Reverse engineering software for data recovery…

If you are using proprietary or obsolete applications, backup utilities or software and need to recover the data, more often than not our engineers will need to reverse engineer the software in order to make meaningful use of the information. This is in an attempt to retrieve the raw data and recreate it in a modern format that is compatible with new versions of the software. What is reverse engineering and how does it work?

Here at Data Recovery Specialists we have reverse engineered literally thousands of different software versions. We keep a catalogue of all this work so we can call on it anytime. By creating representations of software at a higher level of abstraction, we can often manipulate existing code or handlers to suit a new project. Sometimes though we still have to start from the source code and work our way upwards.

To reverse engineer software to a higher level, we need two things. Firstly a clean sweep of the source code and secondly a model of how the data looks when output. This might be a sample file or better still a specification document or instructions about how the code was originally designed and written. When we apply reverse engineering to data recovery there can be two challenges. There may be physical damage to the media which we need to overcome before we can even create an image of the source code. Thereafter we need to reverse engineer the application software or operating system, to present that data back to the client at a higher level. Even when we can obtain an old copy of proprietary software, copy protection after hardware failure means there is still an element of reverse engineering.

The process of reverse engineering begins with disassembly. Here we use our own tools to convert binary code into assembly code and extract strings of data, libraries etc. These disassemblers convert machine language into a user friendly format. Debuggers allow us to edit the code at runtime and allow our engineers to step through the code line by line. Hex editors are also valuable to our engineers.

Reverse engineering examines the data only and allows us to understand the format and structure of the data. Using modern languages such as C++, C# and ASP our programmers then write specific handlers that can input the source code and output something much more meaningful to the client.