/prog/ - how does i write a hex editor?

Name: Anonymous 2008-03-09 1:42

I want to writer an exe trainer for a game that hex edits another program (the game) to hack it/train it.

I know what addresses to edit and stuff, but I need to know what language would be best to write it in.

Any idea?

Name: Anonymous 2008-03-09 1:50

Java

Name: Anonymous 2008-03-09 1:51

This is the sort of thing that Malbolge is designed for. Write yourself an interpreter for malbolge. http://www.antwon.com/other/malbolge/malbolge.txt

Name: Anonymous 2008-03-09 3:02

>>3
-_-

>>2
Can java attach and hex edit running EXE's?

Name: Anonymous 2008-03-09 3:08

hex edit running EXE's?
hex edit running EXE's?
hex edit running EXE's?

Name: Anonymous 2008-03-09 3:35

>>1
Come back when you know what hex means.

On second thought, don't come back.

Name: Anonymous 2008-03-09 3:51

Is anyone going to explain protected address spaces to him?

Name: Anonymous 2008-03-09 4:19

>>7
No, this is /prog/

Name: Anonymous 2008-03-09 4:26

>>7
No, this is /prog/

Name: Anonymous 2008-03-09 4:33

>>7
No, this is SPARTA

Name: Anonymous 2008-03-09 4:34

>>10
That was a good one. Really.

Name: Anonymous 2008-03-09 4:53

>>11
That was a good one. Really.

Name: Anonymous 2008-03-09 5:32

EXE eXecutablE

Name: Anonymous 2008-03-09 5:36

Use EMACS, it can edit hex files.

Name: Anonymous 2008-03-09 5:53

>>3
Holy shit I lol'd hard.

Name: Anonymous 2008-03-09 6:32

the game

Name: Anonymous 2008-03-09 6:34

>>16
It ceased to become funny when Randall ridiculed it in xkcd.

Name: Anonymous 2008-03-09 6:46

>>17
It was never funny. Just annoying.

Name: Anonymous 2008-03-09 8:01

>>17
WHEN WHAT

FUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUCK ANOTHER MEME LOST TO XKCD

Name: Anonymous 2008-03-09 9:40

>>19
Ah, and so http://en.wikipedia.org/wiki/Xkcd#Life_imitates_xkcd

Name: Anonymous 2008-03-09 10:09

This needs more fairx the haxor.

Name: Anonymous 2008-03-09 10:30

>>7
WriteProcessMemory(

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL

)

Name: Anonymous 2008-03-09 12:44

>>7
No, we CAN'T HELP HIM!!!

Name: Anonymous 2008-03-09 14:05

>>7
Protected address spaces don't really pose a problem for this, so...

Name: Anonymous 2008-03-09 14:58

>>24
He wants to write a program that edits the code in memory of another program which is already running. On every modern OS except certain research OSes, this very much won't be allowed.

Name: Anonymous 2008-03-09 15:01

>>25
unless you're a root.
and he is.

Name: Anonymous 2008-03-09 17:23

Not even root, just the same user as the target.

Name: Anonymous 2008-03-09 17:31

>>27
Not actually true.

Name: Anonymous 2008-03-09 17:49

What's root?

Name: Anonymous 2008-03-09 17:50

where trees grow on the ground, its under the ground like support or sometin, i dunno im not that tecknical

Name: Anonymous 2008-03-09 17:52

It's for when you go to the dentist, you know

Name: Anonymous 2008-03-09 18:00

>>30
EXPERT SICP READER

Name: Anonymous 2008-03-09 18:01

>>28
Based on?

Name: Anonymous 2008-03-09 18:04

>>33
im op

ergo your wrong bitch

Name: Anonymous 2008-03-09 18:56

>>25
If you've got the permissions, it can be arranged. Or failing that, you can bribe in cash.
And then there's always #pragma pretty please.
Anyway, you're the only one that mentioned the word 'code' in this thread so far. You're also the only one who mentioned 'wants', 'which', 'already', 'every', 'modern', 'OS', 'except', 'certain', 'research', 'very', 'much', 'won't' and 'allowed', but that's just useless trivia.

Name: Anonymous 2008-03-10 2:11

PTRACE(2)           Linux Programmer's Manual           PTRACE(2)



NAME

       ptrace - process trace



SYNOPSIS

       #include <sys/ptrace.h>



       int ptrace(int request, int pid, int addr, int data);



DESCRIPTION

       Ptrace provides a means by which a parent process may con-

       trol the execution of a child  process,  and  examine  and

       change  its core image.  Its primary use is for the imple-

       mentation of breakpoint debugging.  A traced process  runs

       until  a signal occurs.  Then it stops and the parent will

       be notified with wait(2).  When  the  process  is  in  the

       stopped  state,  its  memory can be read and written.  The

       parent can also cause the  child  to  continue  execution,

       with optional ignoring the signal which caused stopping.



