Decompiling .exe file

Sephiroth_dude wrote: »

Is there anyway to do this? I have a .exe file and I want to view the source code, its a console program, a theatre booking system, want to see the code, anyway to get at it?

https://reverseengineering.stackexchange.com/questions/3748/converting-assembly-code-to-c

Note:
1) Normally, when the .exe is built, symbols are removed, so you won't see any function/variable names
2) .exe can be dis-assembled, i.e. shown in the assembly code. A "decompiler" program can reconstruct the C code (or some other language) which provides same functionality.

Sephiroth_dude wrote: »

Is there anyway to do this? I have a .exe file and I want to view the source code, its a console program, a theatre booking system, want to see the code, anyway to get at it?

It's typically illegal to reverse engineer software.
What are you trying to achieve ?

I'm shocked that any booking system is a Windows EXE.
They're typically web based and on Linux for stability/security.
So that's a red flag already.

If it's the client part of the system you could run a web proxy server to watch the http requests going to their server to get an idea of their web api.

You will not be able to extract the full source code from an exe file.

Are you by any chance a student trying to get the solution to a class assignment?

Sephiroth_dude wrote: »

Not to be rude to you or anything but did you read my first post?

Yep... nothing in it said it was written by a lecturer or that it was a college exercise. That would've completely framed the question.

Jim2007 wrote: »

Apart from perhaps a lacking experience, why would you be shocked that booking systems are being run stably on Windows environments.

I'm basing it on 25+ years of enterprise level software development in a variety of sectors. Writing 80x86 assembly, C, C++ and writing my own Java disassembler from scratch just from reading the JVM specification.

Jim2007 wrote: »

This idea that any os is stable and secure just because of it's name is nonsense.

I agree, Windows NT stood for "new technology" and was an incremental improvement on a badly designed single user operating system.
Can't remember who said Windows was a collection of badly debugged drivers.
It's been an incremental improvement in versions since.
When a security issue comes out you often see that it applies all the way back to Windows versions 10 years ago or more.

Unix/Linux was designed from the ground up as multi-user and multi-threaded.

Sephiroth_dude wrote: »

Not to be rude to you or anything but did you read my first post? I want to view the source to see how it works, It's a Console program, its not a real theatre booking program, it was something our lecturer made for us to test, we had to come up test cases and test the program, I'm interested in viewing the code that's all, nothing sinister going on here at all.

The obvious answer then would be to ask your lecturer for the source code. But they're unlikely to give it to you until you've completed the assignment - testing something that you have the source code for is substantially different to something you don't.

Say you know a given input is declared as a byte in the source code (assuming C# in this example). Obviously the first test case you're going to write is where that input is >255. You may not have thought of that if you don't have the source code. If the purpose of the assignment is to treat the program as a "black-box" then decompilation is against the spirit of the assignment

Any Wintel EXE/COM can be disassembled into assembly language...and best of Royal Irish luck with that!

14ned wrote: »

They're late to the party, but they do get there eventually.

And after a lot of bad attempts and failures in every area.
Vista, Internet Explorer....
Sure one of the early versions of Windows didn't even come with a firewall, everything was exposed to the net. Steve Gibson from the Security Now podcast was able to browse peoples C$ drives.

14ned wrote: »

In terms of security history, it is the Win32 and OS/2 legacy stuff which has had by far the most problems. And unsurprisingly, most of that code was written quickly by inexperienced developers lacking much oversight.

And that code is still there for backward compatibility.

14ned wrote: »

Not NT, whose security record I believe beats both Linux and Mac OS for kernel exploits, and has done so now for at least a decade according to the annual rankings. Good programmers, unsurprisingly, write good code, and most of NT was written by world famous engineers at the time.

Well which one of those geniuses moved the GDI into the kernel ?
Choosing video performance over security ?

End result: Someone with a carefully crafted font file could exploit the O/S.

And don't forget the Universal Plug and Play feature rolled out into Windows, they opened everyones machine wide open to the net with 3 exploits.

https://www.grc.com/unpnp/unpnp.htm

https://www.computerworld.com/article/3252823/why-linux-is-better-than-windows-or-macos-for-security.html

https://www.itpro.co.uk/operating-systems/24841/windows-vs-linux-whats-the-best-operating-system/page/0/1

Windows isn't open source either.
Security by obscurity.

