

A little depending on your situation I would keep the legacy/binary DLL as-is and write a wrapper DLL that will change and/or add any additional behavior.

The idea is to aggregate the old functionality in a new DLL which imports the old one.

You have to do it like game and app crackers do: Use a disassembler and hack the Assembler code.

You cant turn meat back to a animal and even if you could you would have a dead animal :P

IF it was done in .NET then why not use the dotNet Reflector.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top