All geek questions in one place

Can you extract source from debug binary?

I dug through and found the executable for what I wrote in Visual C ++ 6.0 about 8 years ago. I never supported the source code, but I think I always compiled everything in debug mode. I also vaguely remember hearing that "you cannot decompile the executable into source code unless you have a compiler for debugging characters or something else." The code will be sentimental, but not critical to getting it.

This is the background; here are the questions:

  • How to check if the executable was compiled in debug mode or not?
  • If so, what information is supplied with the debug executable?
  • Is it possible to get the full source code? Otherwise, can I get a significant improvement in decompilation compared to the release version? If so, how?

Thanks,

- Michael Burge

+4
source share
3 answers

  • I do not believe that there is a flag, although you can find something using PEDUMP which will upload COFF file formats (Windows EXE and DLL). You can conclude if the executable was compiled for debugging pretty quickly by running Dependecy Walker and seeing if your EXE references any debug DLLs (suffix with D, for example MSVCRT5D.DLL).

    FYI in VC6 Debug and Release are simple named assemblies, not modes for each, each of which creates a collection of compiler and linker options. EXE is just code, debug exes are usually not optimized, which makes it easier to use a debugger (as opposed to debugging optimized code). This way you can compile the binary binary Release with Debug characters, which is sometimes useful for tracking optimized code errors.

  • Debugging EXE and DLL did not contain any debugging information, but instead had a PDB sidecar file, which was in the same folder and contained all the debugging symbol data that was created at compile time.

  • No, the source is the source and is not compiled into a character file or executable files. There are some amazing decompilers that can restore decent C versions of your code, but they only hit how good C is, not how good they can recreate your source.

+2
source

In Visual Studio, I'm afraid you cannot, as the debug executable does not contain a source. Visual Studio generates pdb files that contain only a mapping between binary and source file names and line numbers, but you still need the source code. This may be different from gcc, which I think integrates the source into binaries.

0
source

I think many disassemblers can show the source if the binary is compiled in debug mode. For example, I use OllyDBG and it has the ability to show the source, although I have never tried it.

-2
source

Source: https://habr.com/ru/post/1337152/

More articles:


All Articles