Decompilation Of Executive Program

With general application of computer software, decompilation of executive programs becomes important research field in reverse engineering.Many practical sites show its significance,such as migration of executive programs, security analysis of business software, cryptanalysis, and reuse of software.We put emphases on the problems which aren't well solved by current decompilation software, such as file format recognition ,separation of code and data,and signature recognition.After analysing serval decompilation pattern,we select one decompilation pattern named structured-decompilation.This pattern comprises file format recognition ,separation of code and data, and signature recognition process.During the process of file format recognition, we parse code and data segment by use of Autocode method.During the process of separation of code and data,analysing the flaw of pesu-code produced by traditional separation algorithm,we design a heuristic static separation algorithm by use of program entry and function call address,which method is applied in decompilation system combined with dynamic separation way.During process of signature recognition, analysing some flaws generated by traditional method,we design one quick comiler signature and static library signature method.Based import table feature of dynamic library, we design one dynamic library signature method by use of import table.We implement the unASM static decompilation system and cuteDBG dynamic debug system by use of VC++ and some SDK tools.At last, Analysing some aspects such as software crack, cryptanalysis and analysis of program structure,which shows practical applied place.It can recognise all executive program in Windows and Linux platform,which can separate code and data in executive program and bring one understandable pesu-assemble code.