How long would it take to disassemble Rybka 4?

[Tom Barrister]

I'm merely curious.

Assuming a competent programmer, with considerable experience at disassembly, and who had the tools (hardware/software/whatever needed) to do the job, were being paid to disassemble Rybka 4, approximately how many hours would it take?

[Romy]

I'm merely curious.

Assuming a competent programmer, with considerable experience at disassembly, and who had the tools (hardware/software/whatever needed) to do the job, were being paid to disassemble Rybka 4, approximately how many hours would it take?

Automatic disassembler can do it without too much human interventions.

But I think you mean decompile not disassemble.

Result of decompile is one possible candidate source in high-level language. Result of disassemble is assembly language (low-level).

For question about decompile, ask Mr Osipov he is posting here at same time. He is the expert.

[Tom Barrister]

Thanks for the correction.

What I mean is to have the Windows executable taken apart and reduced to source code that other programmers could understand. If that's decompiling, then that's what I mean.

[Tom Barrister]

Never mind. I've found out what I needed to know. It's a moot point now.

[bob]

I'm merely curious.

Assuming a competent programmer, with considerable experience at disassembly, and who had the tools (hardware/software/whatever needed) to do the job, were being paid to disassemble Rybka 4, approximately how many hours would it take?

I don't know that one could estimate this very accurately unless they had done something similar several times previously.

If an executable is stripped, you have three distinct tasks.

1. Locate each entry point by searching for call instructions. Now you know where each procedure is located and where it ends.

2. look at each procedure independently to understand the semantics of what it does. This is sometimes a recursive thing because you might have to decode others first, just to figure out what the data structures look like and what they contain.

3. Now you get to put the whole thing in context to understand the overall program.

That is a _lot_ of work. If the global symbols are not stripped, things are a lot easier because you will know the names of the procedures as well as their location, which gives you a really big hint as to what they do. If you have local symbols (as in a debug compile) then the assembly language code is readable immediately as you know procedure names and variable names.

A typical commercial product has global symbols intact. Some strip them out to either make the executable file smaller, or to obfuscate their code to make reverse-engineering harder.

[Osipov Jury]

Rybka 4 contains approximately 100,000 lines of ASM-code (non-library functions).
I would need the following times:
1. About 1 month to get a compiled project in assembler.
2. Another month to convert from assembler to pseudo-C.
3. 2-3 months to obtain pure C code.
4. Another month on the final fine-tuning of the code.

[Tom Barrister]

Thanks for the replies. I was afraid it would run into serious time and money.

The less expensive solution would be to pay the asking price for rhe actual source, and of course that would save a lot of time.

Of course that"s just a "what if" thing....

[Dann Corbit]

I'm merely curious.

Assuming a competent programmer, with considerable experience at disassembly, and who had the tools (hardware/software/whatever needed) to do the job, were being paid to disassemble Rybka 4, approximately how many hours would it take?

It would take IdaPro about a minute to turn the binary into assembly.
You could use the hex rays decompiler to get uncommented spaghetti C in five minutes or so.
I doubt if it would compile.

[wims]

As the previous poster said, you could use hexrays to get pseudo-c in 5 minutes, but you'd probably have to spend a month converting it to compilable code. The code is really difficult to read from a human point of view as well, so it would be hell to try to improve it.

[Romy]

It would take IdaPro about a minute to turn the binary into assembly.
You could use the hex rays decompiler to get uncommented spaghetti C in five minutes or so.
I doubt if it would compile.

Correct.

Are you "Juri Osipov"?

That conclusion is consistent with the evidence.

To the same degree that it is consistent with the evidence that Mr Rajlich stole from Fruit.