The first programs were written in binary/hexadecimal, and only later did we invent coding languages to convert between human readable code and binary machine code.
So why can’t we just do the same thing in reverse? I hear a lot about devices from audio streaming to footware rendered useless by abandonware. Couldn’t a very smart person (or AI) just take the existing program and turn it into code?
It is not. idk who told you it was.
Disassembling an executable is trivial to do. Everything is open source if you can read assembly. Obfuscation be damned.
Well decompiling is only one step in the reverse engineering process. I would recommend taking a look at the Legend of Zelda: Ocarina of Time decompile projects. They reversed engineered the whole thing, which took years and was a team effort.
In the end they got perfectly readable source code, fully documented. And the most amazing thing is, when compiled with the right compiler and right flags, it recreates the original rom perfectly.
I would also recommend a YouTuber called Kaze. He’s been working on Mario 64 for years, re-writing large parts of the engine to get some pretty cool stuff going.
The hard part isn’t reading assembly. The hard part is figuring out why it’s doing what it’s doing with no comments or function names or anything useful to help.
This is like saying if you can read English you can understand an advanced math or physics paper written in English without having any knowledge or context of those subjects.
I’ve used a decompiler to peek at the source code of an app written in Visual Basic I wanted to recreate as a browser addon. It was mostly successful but some variable and function names were messed up.
Variable names, class names, package structure, method names, etc. won’t normally be maintained in the disassembled code. They are meaningless to the CPU, and just a series of memory addresses. In cases where you have method names being mentioned, it’s likely a syscall, and it’s calling a method from an existing library. I’m not familiar with VB, but at least in .Net and .Net Framework, this would be something like the System.Collections.Generic providing the implementation for List<string> and when .Sort() is called, it makes the syscall to that compiled .dll.
You could chuck it at an AI to reverse compile it into something readable.
Instead of just getting the down votes, I’ll explain why that wouldnt work.
- The AI itself cannot decompile it without the same tools I would use. The AI would then end up with the same starting spot I have.
- Current LLMs do not know how to interpret code logic, and would likely make mistakes in Syscalls, register addresses, and instructions.
- Assembly languages themselves have nothing further than instruction sets. I’m sure there are ways to organize it in the super rare case of actually writing assembly, but not to the effect of object oriented or functional programming.
Lastly, other comments have pointed out decompiled code is extremely expensive to analyze. The output from whatever we decompile would easily exceed the input limits for all existing LLMs.
Thanks. I was thinking that you could have an AI “looking over the shoulder” of a compiler, seeing what comes out for the code going in to it. Basically training it to spot sequences in compiled code in order to guess the instructions that compiled into that code.
Imagine being presented with an aircraft. You bloody well know what it does and you get permission to disassemble the whole thing to your heart’s content. How big of a task do you think it’d still be to be able to work out how the winged metal tube works and why it does what it does when it does it?
Exactly.
Apps are huge and compilers optimize the fuck out of the code. Code optimization doesn’t always make sense so you need to have a detailed understanding of which compilers were used. There could be hundreds of libraries involved or even layers of obfuscation in some cases. Loops can be unwrapped, or other bits of code optimized for specific architectures. Some of the logic won’t appear logical.
Disassemblers can do a decent job converting code back to C/C++, but even then, you have to go through the code line by line converting function names and variable names back to something that can be referenced later as a meaningful name.
You aren’t wrong: All the code is there. It’s just a matter of putting all the human readable references back into anything you disassembled.
Waaaay back in the day, we could tear apps apart easily if they were small. There were only a few flavors of assembly and compilers were still fairly basic for what they were. Regardless, it wasn’t a small task.
I played around with cracking for a while just to learn about it and honestly, it was kinda easy before everything was offloaded to “the cloud”. It’s just a matter of tracing execution and finding a few critical comparisons or jumps to alter. Even then, it could take me a day or two just to walk through what was basically one or two functions.
It’s always possible to convert binary (machine code) into assembly since they’re basically the same thing. Assembly is just human readable binary.
It’s not possible to generate high level source code from assembly the same way you can’t generate a recipe for a cake by analyzing the composition of the cake. It doesn’t matter how smart you are, the temperature the oven was set at and time the cake spent in the oven can’t be found in the molecular structure of a cake.
Thanks that’s actually a pretty helpful metaphor
As others have mentioned, it’s possible but very complicated. Decompilers produce code that isn’t very readable for humans.
