I didn't find a specific forum to ask this on, and as the country I live doesn't have a market for this purpose, here it goes.

Suppose I work for some IT company whose one of the projects is to reverse engineer a win32 x86 executable 1.0MB big upon which the original high-level C++ code has been lost and assuming no packers or any other anti-rce tricks have been used in this executable.

Just so I can have an idea, how much time and price (final price for the client) should be put on this project (assuming 1 or 2 person would work on it)? Also, what are the mainly used metrics to measure the efforts (executable size, protection(s), platform...)?

Thanks

Well my friend if your just looking to get at the decompiled source code this can be done for free(or cost a lot).. using some of the tools on the Net..IDA and hex-rays plugin for parsing the database into C++.. from that its just a few simple modifications to get functioning source code...I say it could cost a lot, because IDA isn't free but it can be done..

regards BanMe

I would say it could be a considerable effort. Usually if a company asks for these kind of services and want their source code back so badly, most likely it is because the code contains something that they consider very important and critical to their future development. As such, I believe they will not be content with a bunch of pieces of pseudoC glued together: they will want classes reconstructed (you mentioned C++), documentation for everything and so on.

Anyway, I recommend reading http://boomerang.sourceforge.net/lostsource.php. It is a bit old, but still relevant

15 grand, eh?

This document gave me some grounding on the pricing.

Thanks!

In my personal experience - let me give you an advice: pretend to be paid on monthly basis, and if guys start to moan about the slowness of ther work etc etc - pretent your money, always.

Much people that wants this kind of service (in my experience) have many words and little money... especially after some month, when they start to see how much time it takes to get sources back
If you get paid on monthly basis, the worst it can happen is that you get 1-month work unpaid...

0x0f1f

ps: imho i'd not go for less than 10k$/month, but the more you can get the better - just be sure to be paid every month