       The  value  of the request argument determines the precise

       action of the system call:



       PTRACE_TRACEME

              This process is to be traced by  its  parent.   The

              parent should be expecting to trace the child.



       PTRACE_PEEKTEXT, PTRACE_PEEKDATA

              Read word at location addr.



       PTRACE_PEEKUSR

              Read word at location addr in the USER area.



       PTRACE_POKETEXT, PTRACE_POKEDATA

              Write word at location addr.



       PTRACE_POKEUSR

              Write word at location addr in the USER area.



       PTRACE_SYSCALL, PTRACE_CONT

              Restart after signal.



       PTRACE_KILL

              Send the child a SIGKILL to make it exit.



       PTRACE_SINGLESTEP

              Set the trap flag for single stepping.



       PTRACE_ATTACH

              Attach to the process specified in pid.



       PTRACE_DETACH

              Detach a process that was previously attached.



NOTES

       init,  the  process  with  process  ID 1, may not use this

       function.



RETURN VALUE

       On success, zero is returned.  On error, -1  is  returned,

       and errno is set appropriately.



ERRORS

       EPERM   The  specified  process  (i.e.,  init),  cannot be

               traced, or is already being traced.



       ESRCH   The specified process does not exist.



       EIO     Request is not valid.



CONFORMING TO

       SVr4, SVID EXT, AT&T, X/OPEN, BSD 4.3



SEE ALSO

       gdb(1), exec(3), signal(2), wait(2)



Linux 0.99.11              23 July 1993                         1

Name: Anonymous 2008-03-10 4:58

>>7
Is anyone going to explain debuggers and DLL injection to this guy?

Name: Anonymous 2008-03-10 10:26

>>37
What's so perplexing about a debugger or DLL "injection" in particular?

Name: Anonymous 2008-03-10 11:15

>>38
It may be difficult for novice programmer to use debugger or DLL "injection" in particular

Name: Anonymous 2008-03-10 11:17

>>39
novice programmers*
use *a* debugger

Name: Anonymous 2008-03-10 11:18

>>39
It may be difficult for novice programmers to do anything.

Name: Anonymous 2008-03-10 11:35

>>39
>>38
Don't you mean "DLL" injection?

Name: Anonymous 2008-03-10 11:41

>>42
No. I mean what I meant.

Name: Anonymous 2008-03-10 12:02

>>42
Don't you mean Dependency injection?

Name: Anonymous 2008-03-10 12:27

>>42
DLL library injection.

Name: Anonymous 2008-03-10 13:17

DLL Loadable Library

Name: Anonymous 2008-03-10 13:30

DLL-Link Library.

Name: Anonymous 2008-03-10 13:35

Dynamic DLL Library.

Name: Anonymous 2008-03-10 14:24

Results 1 - 10 of about 7,650 for "dynamic dll library". (0.24 seconds)

Name: Anonymous 2008-03-10 14:49

DLL Library Library

Name: Anonymous 2008-03-10 19:39

>>7
Actually windows has no protected pages, it even disables the hardware paging that comes with 80286 and better processors just to be simple. You can also just monitor the socket that sends a log of all IO events, interrupts and exceptions back to msn.com, it's written in %windir%\system32\NTsoc\{2984s-324938-a5543c}.

