发表新帖
发表新帖

How can I view the C code after compilation in binary code?

后端 未结
关注
5 891
春和景丽
春和景丽 2020-12-10 23:44

The compiler is what takes this code, and translates it into the machine code

How can I see the original C code after compilation in bin

相关标签:
5条回答
  • 天命终不由人
    2020-12-11 00:08

    You can't get back the original C source code from the compiled binary - there are many ways in C of producing the same end result so there isn't a unique source.

    The process is called decompiling

    If I have misunderstood your question and you want to know how to view the assembler that the compiler generates from your C code then that depends on the particular compiler but they can all do it. See How can I see the assembly code that is generated by a gcc (any flavor) compiler for a C/C++ program?

    0 讨论(0)
  • 走了就别回头了
    2020-12-11 00:09

    use ollydbg and find your code within the disassebly :)

    for example compiled code

    int main()
{
  system("PAUSE");
  return 0;
}

    would be hard to find in all the lines of the disassebly but if you pad it you can find it easier for example... compile this code

    int main()
{
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");

  //mycode
  system("PAUSE");

  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  asm("nop");
  return 0;
}

    and now in the disassembly i will be able to see the rows of "nops" and in between them is my code in binary form

    CPU Disasm
Address   Hex dump          Command                                  Comments
004013F8  |.  90            NOP
004013F9  |.  90            NOP
004013FA  |.  90            NOP
004013FB  |.  90            NOP
004013FC  |.  90            NOP
004013FD  |.  90            NOP
004013FE  |.  90            NOP
004013FF  |.  90            NOP
00401400  |.  90            NOP
00401401  |.  90            NOP
00401402  |.  90            NOP
00401403  |.  90            NOP
00401404  |.  90            NOP
00401405  |.  90            NOP
00401406  |.  90            NOP
00401407  |.  90            NOP
00401408  |.  90            NOP
00401409  |.  90            NOP
0040140A  |.  90            NOP
0040140B  |.  90            NOP
0040140C  |.  C70424 004044 MOV DWORD PTR SS:[LOCAL.6],OFFSET 004440
00401413  |.  E8 D8500100   CALL <JMP.&msvcrt.system>                
00401418  |.  90            NOP
00401419  |.  90            NOP
0040141A  |.  90            NOP
0040141B  |.  90            NOP
0040141C  |.  90            NOP
0040141D  |.  90            NOP
0040141E  |.  90            NOP
0040141F  |.  90            NOP
00401420  |.  90            NOP
00401421  |.  90            NOP
00401422  |.  90            NOP
00401423  |.  90            NOP
00401424  |.  90            NOP
00401425  |.  90            NOP
00401426  |.  90            NOP
00401427  |.  90            NOP
00401428  |.  90            NOP
00401429  |.  90            NOP
0040142A  |.  90            NOP
0040142B  |.  90            NOP

    so you can see that my system call is compiled into 

    C70424004044E8D8500100

    i hope this is what you meant :)

    This can be done with ollydbg or x32dbg or objdump -M intel -d ;)

    0 讨论(0)
  • 失恋的感觉
    2020-12-11 00:11

    This is commonly described as "turning hamburger back into cows."

    A decompiler will generate C source code that's functionally equivalent to the original code, but it won't have any of the original symbol names, and may not be structured the same. It may not even be very "readable".

    You cannot recover the original source from a compiled program.

    0 讨论(0)
  • 半阙折子戏
    2020-12-11 00:17

    so are you asking how to reverse it? you should search up reverse engineering and go from there. you will need to use a decompiler, know a bit of assembly and there is still no guarantee of success, that you will be able to get all the original code. it will also get harder if the program originally had more than one file or some sort of hiding technique to randomize the code (obfuscation). You will need to do alot of work to get even a bare-bones resemblance of the original code. here is the Wikipedia link for the topic: http://en.wikipedia.org/wiki/Reverse_engineering

    HOWEVER, IT MAY BE ILLEGAL IN YOUR AREA, Depending on what you do with it, please don't get in trouble!

    NOTE: if this post isn't allowed, someone please let me know and i'll take it down immediately.

    EDIT: It can also be called decompiling as well i believe.

    0 讨论(0)
  • 青春惊慌失措
    2020-12-11 00:19

    If you compile with debug information embedded in the object files ( binary output files generated by compiling the source files ), links to the original locations of the source files will be embedded in the object files. This allows a debugger ( e.g. gdb ) to jump to the line in the source file corresponding to a breakpoint when that breakpoint is encountered whilst debugging the program. You can compile with debug info added by specifying the -g switch if you're using gcc. For example:

    gcc -g -o myProgram myProgram.c

    compiles myProgram.c into a executable myProgram which you can run or debug. To debug myProgram you can use gdb:

    gdb myProgram
    0 讨论(0)
 看不清?
提交回复
热议问题