legal contact rss
 

Retargetable Decompiler (opensource)

RetDec is an open-source machine-code decompiler based on LLVM.

The decompiler is not limited to any particular target architecture, operating system, or executable file format:

  • Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and raw machine code.
  • Supported architectures (32b only): Intel x86, ARM, MIPS, PIC32, and PowerPC.

Features

  • Static analysis of executable files with detailed information.
  • Compiler and packer detection.
  • Loading and instruction decoding.
  • Signature-based removal of statically linked library code.
  • Extraction and utilization of debugging information (DWARF, PDB).
  • Reconstruction of instruction idioms.
  • Detection and reconstruction of C++ class hierarchies (RTTI, vtables).
  • Demangling of symbols from C++ binaries (GCC, MSVC, Borland).
  • Reconstruction of functions, types, and high-level constructs.
  • Integrated disassembler.
  • Output in two high-level languages: C and a Python-like language.
  • Generation of call graphs, control-flow graphs, and various statistics.

You can try all of these features by using our online decompilation service.

 

Instal (Winx64) of Retargetable Decompiler

 

  1. Either download and unpack a pre-built package from the following list, or build and install the decompiler by yourself (the process is described below):

  2. Install Microsoft Visual C++ Redistributable for Visual Studio 2015.

  3. Install MSYS2 and other needed applications by following RetDec's Windows environment setup guide.

  4. Now, you are all set to run the decompiler. To decompile a binary file named test.exe, go into $RETDEC_INSTALL_DIR/bin and run:

    bash decompile.sh test.exe

    For more information, run bash decompile.sh --help

Instal (Linux) of Retargetable Decompiler

Using Ubuntu 16.0:

  • There are currently no pre-built packages for Linux. You will have to build and install the decompiler by yourself. The process is described below.

  • After you have built the decompiler, you will need to install the following packages via your distribution's package manager:

simply do a "sudo apt-get install build-essential cmake git perl python3 bash coreutils wget bc doxygen graphviz upx flex bison zlib1g-dev libtinfo-dev autoconf automake pkg-config m4 libtool"

As I was using Ubuntu 16.04 I had to do some extra stuff:

sudo apt purge cmake
sudo wget https://cmake.org/files/v3.7/cmake-3.7.2-Linux-x86_64.sh
sudo chmod +x cmake-3.7.2-Linux-x86_64.sh
sudo ./cmake-3.7.2-Linux-x86_64.sh
sudo ln -s /opt/cmake/bin/cmake /usr/local/bin/cmake

  • install the actual programm
    cd /opt
    git clone --recursive https://github.com/avast-tl/retdec
    sudo mkdir decompiler
    cd retdec
    sudo mkdir build && cd build
    sudo cmake .. -DCMAKE_INSTALL_PREFIX=/opt/decompiler
    sudo su -
    cd /opt/retdec/build
    sudo make && make install
  • Now, you are all set to run the decompiler. To decompile a binary file named test.exe, go into $RETDEC_INSTALL_DIR/bin and run: ./decompile.sh test.exe

For more information, run ./decompile.sh --help.