Decompiling Code¶
Decompiler are special modules that work on units as input instead of artifacts. They produce units as well, representing portions of decompiled source code.
JEB Pro ships with decompilers for:
- Dalvik (Android DEX files)
- WebAssembly modules (wasm)
- Ethereum contracts (EVM code)
- Intel x86 32-bit (all x86 - SSE/AVX support coming in JEB 3.1)
- Intel x86 64-bit (all x86 - SSE/AVX support coming in JEB 3.1)
- ARM 32-bit (and common ISA extensions)
- ARM 64-bit (v8 / aarch64)
- MIPS 32-bit
The following picture shows a child decompiler unit, as well as a suite of decompiled classes units.
How to Decompile¶
- In the assembly view, position your caret on the area of code you would like to decompile.
- Hit the Tab key to decompile code (you can customize this, see the Keyboard Shortcuts section in the Settings page)
- If a decompiler unit can be created for the current code unit, a new decompiled code unit will be created
- The decompiled code unit will receive focus and the caret positioned on the area of code that most closely corresponds to the low-level bytecode or machine code
Back to the Assembly¶
Conversely, you can go back to the assembly from a decompiled view by using the Tab or Q key.
Managing Views¶
By default, a view representing a portion of decompiled code (eg, a class) will be replaced by the next class being decompiled. This default behavior is to avoid cluttering the workspace with tens of views representing various decompiled artifacts. However, if you would like to open every piece of decompiled code in a separate view, you may do so by checking the Navigation, do not replace Views menu option.
Actions and Interactivity¶
Generally, when it comes to interactity, decompilation plugins proxy requests to their corresponding parent code unit. That means that the actions set offered is essentially the same. The consistency between views is maintained.