Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday March 24 2014, @08:51PM   Printer-friendly
from the not-for-the-faint-hearted dept.

Anonymous Coward writes:

"Dan Luu, in his blog, suggests that editing binaries is something that we should consider from time to time. From that blog:

Editing binaries is a trick that comes in handy a few times a year. You don't often need to, but when you do, there's no alternative. When I mention patching binaries, I get one of two reactions: complete shock or no reaction at all. As far as I can tell, this is because most people have one of these two models of the world:

  • There exists source code. Compilers do something to source code to make it runnable. If you change the source code, different things happen.
  • There exists a processor. The processor takes some bits and decodes them to make things happen. If you change the bits, different things happen.

If you have the first view, breaking out a hex editor to modify a program is the action of a deranged lunatic. If you have the second view, editing binaries is the most natural thing in the world. Why wouldn't you just edit the binary?"

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by Nerdfest on Monday March 24 2014, @09:00PM

    by Nerdfest (80) on Monday March 24 2014, @09:00PM (#20546)

    You certainly wouldn't edit binary unless you absolutely had to. Do you store changes to your binary in source control? How do you integrate edits into a repeatable build process? Editing the binary when you have the source code seems like something you'd do when you couldn't figure out how to achieve your goal through maintainable means.

    Starting Score:    1  point
    Moderation   +1  
       Flamebait=1, Interesting=1, Informative=1, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 3, Interesting) by The Mighty Buzzard on Monday March 24 2014, @09:15PM

    Yeah, I'm going to have to RTFA because I just can't picture myself doing this. Maybe back when I used Windows and didn't know what a disassembler was but there's absolutely no reason to that I can see if you have the source.
    --
    My rights don't end where your fear begins.
    • (Score: 2) by edIII on Monday March 24 2014, @10:45PM

      by edIII (791) on Monday March 24 2014, @10:45PM (#20618)

      What I take away from this is a very simplistic view of altering binaries and a complete disconnect with the realities of the world.

      At a high level altering binaries makes the most sense and ostensibly seems to be the easiest and most effective.

      I completely agree. From a purely user centric point of view that is. As a user I only care about the function of the binary in my own "ecosystem". Concerns the rest of the world have collectively don't mean anything to me. It's my network. If I want the user interface pink, then pink it will be.

      Pirates operate this way. Specifically, crackers that only care about altering the function. They can create a patch and get more complicated later. Source? Pirates rarely if ever get to work with source.

      In the real world though you have plenty of considerations:

      - Development and Production. It's much better to build the entire project all over, test it, and push out an incremental patch than it is to isolate sections and patch production files.
      - Updates. I can alter a binary but I lose update capabilities that will swap out binaries and eliminate my work.

      - SKILL. I need to actually know how to perform this magic of editing a binary. That's not a regular skill. It requires a fairly sophisticated understanding of the processors, assembly, optimization patterns (??), and the ability to read code like that, and then abstract all of the structures in your head.

      It really doesn't matter that this guy is correct about editing binaries in his point of view, the rest of the world barely lacks the capabilities of doing so. That includes a fairly large portion of IT, the force wielding wizards as the rest of world sees them.

      I can't edit my own binaries like that. Not even close. I understand it to the extent I know all the different parts of a combustion vehicle, but that doesn't mean I can rebuild my engine. I might be pretty average in that I am capable of writing native code and compiling it. I've altered source and recompiled in Asterisk a few times that's it. I don't qualify for hex editing native binaries and I know first hand only 1 or 2 that do. They might have been full of it.

      Most likely it's a skill that few people undertake to develop because corporations don't sponsor that kind of dev/prod environment. So how is it practical to advise the rest of the world to just edit binaries when less than 1% know how?

      --
      Technically, lunchtime is at any moment. It's just a wave function.
      • (Score: 3, Interesting) by The Mighty Buzzard on Tuesday March 25 2014, @12:03AM

        by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Tuesday March 25 2014, @12:03AM (#20645) Homepage Journal

        Turns out he wasn't talking about directly editing the binaries anyway. He was disassembling them and reassembling them after he made changes. God awful though it may be (worse than perl written by a regex guru), assembly is still source.

        I'd thought he was talking directly hex editing them. I've done that to games before but that was way back in the day and I will not be doing it again.

        --
        My rights don't end where your fear begins.
  • (Score: 2) by Snotnose on Monday March 24 2014, @11:59PM

    by Snotnose (1623) on Monday March 24 2014, @11:59PM (#20644)

    You figure out what in the source code needs to change, fix the source, then edit the binary while you wait for the source to build (or test the change before starting a new build).

    Some builds take a while. Some of us prefer to be productive with our time, as opposed to reading Soylent News and Fark during a 30 minute build.

    --
    Why shouldn't we judge a book by it's cover? It's got the author, title, and a summary of what the book's about.
  • (Score: 2) by tangomargarine on Tuesday March 25 2014, @02:36PM

    by tangomargarine (667) on Tuesday March 25 2014, @02:36PM (#20965)

    I know that the online community made a patch for Sid Meier's Alpha Centauri to fix a few slightly crippling (for competitive play) bugs, and since the game is closed-source, I can only assume somebody went in with a hex editor. So yeah, in that case it's because they didn't have any choice.

    Those two viewpoints are mutually exclusive, either. I'm so glad I had to take that assembly course in college, as it really made the connection between what we do in C-like languages and how that ends up being bits. Not that I could translate compiled machine code even with a code table without going insane, but hey...

    --
    "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
    • (Score: 2) by tangomargarine on Tuesday March 25 2014, @02:39PM

      by tangomargarine (667) on Tuesday March 25 2014, @02:39PM (#20966)

      *aren't mutually exclusive. Whoops.

      --
      "Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"