Decode compiled c++-code from Qt?



  • Hi!

    I was a little bit curious as I read in an internet forum, that good hacker can easily decode compiled c++ code.

    Is this true? And if yes, is it true for compiled c++-code with Qt?

    If I send my compiled and released code:
    applicationexample.exe
    with:
    libgcc_s_dw2-1.dll
    Mingwm10.dll
    Qtcore4.dll
    QtGui4.dll

    via e-mail to someone, can a hacker hack the file "applicationexample.exe" and get the source-code?
    If yes, what can I do to prevent this?

    I´m sorry, but I really don´t know if this is possible and if so, what to do in case...



  • Of course reverse engineering of C++ application and libraries is possible although I will not say that it is easy. Using Google you can find some fine examples and tutorials how to decompile such "this":http://www.codeproject.com/KB/cpp/reversedisasm.aspx :)

    Cheers,
    Leon



  • If you compile in release mode your application can be disassembeled and debugged in assembler mode. This is very cumbersome and in most cases not very helpful. Any reasonably complex program has simply too many instructions to be able to find out how all the bits and pieces work together.
    In debug mode your code typically contains references to source lines but afaik not the source code itself.



  • Thanks Leon and dialingo.

    Well, what could I do against it? Or is the probability so low, that a hacker can hack the exe-File and rebuild the whole source-code?

    What do you do in your important projects? Do you have any recommendations?



  • I must point out, that if you are really hacking onto something and not just reading about structures of thing, you want to have debugger and optionally disassembler to speed up analysis.

    Decompiler basically does what it says, decompiles the binary using data in it; compilation is lossy operation, so decompiled code won’t be same, usually much more obscure, and sometimes it also fails, making the code not working. Disassembly basically is same, but with assembly instruction: it is about lowest level that is easily human readable.

    With debugging, you can actually run the code, modify it and do whatever you want to actually try how it works; converted data of doesn’t really allow to actually try the code, you need different utility for it.



  • @Smar I like the phrase "easily human readable" :D



  • I would not worry any program is prone to reverse engineered even the latest and greatest applications by multi-billion dollar companies are reversed to usually pirate the software. It is a hard thing to prevent.



  • in other words you cant prevent it :)



  • But as long as your program is used by .. let's say 100 people .. I don't think that any of them will or could try reverse engineering on it.

    On the other hand if the software has the luck and become a world known one ... you can be sure that some 'nice' day, somebody will successfully reverse engineered it (and if it is commercial, a crack will be released).



  • There is really no way to stop someone from reversing software, but there are ways to make it more difficult such as compression and encryption that decompresses or decrypts on the fly when it is executed. Also no one will be able to reproduce an exact copy of you source code because a lot of the structure of the code is lost during compilation, and there is quite a bit of investment of time to take a piece of software and from the assembly reproduce working high level code. Plus, if it is not a commercial product you are making this is the least of worries.



  • [quote author="newe1" date="1302886524"]Thanks Leon and dialingo.

    Well, what could I do against it? Or is the probability so low, that a hacker can hack the exe-File and rebuild the whole source-code?
    [/quote]

    Honestly I do not worry that much from reverse engineer. There is no such thing as unbreakable encryption or total security :)

    You can distribute you application as an open source and no one will try to hack it ;)

    [quote author="secretNinja" date="1303018454"]But as long as your program is used by .. let's say 100 people .. I don't think that any of them will or could try reverse engineering on it.[/quote]

    Well... We are all trying to create killer apps, right? "Recently Ovi Store hit 5 million downloads a day":http://conversations.nokia.com/2011/04/12/nokias-ovi-store-hits-5-million-downloads-a-day/ so in general Qt applications are used by a lot more people than your guess! Sorry about this marketing offtopic I will focus on development issues from now on :)

    Cheers,
    Leon


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.