DCU source code recovery, EXE source code recovery.

Correspondent from Belgium

Your correspondent was reading some rubbish written by Delphi developers that Delphi EXE files and DCU files could not be reverse-engineered. Your correspondent examines the claims that Delphi EXE files and DCU files can or cannot be reverse engineered.

Advanced DCU reverse engineering

The infamous DCU2PAS decompiler which have gone through several years of work. The latest one can partially decompile Delphi XE DCU files, but for DCUs built with older compilers, the decompilation is quite accurate. It is so accurate, there have been several "non-official" releases of components with source codes reverse-engineered by this method.

Favorite Op-codes.

Your correspondent can see favorite op-codes being:

- JNP (Jump if not equal) changed to JMP (Jump regardless of condition), 

- JNZ (Jump if EAX is not Zero) changed to JZ (Jump if zero)

- JMP (offset) changed to NOP, NOP, NOP, NOP (No-Operation).

For example #1:if (Unregistered) then  

  ShowMessage('Please register this component'); 

if the assembly is changed from JNZ to JZ, then the pseudo-code equivalent is:

if not (Unregistered) then 

  ShowMessage('Please register this component'); // this will not execute at all.

For example #2:if (do something) then

begin

  MainCalculation();

end;

if the IF statement is changed to No-Operation, then the pseudo-code equivalent is:

... (Do Nothing, 10 bytes changed to NOP, 0x80) ...

begin

  MainCalculation();

end;

Hex-Rays Decompiler

Of all curious things, there is a Win32 EXE decompiler which can convert Delphi app to C codes for further analysis. With FLIRT, Delphi Run-Time library analysis, you can recover almost 100% source codes and see how the application works.

There are eleven kinds of crackers*...There are eleven kinds of crackers - the people who write keygens, cracks and patches, the second kind being the script kiddies who just lame around waiting for a keygen, crack or patch. Last, the experts who go around analyzing viruses, keygens, exploits and rebuild a whole complete program based on reverse-engineering.

* 11 = 3 in decimal. Thus, the statement is 3 kinds of crackers.

Of course, reverse engineering is illegal - but don't tell that to the people who write keygens, cracks and patches, the people who use them. They simply don't care about this issue. Bringing them to court for legal enforcement is of null-effect. You simply waste your time. 

Thus, what kind of apps should your correspondent recommend?The only way to make money, it seems, is to go to the cloud - provide goods and services based on it. Never offer a downloaded version or private server option. Or a client which depend on on-line server to be present.

Facebook, Google, Yahoo, DropBox, Blogger, GMail are all services which are all on the cloud. All of them make their owners very, very rich. Farmville is another example where the client is readily available but the server source code is a secret. The same goes for MMORPG games.

The battle for money?

Delphi developers are battling crackers, key-gens, source code distribution of their product, effectively they are losing money big-time. But then, Delphi is never meant for decent TCP/IP communication. (Skype uses the ICE network, but the ICE guys never released a Delphi version of their SDK). The quality of Indy is so bad that Delphi XE comes bundled with NSoftware's IP Works as an alternative. Making a socket-server in Delphi... maybe making a NET socket-server (i.e., libgen, raknet C#) or Java Soap Server seems better solution.