Definition

decompile

Rahul Awati

By

Rahul Awati

What is a decompile?

To decompile means to convert executable or ready-to-run program code -- sometimes called object code -- into some form of higher-level programming language that humans can easily understand. Decompilation is a type of reverse-engineering that performs the opposite operations of a compiler. Decompilation was first used in the 1960s to facilitate the migration of a program from one platform to another.

To convert a programming code into a working program, it must first be compiled -- i.e., converted into a series of binary bits or digits (that is, 1s and 0s) that can be understood by the computer. This operation can be reversed by decompiling the final program (which is why decompiling is described as a type of reverse-engineering).

The tool used to decompile software code and translate it into a human-understandable form is known simply as a decompiler.

A decompiler is a computer program that receives input in the form of an executable file. If the file's source code is lost or corrupted for some reason, the decompilation process attempts to recover the code, or at least most of it. Unlike a compiler, whose recipient (or final user) is the computer, a decompiler's recipient is a human user.

A disassembler is a similar tool that translates object code into assembler language. It provides a "dump" of the machine code that makes a program work. Some reverse compilers are in fact disassemblers.

Why decompile?

There are many valid reasons to decompile source code, such as:

to understand a computer program and the functionality of its code;
recover the source code for archiving or updating;
find viruses in the program and, thus, enhance its security;
debug the program and correct errors;
translate obsolete code;
remove for legal purposes code restrictions (like passwords), copy protection or time limits; and
make software compatible with third-party components and enable interoperability.

Decompilers can also be used for unethical and/or illegal reasons, especially to break a software's copyright protection and to use it without permission.

Decompilation challenges

Decompilation can rarely reconstruct the original source code perfectly or completely. One reason is successful decompilation depends on available code information. It also depends on the reverse engineer's skills, expertise, and the tools and techniques they use.

The meaningful names given to variables and Functions by programmers to make them easily identifiable are not usually stored in executable files, and are therefore not always recovered in decompiling. In short, because the source code rarely includes such "identifiers," perfect decompilation almost never happens.

As code complexity increases, decompilation becomes even more difficult. It is also not possible to decompile all programs. Furthermore, it is not easy to separate data and code because both are represented similarly in most current computer systems.

steps in reverse-engineering — A type of reverse engineering, a decompiler performs the opposite operations of a compiler. It converts executable program code into a human-understandable form.

Is it legal to decompile code?

Decompilation is sometimes used unethically without the permission of the copyright holder to reproduce source code for reuse or adaptation. The decompilation of copyrighted software is illegal in many countries, although the specifics differ from country to country.

In the U.S., for example, copyright laws don't fully restrict decompilation. The Digital Millennium Copyright Act (DMCA) allows reverse-engineering, if a person has lawfully obtained a right to use a copy of a computer program, only to identify and analyze its elements to achieve interoperability with other programs. However, decompiling a program to circumvent a system that controls access to copyrighted work is considered illegal. Similarly, the EU also allows decompilation for some uses, including interoperability.

Programs can be designed to be resistant to decompilation through the use of protective means such as obfuscation.

Popular software decompiler tools

Several decompiler, disassembler and reverse-engineering tools are available to use for legal purposes. Many of these tools are open source or free, while others are commercial and not free.

Some of the most popular tools are:

IDA Pro. Interactive disassembler with a built-in command language
Hex-Rays Decompiler. Plugin that converts native processor code into a more readable, C-like version
ClassInformer. For use on binaries built by Visual Studio
CFF Explorer. Includes tools for portable executable (PE) editing, including a disassembler
Hiew. Binary file editor with a built-in disassembler
PEiD. Analyzes entropy to detect if an application is packed

This was last updated in October 2021

Continue Reading About decompile

Learn how to improve software quality with reverse-engineering

Get started with the Ghidra reverse-engineering framework

Read the Digital Millennium Copyright Act of 1998 online

Retail banks ordered to open up APIs

Can a new encryption trick prevent reverse engineering?

Search Networking

What is shielded twisted pair (STP) and how does it work?
Shielded twisted pair (STP) is a kind of cable made up of smaller wires where each small pair of wires is twisted together and ...
What is ping and how does it work?
Ping (Packet Internet Groper) is a basic internet program that enables a user to test and verify if a particular destination ...
What is 1000BASE-T (Gigabit Ethernet)?
1000BASE-T is a Gigabit Ethernet standard that operates at a speed of 1 gigabit per second (Gbps) over copper wiring.

Search Security

What is a firewall and why do I need one?
A firewall is a network security device that prevents unauthorized access to a network by inspecting incoming and outgoing ...
What is risk appetite?
Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value.
What is penetration testing?
A penetration test, also called a 'pen test,' is a simulated cyberattack on a computer system, network or application to identify...

Search CIO

What is compliance risk?
Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...
What is quantum entanglement and how does it work?
Quantum entanglement is a foundational phenomenon in quantum mechanics where two or more particles become interconnected in such ...
What is systems thinking?
Systems thinking is a holistic approach to analysis that focuses on the way that a system's constituent parts interrelate and how...

Search HRSoftware

What is team collaboration?
Team collaboration is a communication and project management approach that emphasizes teamwork, innovative thinking and equal ...
What is talent management? Definition, basics and strategy
Talent management is a strategic approach organizations use to attract, develop, retain, and optimize employees.
What is employee experience?
Employee experience is a worker's perception of the organization they work for during their tenure.

Search Customer Experience

What are customer service and support?
Customer service is the support organizations offer to customers before, during and after purchasing a product or service.
What is quality of experience (QoE or QoX)?
Quality of experience (QoE or QoX) is a measure of the overall level of a customer's satisfaction and experience with a product ...
What is voice of the customer? A guide to VOC Strategy
Voice of the customer (VOC) is the component of customer experience (CX) that focuses on customer needs, wants, expectations and ...

Close