I am indeed awaiting the big news headlines that will for some reason catch everyone by surprise when a LLM comes along that’s trained to “translate” machine code into a nice easily-comprehensible high-level programming language. It’s going to be a really big development, even though it doesn’t make programs legally “open source” it’ll make it all source available.
I am indeed awaiting the big news headlines that will for some reason catch everyone by surprise when a LLM comes along that’s trained to “translate” machine code into a nice easily-comprehensible high-level programming language.
Another commenter dismissed the idea outright. WTF… What is implausible about an LLM that takes decompiled code, deals with the obfuscating bs, recognizes known libraries, and organizes the remaining code. That will totally happen, if it hasn’t already been done.
There’s a lot of outright rejection of the possibilities of AI these days, I think because it’s turning out to be so capable. People are getting frightened of it and so jump to denial as a coping mechanism.
I recalled reading about an LLM that had been developed just a couple of weeks ago for translating source code into intermediate representations (a step along the way to full compilation) and when I went hunting for a reference to refresh my memory I found this article from March about exactly what’s being discussed here - an LLM that translates assembly language into high-level source code. Looks like this one’s just a proof of concept rather than something highly practical, but prove the concept it does.
I wonder if there are research teams out there sitting on more advanced models right now, fretting about how big a bombshell it’ll be when this gets out.
It’s easy to say that we should throw AI at a problem and in a few years it will solve it, but most of the time it doesn’t actually work that way. If you think about the Turing Test itself, where the history goes back to the 1950s, how many decades did it take for us to get to anything that could reasonably come close to passing it? So anytime you think to yourself that one of these days AI is going to get there, remember that one of these days might actually be a half century from now.
The other aspect to this challenge, or rather specifically with regards to this challenge, is that the setup involves humans organizing code in a certain way according to some kind of reasoning that the authors know about, and then that being compiled away, and then another computer program trying to get back what the original authors might have been thinking when they designed the thing originally. That’s a steep hill to climb. Can it be done on a small scale? It certainly can. On a large scale? Don’t hold your breath.
-
most software packages are ridiculously complicated. it’s not as simple as just running a decompiler and seeing code. It’s labor intensive, and loaded with bugs and errors, many of which you would never catch unless you already had in idea of what was supposed to be there.
-
many applications rely on external services/system packages that may or may not exist on your machine.
-
companies take steps to protect their application from it being reverse engineered, making it that much more difficult to actually pull off.
-
you don’t have access to the documentation/commenting that would be in the uncompiled code, turning a lot of the script into incomprehensible jibberish.
-
all the labor involved means it’s very likely to not pass the cost/benefit analysis. unless you’re able to add something to it; something the other guy doesn’t have… then you’re not going to be getting a substantial market share. It won’t be profitable.
-
In addition to the other comments that explained it well… Back in the day, that process was easier in part because executable files had far fewer instructions.
Yes, and people do do it. It’s just incredibly difficult to do it even for relatively simple programs, and the more complex the program is, the more exponentially hard the reverse engineering will be.
The problem is not necessarily turning it into code, since many decompilers do it already for you nowadays. The issue is understanding what in the world the code is supposed to do. Normally, open source code would be commented and there would be documentation, so it’s easy to edit or build on the code. Decompiled code comes with no documentation or comments, and all the variable names are virtually illegible.
It’s sometimes easier to build something new than to fix what’s broken, and this would be one of those cases where it’s true
people do do it.
giggles under my breath
Computer code is very complicated, so when humans write code we write in a way we can understand. We name functions and variables with names that make sense, and we put comments in the code so we can understand how it works.
Compliers don’t care about any of those things. Variable names are turned into numbers, and comments are ignored.
You can convert machine code back to source code, it will be missing all those human readable labels and explanations. You can recreate them, but its a major process. Reverse engineering is done sometimes, but there’s a reason is not common.
There’s also the issue of licensing. An important part of free and/or open source software is that you have permission to modify the source code. You probably don’t have a license to use the code if its closed source. There are ways to do this legally but it adds extra hurdles and inconvenience to an already major process.
deleted by creator
It’s taken years for devs to decompile Zelda let alone other projects. It’s crazy how much work goes into such projects.
It’s not. I believe lowlevellearning has a tutorial on tearing down binaries. If not him, john hammond does for sure. Both are on youtube. That skill set is usually employed in security research since it pays more than reverse engineering old software with problematic licensing and uncertain ownership.
Assuming you have all the source code… it is possible. It’s usually a huge pain in the ass though and software is so complicated that it’s extremely difficult to get anything useful.
