Type of code conversion used in Linux executable files

command-line iptables executable compiling 14.04

I want to ask that what type of encoding is used to make linux executable files e.g. hexadecemal, binary or anything else. how is it converted ? Is there any way to get back the original code from this executable file?

Here's a bit of code I have:

ELF���������>�����%|�����@�������������������@�8��@���������������������@�������@�����7<�����7<������� ������������������f�����f���������������������� ������[�UPX!L
h�h�8����������?�E�h=��ڊ̓�N�    4���9ISloB�q�w�]ȉ.��,ς��Q䝦����#e��-�N����/�b,���d<��'��-E��6E�s�/�U���ly�V�Y2]"a��S�.�hU�|�S�J�I�2���X}
�G0�;���5d�$���.)

what is it suppose to mean?


Solution 1:

It's binary. The source code has been compiled. You can view it in an editor (a hex editor like bless might make for more refined changes) but you really need to know what you're doing. It's likely only good for making string changes.

For anything more hardcore, you can start to reverse engineer the binary into assembly code. This is often regarded as the lowest level human-parsable computer language.

objdump -d helloworld | less

But it'll include a lot of compiler nonsense too. For example, if you compile the most simple helloworld.cpp with G++ and then objdump it, you end up with 226 lines (208 stripped) of yuck. You could write a "hello world" in just 15 lines of assembly, compile it and objdump it but that still blossoms into 166 lines (stripped).

If you're good enough with assembly, this may give you enough access to understand what's happening, and even let you change it... But to answer your original question:

You cannot turn compiled code back into the original source code.

Sorry. It's a one-way transformation that loses information (comments, formatting, readable algorithm concepts, etc), is statically linked to other things and is generally optimised in such a way that would make it unintelligible to anything but the best and most seasoned programmers.

To give you an idea of the scale of the problem, the whole idea of reverse engineering software has its own Stack Exchange site.

Solution 2:

I have not enough reputation points for a comment so it is an answer:

No, it is not possible to convert it "back". You mention upx packer, did you ever read the manual of upx?

If you lost the source, or do not have access to code of somebody else doesn't matter here, it is simply not possible.

The binary executable was produced with a compiler, don't believe anything stated on this site, just read the manual of exactly that compiler. Then, you could add here, in what language the original code was written, which compiler was used, and then you might note yourself that this steps (preprocessing, compiling, linking, maybe packing) are not reversed as a whole, but could only be analyzed what the original author might have intended, and written.

Solution 3:

This is probably a binary file (an ELF File) as described nicely here:

https://en.wikipedia.org/wiki/Executable_and_Linkable_Format

If you have altered it with a normal text editor and saved your changes, this was no good idea and you may have destroyed it.

Related

How to disable GDM from being automatically started?
Can I still get Ubuntu after my first download attempt fails?
Does 'rm files*' remove all matches from all sub-directories?
How to get bass boost in Ubuntu just like Windows has?
Need Software to compare two text files [duplicate]
Why does redirecting sed output to same input file make my machine unresponsive?
How to separate command output to individual lines
Why does Vim in Ubuntu 20.04 require Python 3?
What does the name after '@' at terminal prompt mean?
Diffrence between two dirs?
How can I gradually encrypt a file that is being downloaded?
How to make the argument as optional in bash?