Reko : A General Purpose Decompiler

Reko (Swedish: “decent, obliging”) is a C# project containing a decompiler for machine code binaries. This project is freely available under the GNU General Public License.

The project consists of front ends, core decompiler engine, and back ends to help it achieve its goals. A command-line, a Windows GUI, and a ASP.NET front end exist at the time of writing.

The decompiler engine receives inputs from the front ends in the form of either individual executable files or decompiler project files.

Reko project files contain additional information about a binary file, helpful to the decompilation process or for formatting the output. The decompiler engine then proceeds to analyze the input binary.

Reko has the ambition of supporting decompilation of various processor architectures and executable file formats with minimal user intervention.

Please note that many software licenses prohibit decompilation or other reverse engineering of their machine code binaries. Use this decompiler only if you have legal rights to decompile the binary (for instance if the binary is your own.)

Also Read : SecLists : Security Tester’s Companion For Security Assessments

Installing Reko

Windows users

The following prerequisite software must be installed on your machine first:

.NET Framework 4.7.2 (https://www.microsoft.com/net/download/dotnet-framework-runtime)

Download an MSI file from one of the places mentioned above, then simply run the installer.

Non-Windows users

The following prerequisite software must be installed on your machine first:

mono version 5.14.0 (https://download.mono-project.com/archive/5.14.0/)

Note: we’ve been unable to test Reko with the most recent version of mono, 5.16.0, because a bug in said version makes it impossible to build. This has been reported in mono/mono#11663.

After installing mono, you can proceed by either downloading binaries directly from the integration build server, or by building Reko from sources (see Hacking below).

Documentation

To get acquainted with Reko’s various features, you can read the user’s guide. If you’re interested in the internal workings of the project, see the wiki.

Getting support

You can report any issues you encounter or ask any Reko-related question on the issue tracker. You can also try the Reko Gitter.im chatroom. Reko is built by volunteers’ efforts on their spare time, so adjust your response-time expectations accordingly.

Hacking

To build reko, start by cloning https://github.com/uxmal/reko. You can use an IDE or the command line to build the solution file Reko-decompiler.sln.

If you are an IDE user, use Visual Studio 2017 or later, or MonoDevelop version 5.10 or later. If you wish to build using the command line, use the command

msbuild Reko-decompiler.sln

(provided you have msbuild installed). All external dependencies needed to build Reko are included in the external directory.

Note: please let us know if you still are not able to compile, so we can help you fix the issue.

If you’re interested in contributing code, see the road map for areas to explore. The Wiki has more information about the Reko project’s internal workings. Please consult the style guide.

Warnings and errors related to WiX

You will receive warnings or errors when loading the solution in Visual Studio or MonoDevelop if you haven’t installed the WiX toolset on your development machine.

You can safely ignore the warnings; the WiX toolset is only used when making MSI installer packages, and isn’t even supported in MonoDevelop.

You will not need to build an installer if you’re already able to compile the project: the build process copies all the necessary files into If you do want to build an MSI installer with the WiX toolchain, you can download it here: http://wixtoolset.org/releases/

How do I start Reko?

The solution folder Drivers contains the executables that act as user interfaces: the directory WindowsDecompiler contains the GUI client for Windows users; MonoDecompiler contains the GUI client for Mono users; CmdLine is a command line driver.

R K

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

4 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

4 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago