Possibility of decompiling .exe to m files?
41 views (last 30 days)
Show older comments
Hello !!!
I lost the data of my computer but I have an executable, is it possible to recover the .m files from and executable version ?? using MATLAB?? please it is urgent.
0 Comments
Answers (2)
Rik
on 24 Oct 2017
Have you tried insert favorite search engine? My first hit was this page. I don't think this will have changed in the mean time, so the answer is no.
12 Comments
Jan
on 30 May 2021
"This is not a personal attack."
I'm glad to hear this. Nevertheless, it does not help to solve a Matlab problem.
Walter Roberson
on 30 May 2021
Kris Janssen:
"encryption is the reversible act of hiding data using a key pair."
That is incorrect. Encryption is any process that is intended to make data unreadable to unauthorized people. Encryption with a key is only one kind of encryption. ROT13 is encryption even though it does not use a key: it is a Caesar Cypher with offset 13. Encryption that uses a key is typically better encryption, but it is not the only kind of encryption.
The page you linked to talks about limits to obfuscation, that the result must still be readable to the programming language, but the result of pcode is not valid matlab source code: matlab has to have a separate reading routine for pcode.
"2009/24/EC"
I am not in the EU. In my country, the lobbying from entertainment industries have considerable influence on law, and breaking deliberate hiding of information (whether with a key system or not) is specifically illegal, with the exception that people with disabilities are permitted to make adaptations to get the program to work with their equipment (such as breaking protection on an ebook in order to use a screen reader) -- but it is illegal for anyone else to help them do this or to sell devices for the use by people with disabilities. It is a theoretical right with a very high bar. It is an open question in law as to whether security researchers in my country have the legal right to investigate security... unlike the United States which has a specific exemption for security researchers.
Jan
on 24 Oct 2017
Edited: Jan
on 23 Jan 2018
No, this does not work. The executable contain some parts of the M-files, e.g. the comments, under certain conditions. But the actual code is encrypted. To decrypt it, you would have to crack the encryption method, but this is very expensive (perhaps hundreds of years of computing time), and illegal (reverse engineering of the encryption method).
Unfortunately the golden rule is true:
All data without a backup are not important.
5 Comments
Rik
on 21 Oct 2020
So you have a line like this in your code?
if ~strcmp(provided_key,'UnlimitedKey'),error('license incorrect'),end
Shouldn't you move that key to a variable so you can change it more easily? That would have the benefit of using a variable instead in that line, which would prevent this leak. You could also further obsfucate your code, see this thread.
I also suppose you are aware of RunAsDate, which completely defeats many limited time licensing systems by modifying the system time. The only solution around this would be to run your own time server and query the time at startup. Your users will strongly dislike you for requiring an internet connection.
Jan
on 22 Oct 2020
@Corentin OGER: Remember, that MATLAB is an interpreted language. A line like
if ~strcmp(provided_key,'UnlimitedKey'),error('license incorrect'),end
calls strcmp. The first thing an attacker tries to do is replacing the original strcmp function by something, which replies true, when one of its inputs is 'reply_true_in_every_case' and type this in as secret password. Using builtin('strcmp', ...) is safer, if you can proove, that builtin() was not highjacked also.
Never store passwords in clear text in the code, but use hashing methods. Otherwise they are too easy to find.
Do not rely on the system time, because this is very easy to modify. Look for the newest date of files in the TEMP folder to estimate the real date. Check the times of all processed files also.
If the code exists immediately after a license check, it is very easy to locate the check. So do not insert an error() near to the check, but set a flag, which is caught far away in the code and let the code exit regularily to avoid shadowing of the error() function.
These methods concern other programming languages as well. Especially in MATLAB the creation of a secure protection is a hard piece of work.
I gave up trying to protect my code completely but ship my codes as M-files. Then only one central function is protected as P-code and calls a C-Mex function, which calls a DLL, which decrypts a text block, which contains Matlab code to unlock the function. This is eval'ed and overwritten immediately. The decryption does not happen, if the debugger is active, the time from starting the function is longer than 1 second or any of the used functions is shadowed.
The much safer part of the copy protection is the code size: The customers can modify some lines of the M-files to adjust them to their needs, but they cannot keep the overview over 350'000 lines of Matlab and C code. So I give them the code for free and get money for the maintenance. I have a set of tools to manage the code automatically, e.g. to check the compatibility with a new Matlab or OS version. Then stealing the code is not useful for their scientific work.
See Also
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!