Dev.SN ♥ developers
Sections
Dev.SN
Anonymous Coward writes:
"Dan Luu, in his blog, suggests that editing binaries is something that we should consider from time to time. From that blog:
Editing binaries is a trick that comes in handy a few times a year. You don't often need to, but when you do, there's no alternative. When I mention patching binaries, I get one of two reactions: complete shock or no reaction at all. As far as I can tell, this is because most people have one of these two models of the world:
- There exists source code. Compilers do something to source code to make it runnable. If you change the source code, different things happen.
- There exists a processor. The processor takes some bits and decodes them to make things happen. If you change the bits, different things happen.
If you have the first view, breaking out a hex editor to modify a program is the action of a deranged lunatic. If you have the second view, editing binaries is the most natural thing in the world. Why wouldn't you just edit the binary?"
This discussion has been archived.
No new comments can be posted.
Editing Binaries: Easier Than It Sounds
|
Log In/Create an Account
| Top
| 1000 moderator points
| 38 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
I'm not a robot like you. I don't like having disks crammed into me... unless they're Oreos, and then only in the mouth.
-- Fry
(Score: 3, Interesting) by Nerdfest on Monday March 24 2014, @05:00PM
You certainly wouldn't edit binary unless you absolutely had to. Do you store changes to your binary in source control? How do you integrate edits into a repeatable build process? Editing the binary when you have the source code seems like something you'd do when you couldn't figure out how to achieve your goal through maintainable means.
(Score: 3, Interesting) by The Mighty Buzzard on Monday March 24 2014, @05:15PM
123
456
789
(Score: 2) by edIII on Monday March 24 2014, @06:45PM
What I take away from this is a very simplistic view of altering binaries and a complete disconnect with the realities of the world.
At a high level altering binaries makes the most sense and ostensibly seems to be the easiest and most effective.
I completely agree. From a purely user centric point of view that is. As a user I only care about the function of the binary in my own "ecosystem". Concerns the rest of the world have collectively don't mean anything to me. It's my network. If I want the user interface pink, then pink it will be.
Pirates operate this way. Specifically, crackers that only care about altering the function. They can create a patch and get more complicated later. Source? Pirates rarely if ever get to work with source.
In the real world though you have plenty of considerations:
- Development and Production. It's much better to build the entire project all over, test it, and push out an incremental patch than it is to isolate sections and patch production files.
- Updates. I can alter a binary but I lose update capabilities that will swap out binaries and eliminate my work.
- SKILL. I need to actually know how to perform this magic of editing a binary. That's not a regular skill. It requires a fairly sophisticated understanding of the processors, assembly, optimization patterns (??), and the ability to read code like that, and then abstract all of the structures in your head.
It really doesn't matter that this guy is correct about editing binaries in his point of view, the rest of the world barely lacks the capabilities of doing so. That includes a fairly large portion of IT, the force wielding wizards as the rest of world sees them.
I can't edit my own binaries like that. Not even close. I understand it to the extent I know all the different parts of a combustion vehicle, but that doesn't mean I can rebuild my engine. I might be pretty average in that I am capable of writing native code and compiling it. I've altered source and recompiled in Asterisk a few times that's it. I don't qualify for hex editing native binaries and I know first hand only 1 or 2 that do. They might have been full of it.
Most likely it's a skill that few people undertake to develop because corporations don't sponsor that kind of dev/prod environment. So how is it practical to advise the rest of the world to just edit binaries when less than 1% know how?
(Score: 3, Interesting) by The Mighty Buzzard on Monday March 24 2014, @08:03PM
Turns out he wasn't talking about directly editing the binaries anyway. He was disassembling them and reassembling them after he made changes. God awful though it may be (worse than perl written by a regex guru), assembly is still source.
I'd thought he was talking directly hex editing them. I've done that to games before but that was way back in the day and I will not be doing it again.
123
456
789
(Score: 2) by Snotnose on Monday March 24 2014, @07:59PM
You figure out what in the source code needs to change, fix the source, then edit the binary while you wait for the source to build (or test the change before starting a new build).
Some builds take a while. Some of us prefer to be productive with our time, as opposed to reading Soylent News and Fark during a 30 minute build.
(Score: 2) by tangomargarine on Tuesday March 25 2014, @10:36AM
I know that the online community made a patch for Sid Meier's Alpha Centauri to fix a few slightly crippling (for competitive play) bugs, and since the game is closed-source, I can only assume somebody went in with a hex editor. So yeah, in that case it's because they didn't have any choice.
Those two viewpoints are mutually exclusive, either. I'm so glad I had to take that assembly course in college, as it really made the connection between what we do in C-like languages and how that ends up being bits. Not that I could translate compiled machine code even with a code table without going insane, but hey...
A Discordian is Prohibited of Believing what he reads.
(Score: 2) by tangomargarine on Tuesday March 25 2014, @10:39AM
*aren't mutually exclusive. Whoops.
A Discordian is Prohibited of Believing what he reads.