Stories
Slash Boxes
Comments

SoylentNews is people

Editing Binaries: Easier Than It Sounds

posted by janrinok on Monday March 24 2014, @08:51PM   Printer-friendly
from the not-for-the-faint-hearted dept.

Anonymous Coward writes:

"Dan Luu, in his blog, suggests that editing binaries is something that we should consider from time to time. From that blog:

Editing binaries is a trick that comes in handy a few times a year. You don't often need to, but when you do, there's no alternative. When I mention patching binaries, I get one of two reactions: complete shock or no reaction at all. As far as I can tell, this is because most people have one of these two models of the world:

  • There exists source code. Compilers do something to source code to make it runnable. If you change the source code, different things happen.
  • There exists a processor. The processor takes some bits and decodes them to make things happen. If you change the bits, different things happen.

If you have the first view, breaking out a hex editor to modify a program is the action of a deranged lunatic. If you have the second view, editing binaries is the most natural thing in the world. Why wouldn't you just edit the binary?"

 
This discussion has been archived. No new comments can be posted.
Editing Binaries: Easier Than It Sounds | Log In/Create an Account | Top | 37 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by edIII on Monday March 24 2014, @10:45PM

    by edIII (791) on Monday March 24 2014, @10:45PM (#20618)

    What I take away from this is a very simplistic view of altering binaries and a complete disconnect with the realities of the world.

    At a high level altering binaries makes the most sense and ostensibly seems to be the easiest and most effective.

    I completely agree. From a purely user centric point of view that is. As a user I only care about the function of the binary in my own "ecosystem". Concerns the rest of the world have collectively don't mean anything to me. It's my network. If I want the user interface pink, then pink it will be.

    Pirates operate this way. Specifically, crackers that only care about altering the function. They can create a patch and get more complicated later. Source? Pirates rarely if ever get to work with source.

    In the real world though you have plenty of considerations:

    - Development and Production. It's much better to build the entire project all over, test it, and push out an incremental patch than it is to isolate sections and patch production files.
    - Updates. I can alter a binary but I lose update capabilities that will swap out binaries and eliminate my work.

    - SKILL. I need to actually know how to perform this magic of editing a binary. That's not a regular skill. It requires a fairly sophisticated understanding of the processors, assembly, optimization patterns (??), and the ability to read code like that, and then abstract all of the structures in your head.

    It really doesn't matter that this guy is correct about editing binaries in his point of view, the rest of the world barely lacks the capabilities of doing so. That includes a fairly large portion of IT, the force wielding wizards as the rest of world sees them.

    I can't edit my own binaries like that. Not even close. I understand it to the extent I know all the different parts of a combustion vehicle, but that doesn't mean I can rebuild my engine. I might be pretty average in that I am capable of writing native code and compiling it. I've altered source and recompiled in Asterisk a few times that's it. I don't qualify for hex editing native binaries and I know first hand only 1 or 2 that do. They might have been full of it.

    Most likely it's a skill that few people undertake to develop because corporations don't sponsor that kind of dev/prod environment. So how is it practical to advise the rest of the world to just edit binaries when less than 1% know how?

    --
    Technically, lunchtime is at any moment. It's just a wave function.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 3, Interesting) by The Mighty Buzzard on Tuesday March 25 2014, @12:03AM

    by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Tuesday March 25 2014, @12:03AM (#20645) Homepage Journal

    Turns out he wasn't talking about directly editing the binaries anyway. He was disassembling them and reassembling them after he made changes. God awful though it may be (worse than perl written by a regex guru), assembly is still source.

    I'd thought he was talking directly hex editing them. I've done that to games before but that was way back in the day and I will not be doing it again.

    --
    My rights don't end where your fear begins.