From the AST, the compiler will produce assembly code for the specified platform.Ī decompiler takes the opposite route. In this phase of the compilation process, referred to as parsing, the code structure is represented as a complex object, the AST. In essence, a compiler takes the source code, splits it into tokens according to a grammar, then these tokens are grouped into logical expressions. In order to understand how the decompiler works, it’s helpful to first review the normal compilation process.Ĭompilation and decompilation center around the concept of an Abstract Syntax Tree (AST). In this blog, we aim to close that gap by showcasing examples where scripting Hex-Rays goes a long way.
However, there seems to be a lack of a concise and complete resources regarding this topic (tutorials or otherwise). The decompiler (from now on referred to as Hex-Rays) has been around for a long time and has achieved a good level of maturity. The ability to switch between disassembled and decompiled code can greatly reduce the analysis time.
Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license from Hex-Rays. IDA Pro is the de facto standard when it comes to binary reverse engineering.
0 kommentar(er)