Name: Anonymous 2008-03-10 21:01

DLL LL L

Name: Anonymous 2008-03-10 21:24

^{DLL^{LL^{L^{L^{L^{L^L}}}}}}

Name: Anonymous 2008-03-10 22:23

(DLL L L) Language Links

Name: Anonymous 2010-11-26 16:35

Name: Anonymous 2013-09-01 10:34

　　　　　　　　　　_r-､
　　　　　　_ｒ‐-'´::|:::/───- ､.,
　　　　　く:::＼:::::::|/-───- ､　｀ヽ.　　／）
　（＼　　／＼＿_」'　　　　　　　ヽ.　　' ,
　　　。,.'　　.／　 /　　　　　　　　　　':, 　 ',　　つ　　目を離すとすぐ
　⊂ 　/　　/　/__ !　,ﾊ　　ﾊ.ｰ|-ﾊ　　∨　i　っ　　　えっちな方向に話が行くんだから！
　　　 ,' 　 .,'　,'　._」_/　|__/ ｧ;==､く!　　 |. 　!
　　　 |　　.|　|'7´;'´ﾊ　　　　i　ﾊ. |　　 / 　 |　 |　ｰ┼　 _」
　　　 |.　　|　| 、j__,り　　　ゝ‐┴|__／ | 　 |　 |　　_| 　 /|'⌒ヽ
　　　､＿＼| ///　　 '　　　/// ,ﾊ　 ! 　 !　ﾚ（_ﾉヽ '´|　 _.ﾉわ・　・・
　　　　　　 |｀7、　ｒｧｰ￣｀ヽ　ｒ' ､|　 |　/.|
　　 o 　　 /／）、　ｰ-　＿,ｿ ,(＼＼/イﾚ'
　　　　　　,'　 // l.＞.､,___,.　イ ,ﾊ　ヽ　Y　　　　　　　　　　　　　　○
　　　　　| 　 )'´ﾉ-ｧ‐::'7　　/ ￣!　　　.|　　　Ｏ。　, 　-─-　、
　　　　　 | 　イ´/:::::::/|__／　人　　 | 、　　　／　　　　　　ヽ.
　　　　　/ 　 !' 7::}￣ヽrr'´￣{/|::::｀!　　|　':,　　 /　　　　　　　　　 ',
　　　　./　　| ,'::::L＿ｱﾊ＿_」 /::::/|　　',　}.　　l　/// 　　　///　　 |
　　　　,' 　　 | l:::::く＿//|＿_>':::::::| |　　 ∨ 　　、　　　　　　　 ,'
　　　 ,'　　　,'/|:::::::::::::!o::::::::::r=t::::｀| 　　 ||.　　　＼　　　　　　　　/
　　　!　　　/´/:::::::::::::|:::::::::::::::::::::::::::'､　　.ﾘ　　　　 ,＞- 　　　／
　　　ヽ-‐'　./::::::::::::::::!o::::::::::::::::::::::::::|` ｰ'　　　／　　,.　-‐''"´
　　　　　　 ,く::::::::::::::::/|:::::::::::::::::::::::::::::ヽ　　　　 /　　（　　　ノ）

how does i write a hex editor?

1 Name: Anonymous 2008-03-09 1:42

2 Name: Anonymous 2008-03-09 1:50

3 Name: Anonymous 2008-03-09 1:51

4 Name: Anonymous 2008-03-09 3:02

5 Name: Anonymous 2008-03-09 3:08

6 Name: Anonymous 2008-03-09 3:35

7 Name: Anonymous 2008-03-09 3:51

8 Name: Anonymous 2008-03-09 4:19

9 Name: Anonymous 2008-03-09 4:26

10 Name: Anonymous 2008-03-09 4:33

11 Name: Anonymous 2008-03-09 4:34

12 Name: Anonymous 2008-03-09 4:53

13 Name: Anonymous 2008-03-09 5:32

14 Name: Anonymous 2008-03-09 5:36

15 Name: Anonymous 2008-03-09 5:53

16 Name: Anonymous 2008-03-09 6:32

17 Name: Anonymous 2008-03-09 6:34

18 Name: Anonymous 2008-03-09 6:46

19 Name: Anonymous 2008-03-09 8:01

20 Name: Anonymous 2008-03-09 9:40

21 Name: Anonymous 2008-03-09 10:09

22 Name: Anonymous 2008-03-09 10:30

23 Name: Anonymous 2008-03-09 12:44

24 Name: Anonymous 2008-03-09 14:05

25 Name: Anonymous 2008-03-09 14:58

26 Name: Anonymous 2008-03-09 15:01

27 Name: Anonymous 2008-03-09 17:23

28 Name: Anonymous 2008-03-09 17:31

29 Name: Anonymous 2008-03-09 17:49

30 Name: Anonymous 2008-03-09 17:50

31 Name: Anonymous 2008-03-09 17:52

32 Name: Anonymous 2008-03-09 18:00

33 Name: Anonymous 2008-03-09 18:01

34 Name: Anonymous 2008-03-09 18:04

35 Name: Anonymous 2008-03-09 18:56

36 Name: Anonymous 2008-03-10 2:11

37 Name: Anonymous 2008-03-10 4:58

38 Name: Anonymous 2008-03-10 10:26

39 Name: Anonymous 2008-03-10 11:15

40 Name: Anonymous 2008-03-10 11:17

41 Name: Anonymous 2008-03-10 11:18

42 Name: Anonymous 2008-03-10 11:35

43 Name: Anonymous 2008-03-10 11:41

44 Name: Anonymous 2008-03-10 12:02

45 Name: Anonymous 2008-03-10 12:27

46 Name: Anonymous 2008-03-10 13:17

47 Name: Anonymous 2008-03-10 13:30

48 Name: Anonymous 2008-03-10 13:35

49 Name: Anonymous 2008-03-10 14:24

50 Name: Anonymous 2008-03-10 14:49

51 Name: Anonymous 2008-03-10 19:39

52 Name: Anonymous 2008-03-10 21:01

53 Name: Anonymous 2008-03-10 21:24

54 Name: Anonymous 2008-03-10 22:23

55 Name: Anonymous 2010-11-26 16:35

57 Name: Anonymous 2013-09-01 10:34