Understanding Decompilers and Phases of Decompilation

decompilers l.w
1 / 21
Embed
Share

Learn about decompilers, phases like Loading, Disassembly, Lifting, Dataflow Analysis, and more. Explore reverse compilation techniques in this comprehensive resource collection.

  • Decompilers
  • Reverse Compilation
  • Decompilation Phases
  • Reverse Engineering
  • Dataflow Analysis
rayaanacharya
waon780 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Decompilers

  2. Resources Cifuentes Thesis: Reverse Compilation Techniques I will be posting other resources on the website

  3. What is a Decompiler?

  4. Phases of Decompilation 1. Loading 2. Disassembly 3. Lifting 4. Dataflow Analysis 5. Type Inference 6. CodeGen 7. Name Recovery???

  5. Loading You ve done this!

  6. Disassembly You ve done this too!

  7. Lifting Intermediate Representation (IR) Concise description of instruction semantics Three-argument IR Examples: BAP, VEX Abstract across architectures Common abstractions? Representing memory? Registers? Organized in basic blocks

  8. Data Flow Analysis Constant Propagation Calling Convention Analysis Condition Code Propagation Register Copy Elimination Stack Frame Analysis Dead Register & Condition Code Elimination Variable Recovery

  9. Constant Propagation - resolving indirection - deobfuscation 1 2 3 4 5

  10. Variable Recovery ra var_10 var_40 var_44 var_x var_y

  11. Register Copy Elimination

  12. Dead Condition Code Elimination Important when lifted to IR

  13. Condition Code Propagation

  14. Stack Frame Analysis Abstract Domain: {rsp, rbp} {1,2, } and and Track constant offsets off of rbp and rsp Determine overapproximation of stack from size at all program points in function

  15. Control Flow Structuring if ( ) { while ( ) { goto lbl } } else if ( ) { } else { if ( ) { lbl: for ( ) { } } }

  16. Control Flow Structuring

  17. Control Flow Structuring Basic Pattern Matching Cifuentes Thesis Phoenix No More Goto Focus of next week

  18. Type Inference Early approaches: Unification-Based Relies on the equality constraint Type(a) == Type(b) Problems: Overunification Not expressive enough (missing fields, pointer passing) TIE: subtying! Relies on the subtyping constraint ???? ???? ? ????(????(?)) Retypd: polymorphic types! existential types! (i.e. generics and interfaces)

  19. Codegen Now we have functions, IR, etc. But how do we get C? Translate semantics of IR and control flow into pseudocode

  20. Future Directions: Name Recovery - Now we have variables, but they don t mean much! - Can we automate recovering variables names? - DEEP LEARNING!!! - DIRE, Debin

Related


Overview of Compiler Technology and Related Terminology

Overview of Compiler Technology and Related Terminology

collymore_k
Native x86 Decompilation with Semantics-Preserving Structural Analysis

Native x86 Decompilation with Semantics-Preserving Structural Analysis

wwolt

More Related Content