Definition

decompile

Rahul Awati

By

Rahul Awati

What is a decompile?

To decompile means to convert executable or ready-to-run program code -- sometimes called object code -- into some form of higher-level programming language that humans can easily understand. Decompilation is a type of reverse-engineering that performs the opposite operations of a compiler. Decompilation was first used in the 1960s to facilitate the migration of a program from one platform to another.

To convert a programming code into a working program, it must first be compiled -- i.e., converted into a series of binary bits or digits (that is, 1s and 0s) that can be understood by the computer. This operation can be reversed by decompiling the final program (which is why decompiling is described as a type of reverse-engineering).

The tool used to decompile software code and translate it into a human-understandable form is known simply as a decompiler.

A decompiler is a computer program that receives input in the form of an executable file. If the file's source code is lost or corrupted for some reason, the decompilation process attempts to recover the code, or at least most of it. Unlike a compiler, whose recipient (or final user) is the computer, a decompiler's recipient is a human user.

A disassembler is a similar tool that translates object code into assembler language. It provides a "dump" of the machine code that makes a program work. Some reverse compilers are in fact disassemblers.

Why decompile?

There are many valid reasons to decompile source code, such as:

to understand a computer program and the functionality of its code;
recover the source code for archiving or updating;
find viruses in the program and, thus, enhance its security;
debug the program and correct errors;
translate obsolete code;
remove for legal purposes code restrictions (like passwords), copy protection or time limits; and
make software compatible with third-party components and enable interoperability.

Decompilers can also be used for unethical and/or illegal reasons, especially to break a software's copyright protection and to use it without permission.

Decompilation challenges

Decompilation can rarely reconstruct the original source code perfectly or completely. One reason is successful decompilation depends on available code information. It also depends on the reverse engineer's skills, expertise, and the tools and techniques they use.

The meaningful names given to variables and Functions by programmers to make them easily identifiable are not usually stored in executable files, and are therefore not always recovered in decompiling. In short, because the source code rarely includes such "identifiers," perfect decompilation almost never happens.

As code complexity increases, decompilation becomes even more difficult. It is also not possible to decompile all programs. Furthermore, it is not easy to separate data and code because both are represented similarly in most current computer systems.

steps in reverse-engineering — A type of reverse engineering, a decompiler performs the opposite operations of a compiler. It converts executable program code into a human-understandable form.

Is it legal to decompile code?

Decompilation is sometimes used unethically without the permission of the copyright holder to reproduce source code for reuse or adaptation. The decompilation of copyrighted software is illegal in many countries, although the specifics differ from country to country.

In the U.S., for example, copyright laws don't fully restrict decompilation. The Digital Millennium Copyright Act (DMCA) allows reverse-engineering, if a person has lawfully obtained a right to use a copy of a computer program, only to identify and analyze its elements to achieve interoperability with other programs. However, decompiling a program to circumvent a system that controls access to copyrighted work is considered illegal. Similarly, the EU also allows decompilation for some uses, including interoperability.

Programs can be designed to be resistant to decompilation through the use of protective means such as obfuscation.

Popular software decompiler tools

Several decompiler, disassembler and reverse-engineering tools are available to use for legal purposes. Many of these tools are open source or free, while others are commercial and not free.

Some of the most popular tools are:

IDA Pro. Interactive disassembler with a built-in command language
Hex-Rays Decompiler. Plugin that converts native processor code into a more readable, C-like version
ClassInformer. For use on binaries built by Visual Studio
CFF Explorer. Includes tools for portable executable (PE) editing, including a disassembler
Hiew. Binary file editor with a built-in disassembler
PEiD. Analyzes entropy to detect if an application is packed

This was last updated in October 2021

Continue Reading About decompile

Learn how to improve software quality with reverse-engineering

Get started with the Ghidra reverse-engineering framework

Read the Digital Millennium Copyright Act of 1998 online

Retail banks ordered to open up APIs

Can a new encryption trick prevent reverse engineering?

Search Networking

What is 1000BASE-T (Gigabit Ethernet)?
1000BASE-T is a Gigabit Ethernet standard that operates at a speed of 1 gigabit per second (Gbps) over copper wiring.
What is DHCP (Dynamic Host Configuration Protocol)?
DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to dynamically assign an Internet Protocol (IP) ...
What is Routing Information Protocol (RIP)?
Routing Information Protocol (RIP) is a distance vector protocol that uses hop count as its primary metric.

Search Security

What is a security operations center (SOC)?
A security operations center (SOC) is a command center facility in which a team of information technology (IT) professionals with...
What is a risk profile? Definition, examples and types
A risk profile is a quantitative analysis of the types of threats an organization, asset, project or individual faces.
What is risk reporting?
Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

Search CIO

What is the Sarbanes-Oxley Act? Definition and summary
The Sarbanes-Oxley Act of 2002 (SOX) is a federal law that established sweeping auditing and financial regulations for public ...
What is a change agent (agent of change)?
A change agent, or agent of change, is someone who promotes change and enables it to happen within any group or organization.
What is a quantum processing unit (QPU)?
A quantum processing unit (QPU) is a hardware device that uses quantum mechanics -- such as superposition and entanglement-- to ...

Search HRSoftware

What is team collaboration?
Team collaboration is a communication and project management approach that emphasizes teamwork, innovative thinking and equal ...
What is talent management? Definition, basics and strategy
Talent management is a strategic approach organizations use to attract, develop, retain, and optimize employees.
What is employee experience?
Employee experience is a worker's perception of the organization they work for during their tenure.

Search Customer Experience

What are customer service and support?
Customer service is the support organizations offer to customers before, during and after purchasing a product or service.
What is quality of experience (QoE or QoX)?
Quality of experience (QoE or QoX) is a measure of the overall level of a customer's satisfaction and experience with a product ...
What is voice of the customer? A guide to VOC Strategy
Voice of the customer (VOC) is the component of customer experience (CX) that focuses on customer needs, wants, expectations and ...

Close