With a lot of work and dedication, any machine code program can be decoded into source code that, more or less, makes sense. It's almost impossible to recreate the original source though, especially if it was optimized and striped of symbols. For example, you find in the code multiple calls to a single subroutine, which after a bit of head-scratching start to resemble strcpy(). You go back and look through the arguments that are passed to said subroutine, and as it turns out they are all strings. That is a strong indication it really is strcpy(). You name that subroutine "strcpy" and move on... That, in a tiny nutshell, is how reverse engineering works (don't quote me on that). Many times, simply looking at the code isn't enough. You need to observe the program while it is running, and see how changing some variable influences its execution.