[ ๐ ๐ฉ ๐ฅ ]
Let's be honest, there is no reason to remember how to decompile stuff with the various tools available. Wouldn't it be nice to just decompile the $h*! out of things right off the fingertips in Visual Studio Code? Well, here we go: This extension decompiles ... - Binary executables for various platforms
- as supported by Ghidra; Windows PE, Linux ELF, IOS, etc..
- or IDAPro (Experimental, Windows Only for now)
- Java Jar archives and compiled Classes
- Android APK's
- Python
.pyc and .pyo - Ethereum/EVM based Smart Contracts
- (Experimental, Linux/MacOs only)
Just right-click โ Decompile on a supported executable and wait for the magic to happen. The decompilation result is added to a temporary sub-workspace. You can right-click โ Download files to your local file-system right from the sub-workspace. Have phun ๐ TourmacOS Windows (Ghidra vs. IDAPro) Ethereum Smart Contract Save the EVM byte-code in a file with extension .evm, then right-click โ Decompile. SetupRequirements: General - Requires Java (11+) to be installed system-wide. Just install the latest JRE/JDK for your OS (e.g. OpenJDK, Oracle JDK).
- Other tools are bundled with the extension. Just make sure Java is available in your
PATH.
Requirements: Binary executables (Ghidra / IDA Pro) - Requires a working installation of Ghidra (โ Download) to decompile executables
- either available in
PATH (like when you install it with brew cask install ghidra on os-x; or set-up manually) - otherwise please specify the path to the executable
/support/analyzeHeadless in code โ preferences โ settings: vscode-decompiler.tool.ghidra.path and make sure that the analyzeHeadless script runs without errors (and is not prompting for the JDK Home ๐ค). Here's a sample Ghidra config for Windows:
- (Experimental; Windows Only) Optional a licensed version of IDA Pro with decompiler support.
- specify the path to the
idaw executable in code โ preferences โ settings: vscode-decompiler.tool.idaPro.path, e.g. c:IDA68idaw.exe. - set preference to
idaPro (experimental Windows Only) in code โ preferences โ settings: vscode-decompiler.default.decompiler.selected. - we'll automatically try to run 32 and 64bits
idaw on the target application (preference on what executable is configured by you) - If you're running
<= IDA Pro 6.6 and the normal IDA decompilation mode does not work you can try the set preference to idaPro legacy hexx-plugin (experimental Windows Only) in code โ preferences โ settings: vscode-decompiler.default.decompiler.selected. Note: Use this method only if the normal IDA Pro mode doesnt work. Caveat: idaw*.exe must not be in a path that contains spaces, ask @microsoft why ๐.
Requirements: Python - Python decompilation requires
pip3 install uncompyle6 (see settings)- specify the
uncompyle6 script location in code โ preferences โ settings: vscode-decompiler.tool.uncompyle.path or set to uncompyle6 if it is available in PATH
Requirements: Smart Contracts (EVM byte-code) - The pseudocode generator panoramix/eveem requires a working installation of
python3.8 or newer.- specify the
python3.8 path in code โ preferences โ settings: vscode-decompiler.tool.python38.path (e.g. /usr/local/opt/python@3.8/bin/python3.8 (macos/homebrew)) - make sure
pip for python3.8 is installed - install
panoramix dependencies: $ /usr/local/opt/python@3.8/bin/python3.8 -m pip install coloredlogs requests web3 timeout_decorator
- Note: Panoramix is run in local mode. EVM byte-code is not sent to eveem.org.
- It will attempt to download a function signature database on first load.
- It will cache files to
/.panoramix.
- No Windows support :/ (see this issue).
Setting tool preferences code โ preferences โ settings:
- Set default decompiler preference to
ghidra (default) or idaPro (experimental Windows Only) (requires a licensed version of IDAPro + Decompiler)vscode-decompiler.default.decompiler.selected
- Set preference for java decompilation to JADX or JD-CLI (default)
vscode-decompiler.java.decompiler.selected
- Set preference for android apk decompilation to dex2jar + jd-cli (slow) or JADx (default)
vscode-decompiler.apk.decompiler.selected'
CreditsThis extension wouldn't be possible without the smarties that are developing the following reverse-engineering tools: - Ghidra by @NSA/CSS
- JadX by @skylot
- JD-CLI by @Josef Cacek
- dex2Jar by @Bob Pan
- python-uncompyle6 by @R. Bernstein
- panoramix the engine behind eveem.org created by @Tomasz Kolinko
- LogoMakr (CC; Logo)
Release Notessee CHANGELOG |
Decompiler Visual Basic Exe File
Decompile Visual Basic Exe
citation needed P-code output support was provided in 16-bit Visual C compilers and all versions of Visual Basic up to VB 6. At runtime, P-code is executed by and inside the Visual Basic virtual machine, msvbvm.dll, which also provides the runtime, implementing the VB standard library and handling special metadata like forms. Source code generation (decompilation) is only available for.NET applications and is based on the open source ILSpy project. Decompilation is only available in Visual Studio 2019 16.5 and later. Applying the SuppressIldasmAttribute attribute to an assembly or module prevents. The VB version in which the exe was made is probably VB4.0 or VB5.0. On searching the net, I came across some decompiler programs. But the problem is for them to work, either VB4.0 had to be installed in the PC.and the higher commercial versions were quite expensive. Can somebody help me to decompile the 'exe' file and get the source codes?
