Would it be possible to develop a program that decompiles the instructions of a running process, for example into a C-like language, and allows them to be modified and then injected into the process itself, changing its behavior?
Asked
Active
Viewed 147 times
1
-
Yes, but what is the point since you can modify assembler instructions directly, with much much less effort? – morsisko Oct 14 '20 at 20:14
-
Wouldn't C or C++ be more comfortable and readable than Assembly? – Axeryon Oct 15 '20 at 06:08
-
2Don't think so. Something as perfect C or C++ decompiler doesn't exist. They are often more confusing than assembly, and sometimes just wrong. – morsisko Oct 15 '20 at 19:18
-
Would such a decompiler be technically impossible or just very difficult to develop? – Axeryon Oct 16 '20 at 07:16
-
@Axeryon The main problem of decompilers is that the generated assembler code can be very different depending on which compiler (and what compile options) was used to generate it. Writing a decompiler for one specific compiler with one specific set of options is difficult. However you have hundred of compilers that can generate e.g. x86 binary code with thousands of options that can be applied. You can see that writing a general decompiler that is generating compilable and correct code is more than a life-time job. – Robert Oct 16 '20 at 14:08
-
Let's consider a specific operating system and a specific CPU. Would each compiler generate code belonging to the instruction set supported by that CPU? If so, wouldn't it be enough to decompile it into semantically equivalent code valid for at least one specific compiler? – Axeryon Oct 16 '20 at 15:47
-
@Axeryon yes, and decompilers exist, but it would be very difficult to modify the decompilation to fit back into the program – multithr3at3d Oct 16 '20 at 21:45
-
So this is the problem, it would be difficult to inject the new modified code into the process – Axeryon Oct 17 '20 at 07:35