(二进制,NDK)的反编译ç应用程序与Java应用程序(的Dalvik字节code)
嗯,
因为我很感兴趣,再造我花Android上再造了大量的时间为止。
since I'm interested in reengineering I spend a lot of time on Android reengineering so far.
不过,我到了一个点,在那里我有编译二进制C- code(NDK)的问题,我才知道,这是非常困难的反编译回C / C ++比反编译一个DEX-文件回或多或少以及Java源代码。
Nevertheless I got to a point, where I had the problem of compiled, binary C-Code (NDK) and I got to know that it's very difficult to decompile it back to C/C++ than decompiling a DEX-file back to more or less well Java sources.
什么是这样做的原因是什么?我指的是字节code是由Dalvik虚拟机,并在情况下,它是由真正的处理器,而不是直接执行的通常的二进制文件的执行。两者都是pretty的只是一些额外的模拟层相似,是不是?我没有看到这么多不同的时刻或原因的问题。
What's the reason for this? I mean the bytecode is executed by the Dalvik VM and in case of a usual binary file it's executed by the real processor directly instead. Both are pretty similar except for some additional emulation layers, isn't it? I don't see that much differences at the moment or the reason for this problem.
你有什么信息,我为什么它更难以反编译通常的二进制文件(如ELF或MS EXE)回C源代码?
Do you have any information for me why it's more difficult to decompile a usual binary file (e.g. ELF or MS EXE) back to the C source?
感谢。
简短的回答是,C / C ++ code不包含任何反射信息,它和C / C ++有内联函数,宏和展开循环,Java编译器只是不这样做(尽可能多的为C / C ++编译器)。还可以优化C / C ++如此广泛,所有你能做的就是反编译集会,因为有对应用自己的函数的引用。 (引用到系统的功能将被虽然找到。)
The short answer is that the C/C++ code does not contain any reflective information in it and C/C++ has inline functions, macros, and unrolled loops that the Java compiler just doesn't do (as much as C/C++ compilers do). It is also possible to optimize C/C++ so extensively that all you can do is decompile to assembly because there are no references to the applications own functions. (References to the system's functions will be found though.)