Ever tinker around with software files just to see how they work? Did you know that you can have quite a bit of fun with a hexdump? Here's how:
Let's take any hex dump. Microsoft Visual C++ has a pretty decent one, but there are many others out there. Start by opening up any file, executable or not, as binary.
There are three to four columns that look something like this:
000000 25 50 44 46 2D 31 2E 32 0D 25 E2 E3 CF D3 0D 0A %PDF-1.2.%......
Forget about the majority of what you see upon opening it. It's raw internal code, and is very hard to understand how to read. Most program instructions are encoded, so just forget about those. What we're more concerned about here is with text. The above is a line from a PDF file. Don't use a PDF file for this, because PDF files are too graphical. We're looking for a file that contains simple text. An example of simple text is simply character-based, such as the words within the menu of the WrongPlanet website, located to your left side.
Say you run a program, any program, and you see some words based on simple text. Say you're running a game and you see the scores. Say there's something that says: "YOUR SCORE:" How do you find this inside of the program code for the game? At first glance, you may think it would be in the executable code. Actually, that's not necessarily true. You'd have to find it. Here's how:
I don't know much about other operating systems other than Windows, though I probably should. The concept, however, is most likely similar. All you need to do is a specific type of search. Windows has a search component that reads "a word or phrase in the file." This component is part of the internal search mechanism given to you by Windows Explorer. Search for "YOUR SCORE:" in the directory that which the game uses.
At first glance, why would you search for the phrase "YOUR SCORE:" within this directory, when most of the raw code will appear to be junk characters upon reading? Simply put, character-based text is hidden within the amalgamation of nonsense that appears before your eyes. If you search for it, you will find it. On occasion, however, I have noticed a slight flaw in this sort of searching method. It doesn't always seem to work, because Windows is flawed. I tend to know what is character-based text and what is not, so if the search doesn't work, then you might have to search within the hex editor using the binary option. Whatever the case may be, once you found the file you're looking for using the Windows search, open it up as binary within a hex editor.
Use the 'find' or 'search' mechanism that comes with the hex editor. Search for "YOUR SCORE:" That should bring you right to the area where the text is located. Now, unless you are really good at reading hexadecimal, utilize the characters closest to your right side. These will be simply printed out as "YOUR SCORE:" In some cases, you may have to search for "Y O U R S C O R E : ". Once you found it, try changing something. Just replace "YOUR SCORE:" with "WHAT'S THIS" as an example. Make sure that the field has the same number of characters. Since "YOUR SCORE:" has 10 characters, make sure what you replace it with also has exactly 10 characters. If you don't, you could ruin the integrity of the program and cause a system crash in some cases. If the string has spaces between characters, make sure the spaces remain there when you replace the word as well. Once you have finished, just save the file as binary. Now, run the program. You'll be amazed at what you can do!
Hex dumps, however, can be very tricky to use. If you follow what I've just done, you won't have any problems. If you tinker around with anything else without knowing what you're doing, you could get some truly unexpected results, including system crashes.
- Ray M -
10 Apr 2006, 2:37 am
