hello i am little new to all this but i want to know that: as you know there are many decompilers for java to decompile .class files to .java files. i really wonder that what is the logic behind decompilers? I know when we compile a java code, firstly it is converted to byte code and then machine code. i think decompilers convert bytecodes to java codes. actually i want to know that are decompilers a part of the reverse engineering or it is just a simple decryption? if so, how to be done? thanks for answers..
When you compile java code, it is converted into bytecode. It is not converted into machine code.
When you read enough java bytecode, you can easily guess what the source code might have looked like. There are portions which you cannot reconstruct, but many portions can be.
For example (using pseudo java bytecode)
push int 5;
push int 10;
add int
store int local 4;
would roughly translate to
int (the fourth local "something") = 5 + 10;
A decompiler attempts to match patterns in the bytecode to possible structures in the java source code which will generate the same bytecode. Sometimes the back-mapping is incredible difficult, but with Java it is pretty easy.
Needless to say, some bits of information get lost in the compiling process. Local variable names are not always needed for correct operation (so they might be discarded). Comments are typically also not present. Parameter names are typically not needed. A reversed program is only functionally similar to its original.
Reverse engineering is a loosely applied term that does not just encompass decompiling. Decompiling is considered copying, and some reverse engineering techniques are not considered copying. Clean room reverse engineering involves
As you can see, using this technique there is no copying of original source. In fact, to make sure that no claims of direct copying can be made, typically those involved in step 3 are not the same people involved in steps 1 and 2.