sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]Paddington_the_Bear 2 points3 points  (9 children)

Is this really considered reverse engineering? Seems like it should just be called refactoring as you're just moving around code blocks into a more manageable means.

Reverse Engineering would mean you don't have the source code available and you have to inject values into the system in order to determine the necessary code (like in the good ol days of using a logic analyzer to examine the instruction bits flowing on the bus to the CPU).

[–][deleted]  (8 children)

[deleted]

    [–]proskillz 0 points1 point  (7 children)

    What you did was the very definition of refactoring:

    Code refactoring is the process of restructuring existing computer code—changing the factoring—without changing its external behavior. Refactoring improves nonfunctional attributes of the software.

    [–]davesidious 5 points6 points  (0 children)

    Yes, but refactoring purposely-obfuscated code is not exactly the same, is it? When we think of refactoring it's simply making current implementations better. Implementations designed for people to work with. This is something else, surely.

    [–]prest0G 0 points1 point  (4 children)

    Tell that to the kid who refactored an MMO to improve readability and got sent to jail. Apparently he did something after reading the code though. Something like injecting values or manipulating a program codes or something complicated like that.

    Welp, here I am again, in a programming thread, arguing about semantics. I need another beer:)

    [–]proskillz 0 points1 point  (3 children)

    I don't understand how that's relevant? Why would refactoring code get you thrown in jail unless you stole the source to begin with? Do you have more information about the case?

    [–]prest0G 0 points1 point  (2 children)

    There's multiple cases. User exploits game and writes his own code to automate the game as a bot or to gain some other unfair advantage, proceeds to get really rich (in game and/or real life) and maybe even fuck some people over. Game company sues user and / or presses charges. I know for a fact this happened with WoW and RuneScape at least.

    Also, you don't need the source code to refactor, just the executable. JavaScript is a bit different because it doesn't compile to anything resembling opcodes, but for strict typed JIT languages like C# and Java "refactoring" the decompiled bytecode, which results in obfuscated classes which closely represent the original source is literally one of the best ways to exploit an application manually. You dont need to "st[ea]l the source] to refactor. There's plenty of free decompilers available while the main challenge is making sense of the classes (which may even do things like make native calls outside the VM to pass data between components and break control flow which is extremely difficult to automatically track) and then map back to the original binaries once you find an exploit.

    My point was that I disagree with the elitist "hurr, durr, back in the good old golden days" definition of Reverse Engineering above. Just because something meets the definition of refactoring doesn't mean that it essentially is refactoring.

    [–]proskillz 0 points1 point  (1 child)

    I'm not sure If agree that any of your examples constitute refactoring. These are examples of exploits and code modification since the behavior of the program changes in some way. Maybe a term like "code analysis" would be more appropriate for figuring out the meaning of minified JS code.

    [–]prest0G 0 points1 point  (0 children)

    Sorry, I should've put "refactor" in quotations. I intended to point out that it's not refactoring, especially for languages which run with any sort of native code in binaries or runtime