Decompiling Delphi - 3

I came across this on delphi.about.com web site and thought it useful to add it a a reference here.

continued from part two

The art of reverse engineering has traditionally been the land of technical wizards, familiar with assembly language and debuggers. Several Delphi decompilers have appeared that allow anybody, even with limited technical knowledge, to reverse engineer most Delphi executable files. If you are interested in reverse engineering Delphi programs I suggest you to take a look at the following few "decompilers":

IDR (Interactive Delphi Reconstructor)

A decompiler of executable files (EXE) and dynamic libraries (DLL), written in Delphi and executed in Windows32 environment. Final project goal is development of the program capable to restore the most part of initial Delphi source codes from the compiled file but IDR, as well as others Delphi decompilers, cannot do it yet. Nevertheless, IDR is in a status considerably to facilitate such process. In comparison with other well known Delphi decompilers the result of IDR analysis has the greatest completeness and reliability.

Revendepro

Revendepro finds almost all structures (classes, types, procedures, etc) in the program, and generates the pascal representation, procedures will be written in assembler. Due to some limitation in assembler the generated output can not be recompiled. The source to this decompiler is freely available. Unfortunately this is the only one decompiler I was not able to use - it prompts with an exception when you try to decompile some Delphi executable file.

EMS Source Rescuer

EMS Source Rescuer is an easy-to-use wizard application which can help you to restore your lost source code. If you lose your Delphi or C++Builder project sources, but have an executable file, then this tool can rescue part of lost sources. Rescuer produces all project forms and data modules with all assigned properties and events. Produced event procedures don't have a body (it is not a decompiler), but have an address of code in executable file. In most cases Rescuer saves 50-90% of your time to project restoration.

DeDe

DeDe is a very fast program that can analyze executables compiled with Delphi. After decompilation DeDe gives you the following: - All dfm files of the target. You will be able to open and edit them with Delphi - All published methods in well commented ASM code with references to strings, imported function calls, classes methods calls, components in the unit, Try-Except and Try-Finally blocks. By default DeDe retrieves only the published methods sources, but you may also process another procedure in a executable if you know the RVA offset using the Tools|Disassemble Proc menu - A lot of additional information. - You can create a Delphi project folder with all dfm, pas, dpr files. Note: pas files contains the mentioned above well commented ASM code. They can not be recompiled!

Goto part one Goto part two

Comments

Post a Comment

Popular posts from this blog

Decompiling Delphi - 2

I came across this on delphi.about.com web site and thought it useful to add it a a reference here. continued from part one For the moment, Borland does not offer any product capable of decompiling an executable (.exe) file or the "Delphi compiled unit" (.dcu) back to the original source code (.pas). Delphi compiled unit: DCU When a Delphi project is compiled or run a compiled unit (.pas) file is created. By default the compiled version of each unit is stored in a separate binary-format file with the same name as the unit file, but with the extension .DCU. For example unit1.dcu contains the code and data declared in the unit1.pas file. This means that if you have someones, for example, component compiled source all you have to do is to reverse it and get the code. Wrong. The DCU file format is undocumented (proprietary format) and may change from version to version. After the compiler: Delphi Reverse Engineering If you would like to try to decompile a Delphi e...
Read more

Artificial Intelligence, Oxymoron and Natural Intelligence

Image
I posted this question to a couple of online AI engines and to my surprise, none came up with the correct anwser. This is the question - "Two Americans were crossing a bridge on a bright summer morning, one was the father of the other and the other wasn't the son. So, what was their relationship?" This is a classic IQ question - supposedly, employed by Microsoft in the easrly 90s in the recruitment of top talent for its work pool. Essentially, this is a mis-direction fixation challenge. On the surface - it is a fairly straight forward question with the requisite hint at solving it. For whatever reason, most people asked this question are always fixated on the "father and son" narative, which in reality - is the hint to solving the question, but always end up getting it wrong. My point really is - the so called AI engines got the answer to the question wrong as well. The real poser is - should we still be referring to the encompassing ecosystem...
Read more