I think that Retargetable Decompiler can be a good choice since it supports PowerPC.
I tried it out and it produces a result at least:
Disassembled input:
Decompiled output:
We just need to implement the API and off we go. Can someone please help writing an example Java/Python/curl script which takes a Raw.bin file from your PC containing PowerPC machine code and decompiles it using the API? Their decompile.py doesn't seem to work while the website version does:
Other decompilers like Boomerang probably don't even work or maybe someone can try that one as well. It crashed when I gave it an RPL but what else is to be expected. I'm not sure yet how to give it a machine code function only.
Aerosoul94 also made a modified Snowman decompiler for PowerPC but it only loads RPLs and no raw machine code apparently. Do NOT attempt to decompile entire RPLs. The IDA Pro plugin does work for decompiling certain functions. However, the decompilation is pretty bad. We can't do any better than that though because only HexRays makes better decompilers but they are commerical.
Please help me try out various things to figure out what works best for decompiling PowerPC raw machine code as a standalone application.
@CosmoCortney
@PandaOnSmack
@HackingNewbie
@Maschell
@NWPlayer123
@DarkFlare69
@QuarkTheAwesome
I tried it out and it produces a result at least:
Disassembled input:
Code:
0x1000000: 7c 08 02 a6 mfspr r0, 0x8
0x1000004: 94 21 ff f0 stwu r1, 0xfffffff0 ( r1 )
0x1000008: 90 61 00 08 stw r3, 0x8 ( r1 )
0x100000c: 90 81 00 0c stw r4, 0xc ( r1 )
0x1000010: 90 01 00 14 stw r0, 0x14 ( r1 )
0x1000014: 90 03 00 8c stw r0, 0x8c ( r3 )
0x1000018: 90 03 00 98 stw r0, 0x98 ( r3 )
0x100001c: 80 61 00 08 lwz r3, 0x8 ( r1 )
0x1000020: 7c 81 e2 a6 mfspr r4, 0x381
0x1000024: 90 a3 00 9c stw r5, 0x9c ( r3 )
0x1000028: a1 83 01 ba lhz r12, 0x1ba ( r3 )
0x100002c: 90 43 00 10 stw r2, 0x10 ( r3 )
0x1000030: 61 8c 00 04 ori r12, r12, 0x4
0x1000034: 39 60 00 01 addi r11, 0, 0x1
0x1000038: b1 83 01 ba sth r12, 0x1ba ( r3 )
0x100003c: 7c a2 e2 a6 mfspr r5, 0x382
0x1000040: 91 63 00 14 stw r11, 0x14 ( r3 )
0x1000044: 91 a3 00 3c stw r13, 0x3c ( r3 )
0x1000048: 91 c3 00 40 stw r14, 0x40 ( r3 )
0x100004c: 7c c3 e2 a6 mfspr r6, 0x383
0x1000050: 91 e3 00 44 stw r15, 0x44 ( r3 )
0x1000054: 92 03 00 48 stw r16, 0x48 ( r3 )
0x1000058: 92 23 00 4c stw r17, 0x4c ( r3 )
0x100005c: 7c e4 e2 a6 mfspr r7, 0x384
0x1000060: 92 43 00 50 stw r18, 0x50 ( r3 )
0x1000064: 92 63 00 54 stw r19, 0x54 ( r3 )
0x1000068: 92 83 00 58 stw r20, 0x58 ( r3 )
0x100006c: 7d 05 e2 a6 mfspr r8, 0x385
0x1000070: 92 a3 00 5c stw r21, 0x5c ( r3 )
0x1000074: 92 c3 00 60 stw r22, 0x60 ( r3 )
0x1000078: 92 e3 00 64 stw r23, 0x64 ( r3 )
0x100007c: 7d 26 e2 a6 mfspr r9, 0x386
0x1000080: 93 03 00 68 stw r24, 0x68 ( r3 )
0x1000084: 93 23 00 6c stw r25, 0x6c ( r3 )
0x1000088: 93 43 00 70 stw r26, 0x70 ( r3 )
0x100008c: 7d 47 e2 a6 mfspr r10, 0x387
0x1000090: 93 63 00 74 stw r27, 0x74 ( r3 )
0x1000094: 93 83 00 78 stw r28, 0x78 ( r3 )
0x1000098: 93 a3 00 7c stw r29, 0x7c ( r3 )
0x100009c: 7d 69 02 a6 mfspr r11, 0x9
0x10000a0: 93 c3 00 80 stw r30, 0x80 ( r3 )
0x10000a4: 93 e3 00 84 stw r31, 0x84 ( r3 )
0x10000a8: 90 83 01 c0 stw r4, 0x1c0 ( r3 )
0x10000ac: 7d 80 00 26 mfcr r12
0x10000b0: 90 a3 01 c4 stw r5, 0x1c4 ( r3 )
0x10000b4: 90 c3 01 c8 stw r6, 0x1c8 ( r3 )
0x10000b8: 7c c1 02 a6 mfspr r6, 0x1
0x10000bc: 90 e3 01 cc stw r7, 0x1cc ( r3 )
0x10000c0: 91 03 01 d0 stw r8, 0x1d0 ( r3 )
0x10000c4: 7c 89 ea a6 mfspr r4, 0x3a9
0x10000c8: 91 23 01 d4 stw r9, 0x1d4 ( r3 )
0x10000cc: 91 43 01 d8 stw r10, 0x1d8 ( r3 )
0x10000d0: 7c aa ea a6 mfspr r5, 0x3aa
0x10000d4: 90 c3 00 94 stw r6, 0x94 ( r3 )
0x10000d8: 91 63 00 90 stw r11, 0x90 ( r3 )
0x10000dc: 7c cd ea a6 mfspr r6, 0x3ad