While opening the Linux source code for security audits catches issues earlier with thousands of developers scanning the code.

Also, Windows is bloated.
Every single extra piece of code not required to run your application is an extra security vulnerability.

While Linux can be configured to run headless with minimal extra applications or libraries.
The Linux kernel is and always was better protected from rogue apps.

Windows was always playing catch up to Unix/Linux.
Whether it was networking, internet browsers, security, phone OS, etc.

I've worked in the enterprise/Fintech industry for 20+ years, you just don't get serious companies running servers on Windows unless they have some horrible legacy app running on Sql Server or the like. They're so much of an exception they don't make Tier 1 support and have to pay for extra for their poor choices.

14ned wrote: »

I think you're out of date here. They packed the kernel memory structures to fit NT onto a phone, and since then you can happily run Windows on a 256Mb RAM device.

And it's been a complete failure.
Windows phone market share is utterly dwarfed by Android and Apple.
Why would people pay to use Windows when Linux is free.

14ned wrote: »

As I already mentioned, Linux and Mac OS regularly come far below Windows in annual kernel exploit rankings. That's been the case for a decade now. So you're out of date on that too.

And as the comments on that article say, which version of the Linux kernel?
Why split all the Windows versions apart?
A lot of Windows vulnerabilities affect the entire lineage of versions, so which version of Windows is it reported against if it was introduced in an earlier version ?
Why post something 5 years old ?

https://www.cybrnow.com/10-most-vulnerable-os-of-2017/

Here's a more recent article, still from Feb 2018.

https://www.computerworld.com/article/3252823/why-linux-is-better-than-windows-or-macos-for-security.html

14ned wrote: »

A ton load of dev work still happens on Windows, and then testing and deployment is on Linux.

Yep, you're making the point for me.
Windows is consumer/office friendly, but not production friendly.

14ned wrote: »

There are plenty of back end servers running Windows, some of which is due to not being bothered to upgrade something working fine.

Yep, I've heard of ATM machines and electronic billboards running Windows, and people taking photos of the BSOD on them.
The fact that most people know what the blue screen of death is, is a testament to Windows fragility.

14ned wrote: »

Next edition of Windows they're shipping a copy of the Linux kernel inside the Windows kernel.

Which screams of "If you can't beat them, join them".

Some of the more progressive software development houses were issuing Apple Macs to developers. That must've spooked Microsoft.
And you need Windows 10 professional edition to run Docker natively on Windows... not in Linux.

Aside from all of that, Microsoft is a US company.
It's hard to trust that the US government won't/hasn't compelled Microsoft to add backdoors, targeted poisoned Windows updates and tricks to infiltrate it's enemies.

As Steve Gibson from the Security podcast said, he doesn't understand why foreign governments actually use Microsoft products.
Much in the same way the US has blacklisted Huewei.
Can't remember if it's China or Russia that has plans in progress to write their own OS.

Closed source, old codebase, backward compatibility, US based and constantly adding new functionality is a recipe for a security disaster.

If Windows was that secure why is there always a rake of bugs to fix every patch Tuesday ?

TuringBot47 wrote: »

And it's been a complete failure.
Windows phone market share is utterly dwarfed by Android and Apple.
Why would people pay to use Windows when Linux is free.

The final generation of Windows Phone was pretty good. Funnily enough, I was literally the guy who wrote up the competitive analysis report for BlackBerry when WinPhone8 launched. Did a ton of statistical and reverse engineering analyses. I came away impressed with the engineering. I also enjoyed using the phone as my main driver for a few months, it was world's better than WinPhone7.

Windows Phone and BB10 failure had nothing to do with cost. It's an open secret that both Microsoft and BlackBerry were paying manufacturers to install it, and paying app developers to write apps for the phone. It cost both companies billions of dollars.

The failure was due to mobile phones being a natural duopoly: the premium and the budget spaces. There was only ever space for two, and two alone.

TuringBot47 wrote: »

Which screams of "If you can't beat them, join them".

