Subscribe to Bodom's Universe
Leave Comment
A great way to modify the behavior of a program is by directly altering the executable file. Anyone with experience programming in assembly knows that the executable file itself is just operations and data. Opcode and operands, represented in hexadecimal format. As long as we do not change the length of the overall program, we do not risk corrupting the application. With enough study, one can apply techniques to reverse engineer and manipulate programs.
I will not be going into very advanced topics, as this is mostly produced from my own playing with executables. That, and this can expose security vulnerabilities of systems. Furthermore, I am not liable for any damage that may incur from you doing this. Broken computers or software is not my concern. If you are careful, you should be fine.
My first example will be a "Hello World!" example. Basically, we will write a "Hello World!" Program in C, and then manipulate the executable to change our message to something else. All you need to do this is GCC and your favorite text editor. You can use a hex editor as well, but this is a very straight forward example, and it is unnecessary.
The code for hello world is shown here:
We then compile with gcc:
Then, open the file in a text editor
I use vim personally, but you may use whatever you wish (emacs, kate, gedit, etc)
When you first open the executable, it may seem daunting, but there is not a lot we have to worry about here. Look through it, and find our message, Hello World!
We can replace this text with another message. For now, let's make it the same length. I used Fellow Guys! but you can add whatever you want.
Save the file, and execute it. Your output will be the new message!
Now, take a single character from right after our string, and replace the last character of the string with it. (In vim, it is ^@ )
We've now shortened the string by 1. We can do the opposite as well, as long as the character is replacing an ^@ and is a part of the string, and there is at least one ^@ at the end of the string.
I'll be experimenting with this over the next few days, and will post another entry with my own discoveries (because playing around with it is more fun than reading a tutorial)
I will not be going into very advanced topics, as this is mostly produced from my own playing with executables. That, and this can expose security vulnerabilities of systems. Furthermore, I am not liable for any damage that may incur from you doing this. Broken computers or software is not my concern. If you are careful, you should be fine.
My first example will be a "Hello World!" example. Basically, we will write a "Hello World!" Program in C, and then manipulate the executable to change our message to something else. All you need to do this is GCC and your favorite text editor. You can use a hex editor as well, but this is a very straight forward example, and it is unnecessary.
The code for hello world is shown here:
#include<stdio.h>
int main(int argc, char** argv) {
printf("Hello World\n");
return 0;
}
We then compile with gcc:
gcc -o hello hello.c
Then, open the file in a text editor
texteditorname hello
I use vim personally, but you may use whatever you wish (emacs, kate, gedit, etc)
When you first open the executable, it may seem daunting, but there is not a lot we have to worry about here. Look through it, and find our message, Hello World!
We can replace this text with another message. For now, let's make it the same length. I used Fellow Guys! but you can add whatever you want.
Save the file, and execute it. Your output will be the new message!
Now, take a single character from right after our string, and replace the last character of the string with it. (In vim, it is ^@ )
We've now shortened the string by 1. We can do the opposite as well, as long as the character is replacing an ^@ and is a part of the string, and there is at least one ^@ at the end of the string.
I'll be experimenting with this over the next few days, and will post another entry with my own discoveries (because playing around with it is more fun than reading a tutorial)
Categories: Executables, Linux
Share This Entry:
0 Comments On This Entry
← January 2022 →
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 |
Tags
- Adminsitration
- Apple
- assembly
- atmel
- AVR
- avr-libc
- Bada
- beginner
- Blackberry
- boot
- C
- C#, .NET, and XNA
- C++
- ccleaner
- code
- defragmentation
- Desktop
- dynamic
- embedded
- FooBada
- foobar
- foobar2000
- Gnome
- high
- interrupts
- Java
- level
- Linux
- Math
- Matricies
- Matrix
- microcontroller
- nasm
- New
- Open Source
- Operating System
- Oracle
- oscilloscope
- Programming
- Python
- Random Computer Stuff
- Random Rants
- Repair
- Samsung
- sector
- serial
- speed
- Square
- static
- timer
- UART
- Ubuntu
- unix
- USART
- virtualbox
- Visual
- VOIP
- Windows
- Windows 7
- x86
My Blog Links
Recent Entries
-
Playing in Pythonon Apr 24 2011 10:06 PM
-
-
Using Virtualbox as a bootloader testing environment
on Nov 13 2010 11:00 PM
-
AVR Oscilloscope, Part 1
on Sep 13 2010 07:21 PM
-
My thoughts on Bada as an Operating System and as a Development Platform
on Sep 05 2010 10:43 AM
Recent Comments
Search My Blog
20 user(s) viewing
20 Guests
0 member(s)
0 anonymous member(s)
0 member(s)
0 anonymous member(s)
| 