Home > Mobile >  Reverse Engineering exe files
Reverse Engineering exe files

Time:11-24

I am given a list of old exe files where the original source code are lost.

While i am able to extract code from some of the exe files using tools like DotPeek or ILSpy or JustDecompile.

I see a couple of them failed to decompile. I am getting the below similar error

enter image description here

What would be the next step I need to do to extract code or do reverse engineer?

kindly let me know.

CodePudding user response:

If there is no CLR header then it is probably not a .NET application and you would have to go deeper.

Start with something like PEiD, it should hopefully tell you if it is packed and basic guessing of the compiler used. If it is VB6 or Delphi you might want to look for specific de-compilers for those, otherwise go back to basic disassembly.

Both IDA and Ghidra can be used for free...

CodePudding user response:

Here's a tool that automatically tries to identify a file. It takes an "educated guess" based on similar files analyzed and community contributed identifications (I contributed some definitions). For executables, it tries to name the programming language/compiler, too: TrID. If the file is too large for the online analyzer, there's a link to download a (Windows) standalone version. (Disclaimer:) I know Marco as a regular and knowledgeable contributor from a programming forum where this project started. It has been featured in a Computer Forensic article by the renowned German computer magazine c't.

  • Related