wasmdec is a program that converts WebAssembly binaries to C.
An online real-time WebAssembly decompiler utilizing wasmdec is avalible here
wasmdec will translate this WebAssembly binary:
(module
(func $addTwo (param i32 i32) (result i32)
(return
(i32.add (get_local 0) (get_local 1))
)
)
(export "addTwo" $addTwo)
)
To the following pseudo-C code:
int fn_addTwo(int arg0, int arg1) {
return arg0 + arg1;
}
Diep.io (HTML5 web game written in C++ and compiled to WASM)
Diep.io is a real time web game written in C++ and compiled to WebAssembly via Emscripten.
- The WebAssembly binary is is always
http://static.diep.io/build_<BUILD HASH>.wasm.wasm
- The decompiled binary is avalible here
wasmdec is capable of decompiling itself back to C.
- The makefile has a
wasm
target that uses Emscripten to compile wasmdec to WebAssembly - The decompiled binary is avalible here
WebDSP (a signal processing library compiled to WASM)
From the WebDSP repository:
WebDSP is a collection of highly performant algorithms, which are designed to be building blocks for web applications that aim to operate on media data. The methods are written in C++ and compiled to WASM, and exposed as simple vanilla Javascript functions developers can run on the client side.
- A compiled version of the library is avalible on the WebDSP demo page
- The decompiled library is avalible here
A CTF write-up which uses wasmdec to reverse engineer a WASM binary
- Grab a release on the releases page and select the correct tarball for your OS and arch.
- Extract and run
install.sh
as root.
Clone the repository with
git clone https://github.com/wwwg/wasmdec.git --recursive
Make sure the recursive flag is set to clone all the submodules.
To build wasmdec and install all of it's dependencies, run sudo make all
in the wasmdec
directory. GCC 7 or higher is reccomended.
wasmdec -o (output file) (options) [input files]
Where options is one of:
-e
or--extra
: Emits extra function information as comments:- Raw WebAssembly names of functions
- Number of local variables and parameters of functions
-m
or--memdump
:- Dumps the binary's memory and table to disk
- NOTE : memdump ONLY dumps memory and doesn't actually do any decompilation
-d
or--debug
: Print extra debug information to stdout- If no output file is specified, the default is
out.c
- When more than one input file is provided, wasmdec will decompile each WebAssembly to the same output file. Functions from more than one file are prefixed by their module name in order to prevent ambiguous function definitions.