Both yes and no. By some measures, Linux now is a Microsoft product. They've been one of its biggest contributors for some years. This year they'll ship more Linux installs than anybody but Google in the form of Android (and Google intend to abandon Linux based Android in favour of Fuscia). Most new Microsoft software runs on both Linux and Windows now. Internally all their teams are being trained up on Linux. Very clearly, in the near future Microsoft will equal Linux, and Linux will equal Microsoft.

I totally agree with the later point that Microsoft doesn't really innovate, it buys in innovation from outside. They identify what they want, and throw money at bringing it in house. They literally have done that with GitHub so they can see most open source being developed (and watch all the developers), and are bringing Linux in house as well. And that's a good thing, Linux is having money sprayed all over it as a result.

Niall

TuringBot47 wrote: »

Red Hat, Intel, Novel and IBM would beg to differ.
They are much larger contributers.
Microsoft only became the 5th biggest contributor last year.

https://www.theinquirer.net/inquirer/news/2166123/microsoft-contributed-code-canonical-linux-2632

That link of yours is very out of date, 2012. Microsoft are widely recognised as probably the current biggest single contributor to open source (https://www.techrepublic.com/article/microsoft-may-be-the-worlds-largest-open-source-contributor-but-developers-dont-yet-care/), much of which impacts Linux. Many of their contributions to open source projects, including the Linux kernel, are done using a gmail email address. Microsoft induce that practice to avoid patent grant IP issues which are required for contributions by corporations to some software licenced open source software. If people don't use a Microsoft email address, then it is hard to prove that the open source contributions legally involve Microsoft.

Just to be clear, I am not suggesting that Microsoft condone that behaviour. But, equally, it is very hard to believe that hundreds of thousand of commits were written entirely on personal time outside of work.

TuringBot47 wrote: »

So I can't believe the credit stealing statement above.
You must have a fair few shares in Microsoft.

I divested all my shares in Microsoft in 2005. I divested all my investments in the tech industry Christmas 2018, as I mentioned on these very boards. I currently hold no investments whatsoever in the tech industry, nor plan to until after the current bubble bursts.

I do however work closely with many Microsoft engineers in the kernel and C++ teams, and with some in senior Microsoft management. This is why I would be more up to date than most.

For the record I also work closely with many Google, Apple, and Facebook engineers, and with some in their senior management as well. I've no special interest in Microsoft. They're just the ten tonne gorilla here, especially in C++.

Niall

croo wrote: »

I always enjoy what you have to say Niall and usually find it very informative but like you I felt I had to comment

In the 80s & 90s I was developing business apps on mainframes and UNIX boxes. I used VMS rather developed on it. UNIX was far from being a toy then! I worked for numerous big computer manufacturers all across Euroope in that period and many (if not most) were using UNIX for the CAD/CAM & MRP applications.

It would depend on the customer. For many big orgs, Unix was considered too unserious compared to VMS, AS/400 and the like. NT was designed from the beginning to be considered a serious contender in that kind of market, and by some measures, they were successful. It didn't help that BSD, and all its derivatives, were caught up in legal problems.

However once into the 2000s, the landscape changed. We were beginning to see the cloud appear in its modern form, and it became empirically proven that you could build ultra reliable infrastructure with Unix. Absolutely did Solaris and HPUX help with that, but to be honest Linux really proved it at scale: you could deploy millions of Linux servers, and the whole thing kept running reliably. As millions of Linux servers was an awful lot cheaper than a single VAX installation, the market began to shift.

It helped greatly that the BSD legal issues got cleared up, and that the independent Austin Working Group had taken over driving forth Unix via POSIX, and thus creating a stable portable abstraction against which mainframe applications could be based. The AWG released its first POSIX edition in 1997, if I remember. It totally changed the debate, and that took effect entering the 2000s.

croo wrote: »

While it was not something I required in my line of work, I was developing on SOLARIS boxes for a while in the 90s and I'm pretty certain it had threading in then!? When you write of UNIX are you meaning Linux perhaps?

You are correct that Solaris had, and still does, a much superior threading implementation to Linux. But all Unix has partial and incomplete support for threads - see https://wg21.link/P2069 which hopes to close one large gap.

croo wrote: »

I have heard that NT was based on VMS before - and I was only a really a user of VMS and Windows but as such I never really saw any real similiarities ... as a "user"! But you're probably speaking of deep in the kernel?

