Hi all,

I need little help with one tool from this link: http://www.woodmann.com/collaborative/tools/Scripts_for_Perl_Decompiling

There is description how to decompile perlcc but in zip file was missing qq.pm module. Can someone reupload it or provide some new tutorial how to decompile perlcc scripts ?

Thx

Who can upload ?

Hi. Unfortunately it doesn't look like the qq.pm file ever existed in that tool upload. I checked an old backup I have and the file contents are the same. The original zip file has never been changed on the server, so for some reason it was uploaded that way, which I agree isn't too useful.

I know little about Perl, but from the looks of it the qq.pm file is only meant for dumping the IDA or Gdb decompiled code through a 'qqq' function while loaded in the debugger, in conjunction with default Perl functions. Perhaps with a little bit of work one could at least get the IDC script communicating with a new blank qq.pm file and 'qqq' function to show a simple message, and then rebuild a dumping function from there. Most of it, except for the missing blank box looks fairly straightforward and would at least be an interesting challenge to try.

Kayaker

Hi,

that is very sad but it's challenge

So inject of qq.pm and qqq function is not problem, that will work over IDA or GDB, problem is what to put inside function to decompile optree As I read in README there is one sentence : "The execution tree can be decompiled by documented Perl B:: Decomp module", that module/function is probably also custom?

Optree can be converted into source code with B:: Deparse, but I don't have enough knowledge to use it in "qqq" function. Can someone help ?