0x10000e0: 91 83 00 88 stw r12, 0x88 ( r3 )
0x10000e4: 90 83 03 08 stw r4, 0x308 ( r3 )
0x10000e8: 7c ee ea a6 mfspr r7, 0x3ae
0x10000ec: 90 a3 03 0c stw r5, 0x30c ( r3 )
0x10000f0: 90 c3 03 10 stw r6, 0x310 ( r3 )
0x10000f4: 7d 08 ea a6 mfspr r8, 0x3a8
0x10000f8: 90 e3 03 14 stw r7, 0x314 ( r3 )
0x10000fc: 91 03 03 18 stw r8, 0x318 ( r3 )
0x1000100: 7d 2c ea a6 mfspr r9, 0x3ac
0x1000104: 80 01 00 14 lwz r0, 0x14 ( r1 )
0x1000108: 38 21 00 10 addi r1, r1, 0x10
0x100010c: 7c 08 03 a6 mtspr 0x8, r0
0x1000110: 91 23 03 1c stw r9, 0x31c ( r3 )
0x1000114: 38 60 00 00 addi r3, 0, 0x0
Code:
#include <stdint.h>
// ------------------- Function Prototypes --------------------
int32_t entry_point(int32_t a1, int32_t a2, int32_t a3, int32_t a4, int32_t a5, int32_t a6, int32_t a7, int32_t a8, int32_t a9, int32_t a10, int32_t a11, int32_t a12, int32_t a13, int32_t a14, int32_t a15, int32_t a16, int32_t a17, int32_t a18, int32_t a19, int32_t a20, int32_t a21, int32_t a22, int32_t a23, int32_t a24);
// ------------------------ Functions -------------------------
// Address range: 0x1000000 - 0x1000117
int32_t entry_point(int32_t a1, int32_t a2, int32_t a3, int32_t a4, int32_t a5, int32_t a6, int32_t a7, int32_t a8, int32_t a9, int32_t a10, int32_t a11, int32_t a12, int32_t a13, int32_t a14, int32_t a15, int32_t a16, int32_t a17, int32_t a18, int32_t a19, int32_t a20, int32_t a21, int32_t a22, int32_t a23, int32_t a24) {
// 0x1000000
int32_t v1; // bp-16
v1 = &v1;
*(int32_t *)(a1 + 140) = 0;
*(int32_t *)(a1 + 152) = 0;
*(int32_t *)(a1 + 156) = a3;
*(int32_t *)(a1 + 16) = 0;
*(int16_t *)(a1 + 442) = *(int16_t *)(a1 + 442) | 4;
*(int32_t *)(a1 + 20) = 1;
*(int32_t *)(a1 + 60) = 0;
*(int32_t *)(a1 + 64) = 0;
*(int32_t *)(a1 + 68) = 0;
*(int32_t *)(a1 + 72) = 0;
*(int32_t *)(a1 + 76) = 0;
*(int32_t *)(a1 + 80) = 0;
*(int32_t *)(a1 + 84) = 0;
*(int32_t *)(a1 + 88) = 0;
*(int32_t *)(a1 + 92) = 0;
*(int32_t *)(a1 + 96) = 0;
*(int32_t *)(a1 + 100) = 0;
*(int32_t *)(a1 + 104) = 0;
*(int32_t *)(a1 + 108) = 0;
*(int32_t *)(a1 + 112) = 0;
*(int32_t *)(a1 + 116) = 0;
*(int32_t *)(a1 + 120) = 0;
*(int32_t *)(a1 + 124) = 0;
*(int32_t *)(a1 + 128) = 0;
*(int32_t *)(a1 + 132) = 0;
*(int32_t *)(a1 + 448) = 0;
*(int32_t *)(a1 + 452) = 0;
*(int32_t *)(a1 + 456) = 0;
*(int32_t *)(a1 + 460) = 0;
*(int32_t *)(a1 + 464) = 0;
*(int32_t *)(a1 + 468) = 0;
*(int32_t *)(a1 + 472) = 0;
*(int32_t *)(a1 + 148) = 0;
*(int32_t *)(a1 + 144) = 0;
*(int32_t *)(a1 + 136) = 0;
*(int32_t *)(a1 + 776) = 0;
*(int32_t *)(a1 + 780) = 0;
*(int32_t *)(a1 + 784) = 0;
*(int32_t *)(a1 + 788) = 0;
*(int32_t *)(a1 + 792) = 0;
*(int32_t *)(a1 + 796) = 0;
return 0;
}
Code:
$ decompile.py --api-key my-secret-api-key Dump.bin
Dump.bin (ID: 25gwz3XGRZ) [## ] 5% FAIL
error: File format of the input file is not supported. Supported formats: PE, ELF, COFF, Mach-O, Intel HEX, Raw Data.
$ decompile.py --api-key my-secret-api-key Dump.bin -a powerpc
error: POST request to 'https://retdec.com/service/api/decompiler/decompilations' returned '422 Unsupported Combination (Unsupported combination of 'mode' ('bin') and 'architecture' ('powerpc').)'
Aerosoul94 also made a modified Snowman decompiler for PowerPC but it only loads RPLs and no raw machine code apparently. Do NOT attempt to decompile entire RPLs. The IDA Pro plugin does work for decompiling certain functions. However, the decompilation is pretty bad. We can't do any better than that though because only HexRays makes better decompilers but they are commerical.
Please help me try out various things to figure out what works best for decompiling PowerPC raw machine code as a standalone application.
@CosmoCortney
@PandaOnSmack
@HackingNewbie
@Maschell
@NWPlayer123
@DarkFlare69
@QuarkTheAwesome
Last edited by BullyWiiPlaza,