Name that executable
I have several applications installed on my computer (as is normal). Now, is there a way to know in what language was that executable made? What I have in mind is something like Nmap but for executables. If you run Nmap against a server it'll tell you the operating systems down to the version. Is there something like that about executables?
You mean determining programming language that an application which has been compiled to machine code was originally written in? No easy way that I know of. But you could search the executable for the copyright string of the compiler (remember that it might be in Unicode UTF-16 format!).
On unix systems you can generally figure it out by scanning the symbols with 'nm'
Something like Resource Explorer might help you:
Windows executables begin with the ASCII prefix "MZ". Mark Zbikowski, who wrote FAT - or adapted it or whatever. Isn't it amazing that ELF was never adopted?
Ogami, I see you created another stupid thread.
Yes, pitty so many people are replying to it. How do you feel by insulting so many people at the same time?
Ogami, it would be better if first you think and then think again and then post if you think it's really really necessary and you have a valid topic for a thread.
Luckily school starts soon, so maybe we'll start getting less of these blank-authored nasty posts.
Pol Pot is alive and kicking - on JoS!
Kalani, are you a friend of Ogami. And yes, hopefully shool will stop your madness.
How pathetic. Somebody asks a perfectly reasonable question, some nice people make a genuine attempt at answering it but others seemingly have nothing better to do than come and bitch at the poster for no obvious reason.
James, true, why bother. Pathetic attempt from your side.
On Unix, apart from 'nm' there's also 'file' which will give you more or less detailed information about the type of executable you're dealing with. There's also GNU objdump, though objdump might only work with ELF.
Why it's important to know which language a sw was written originally when you doing a reverse engineering? From asm you can back-compile to VB, C++, whatever.
On Windows you can sometimes guess by seeing what DLLs it imports: the VB run-time library, the MSVC run-time library, the .NET run-time library, ...
IDA - the Interactive Disassembler - can mostly tell which compiler produced the executable.
Ok, the big picture: I've been trying to develop an app, and I was trying to know in what language an similar app had been developed. I guessed Delphi (and I think I am right) but I wanted to make sure.
Fog Creek Home