It's more the design philosophy, the strong forward progress guarantees, the emphasis on reliability and security in API design. The featureset has much in common obviously, as does the scheduler. But really it's more about "feel".

It's like how FreeBSD feels quite different to Linux. Linux cares about average performance above corner case performance, whereas FreeBSD like Windows cares much more about corner case performances, and will impair average performance to improve worst case scenarios. For example, file close performance is super quick on Linux, it does almost no work. But on Windows and BSD they barrier on the journal entry for the closed file's metadata to ensure the file can be wholly retrieved if sudden power loss occurs. That makes file close far slower.

If I were building a reliable system which must not surprise anyone no matter the unexpected, I would choose Windows or BSD. But if I were building a system which must be maintained by an average sysadmin, I'd choose Linux.

croo wrote: »

To be honest, I never really took to windows myself, more because of the interface than anything else I guess... I always felt they tried so hard to make it easy to admin that those tasks outside of the most simple daily tasks were always hidden deep were they were hard to find. Or, maybe, I was just too set in my ways with SYS V UNIX. I do know that admins of Windows boxes regularly had scheduled Window server restarts - while I never heard of the same for UNIX boxes (or VMS... or obviously Mainframes).

All that would have been true of the Windows from about ten years ago and older. Not so much recently. I was recently using a public facing Windows Server which had uptime exceeding five years, and I'm very sure it is actively maintained.

croo wrote: »

ah come on ... be serious! I have to agree with TuringBot47 on this point. And if MS are "doing good" now, it's only so they can screw us later. They must be neck and neck with Oracle for the company least likely to work in their customers interests!

Microsoft are now an open source company, and because Linux is a major part of open source, that makes Linux very important to them. Important enough that they will shortly be the second largest and possibly the most important Linux vendor in the world, far larger than RedHat. This is why Canonical are being funded so lavishly by Microsoft, Ubuntu is the default distro they'll be shipping with all Windows, and Debian is thus getting sprinkled with cash. One would wonder if that is why RedHat felt a strong need to find a big sponsor in IBM, lest it get outfunded by Debian/Ubuntu/Microsoft.

In terms of getting screwed, they will always act in their own interests, and if those suits yours, you'll be fine. Same as it always was. I personally speaking find it very poor that they appear to release so much open source by pretending to not come from Microsoft - I think it is against the spirit of open source, where if the license says you need to patent grant, then you should abide by those terms, not circumvent them with trickery.

But sure, it could also be a lot worse. And I will say it's had great effects on internal morale in Microsoft. Those there are a bunch of happy workers nowadays, freely able to push commits where they see fit to github projects, and obviously enough with the metrics they glean from github commit patterns, they can hire some really great engineers which nobody else can spot easily.

I just wish they're hire more folk remote, and I'd seriously consider joining them. I very nearly did last year, in fact, as one of their very few remote roles came up. I was unfortunately on the contract in Dublin at the time, so I missed it

As for Oracle, they're an awful company to work for. Everyone I know working there hates the place, the culture, the codebase and their colleagues. It feels very similar to the Microsoft work culture from about 2010, when they were implementing rank-and-yank because that had just great effects on Enron after all.

Niall

14ned wrote: »

Important enough that they will shortly be the second largest and possibly the most important Linux vendor in the world, far larger than RedHat.

You really have to qualify that statement.

What do you mean by vendor?
That they run Linux on Azure ?

They would still be dwarfed by Amazon for linux use.

This link shows that Microsoft deceptively bundles all their figures into one big "cloud" segment.

https://www.parkmycloud.com/blog/aws-vs-azure-vs-google-cloud-market-share/

While Amazon breaks out revenue from AWS separately, Microsoft has a more nebulous “commercial cloud business” – which includes not only Azure, but Office 365, Dynamics 365, and other segments of the Productivity and Business Processes Division. This fact frustrates many pundits as it simply can’t be compared directly to AWS, and inevitably raises eyebrows about how Azure is really doing

So I think you're falling for misleading marketing.


Either way, you were originally arguing that Windows is better and more secure than Linux and are now trying to prove that Microsoft are abandoning it's own software in favour of Linux. A sign even they admit it's superior.