Why is it so easy to decompile .NET IL code?

前端 未结 4 1468
攒了一身酷
攒了一身酷 2021-02-04 04:55

Why is it so easy to decompile .NET IL-code into source code, compared to decompiling native x86 binaries? (Reflector produces quite good source code most of the time, while dec

4条回答
  •  孤街浪徒
    2021-02-04 05:37

    There are a number of things that make reverse engineering il fairly easy.

    • Type information. This is massive. In x86 assembler, you have to infer the types of variables based on how they are used.

    • structure. Information on the structure of the application is more available in il disassemblies. This, combined with type information, gives you an amazing amount of data. You're working at a pretty high level at this point (relative to x86 assembler). In native assembler, you have to infer the structure layouts (and even the fact that they are structures) based on how the data is used. Not impossible, but much more time consuming.

    • names. Knowing the names of things can be useful.

    These things, combined, means you have quite a lot of data about the executable. Il is basically working at a level much closer to the source than a compiler of native code would be. The higher level the bytecode works at, the easier reverse engineering is, generally speaking.

提交回复
热议问题