Using Hex Editor On Precompiled Exes

[mark_boyle2002]

Although decompilation and editing of pre compiled programs is not strictly allowed there are certain reasons why you might want to do this.

I am sticking this together with a little handy program called fred (hex editor)


I will tutor by illustration here.

1. Why I had to Hexedit.

I downloaded a little password applet from www.javapowered.com that I was going to use on my webpage. It had a spelling mistake and instead of "O.K" it had "Okay" on the button.


2. What I did next

I decided to edit the little applet using FRED A Free hex/raw disk reader.

I copied the applet etc into a directory just off the root (Note: 8chars recomended for directory name as Fred is rather old now and hasn't quite got the hang of long file names or spaces

I ran the program and used it to open the applet.

I pressed alt+e to switch to editing mode.

I then looked through the text to find OKAY and replaced it with O.K

Note : It is important not to overwrite any characters which are not text and I find that keeping the length of the string the same is beneficial.

I then saved the file back to the disk.

Exit fred.


3. Testing

I have tried the applet numerous times and it seems to be intact and working fine with its new caption.

For those of you who are intrested its on my site at http://itdepartment.0catch.com

Note : This is a free host site so popups are likely.

[phishphreek]

You have to love hex editors... they are great for "tweaking"...

I use it all the time....

I have not used the Fred hex editor... but will give it a go.

XVI32 is the one I use in m$. Free and I've had no problems with it.

I couldn't agree with you more about changing the string length... I'll often get "invalid win32 application" if you change too much stuff around... especially shorten the string. I just put spaces there...

[tampabay420]

personaly, i like HackMan... Comes with a whole suite of cool editing tools...
http://www.technologismiki.com/hackman/

[Extreme]

is this how ppl find serials etc for trial programs to crack them?

[mark_boyle2002]

This isn't how people Crack programs although technically if there was an accepted string writen somewhere in the source you probably could.

Not that I'm recomending this or suggesting you try it.

Infact along with most of the nice people here I think that people who crack and use malicious code are just *&^%&&%%^ up in the head.

[HTRegz]

Hex Editors... hah.. sweet

I remember hex editing the version reply out of mirc.... That was ages ago before it was popular to do... people would be like hey you must be running BitchX and I'd be like nope... I'm in Windows running mIRC..... and the'd be like "Wow"... It even had that cool line "Editing out the version reply"

I'd have to agree that Hex Editors are incredibly useful.... I do however think this tutorial was lacking..... but it was a decent start.

[RoadClosed]

I do it al the time, FOR GOOD reason. Case point

Here is an example of a bad hack, although not super bad. Let's say you are playing a game and you have 1000 gold and that new sword is 5000? You can search the executable for a hexadecimal value of 1000, back a back up or the original and then change that storage location to a hexadecimal value of 5000. Restart your game and you now have 5000 gold. Sure this is a simple example but given that knowledge you can start to break down imbedded passwords and controls. Again this is a very simple example, most likely that 1000 valued is stored in various other files but you get the point.

Real world scenario: enter the mass deployment of an antiviral software client. After it was rolled out I discovered I made a mistake and selected a check box that would not have scanned client machines as thorough as I originally intended. I ran a hex dump of the exe with the bad check box and then changed the box and ran it again. I noted where the changes were stored in the code, modified it and pushed the modified file out the clients. Like magic they all had the change in place the next day.

Have fun it's a great tool! Thanks for the suggestion on a hex editor, I have already tried it.

[slarty]

Seeing as the thing you were editing is a Java applet, its source code can probably be decompiled into a form which can be (with a few modifications perhaps) recompiled.

Therefore, you can do that instead, which allows you to make completely arbritary modifications.

Normal Java compilers with the default options even leave the names of local variables in the binary (for debug purposes). You *almost* get the original source code out in some cases (minus comments of course)

Having said that, it is possible to put Java classes through an optimiser / obfuscator / anti-decompiler program, which makes them difficult to decompile - you can still decompile them to some extent, but the resulting code won't be legible, or compileable easily.

Here is an example of a bad hack, although not super bad. Let's say you are playing a game and you have 1000 gold and that new sword is 5000? You can search the executable for a hexadecimal value of 1000, back a back up or the original and then change that storage location to a hexadecimal value of 5000.

Hardly very likely.

As far as I know, the vast majority of games have error checking on their save game files (and probably on their own binaries), and will refuse to load / run the save game if a modification is detected.

The first game I know of to do this is Elite on the BBC Micro in about 1982 ... they had a competition to be the first person to complete the game. Working savegame editors were not released until years later.

Modern games probably have several independent routines for checking the validity of savegames and binaries.

The problem they have these days however, is that hackers use in-memory modification to change the contents of the game's memory while it's loaded - it is very difficult for the game to detect this.

[cypres]

I'm a new guy, an i think you can.
hex it
or
ice it

[MoonWolf]

hex editing most likely one of the skills most overlooked.

i remember the day's of building custom diablo 1 and in a lesser way diablo 2 items from scratch with only long lists of attributes.(now they all use save game editors, whimps)

Actually my one attempt to mod diablo 1 was in a hex editor because i knew to little asm to do it.(the changes were not that severe)

personal favourite hexworkshop shelved out money for that great editor, never use it anymore but still.