Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-13-2018, 08:25
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 535
Rept. Given: 2,218
Rept. Rcvd 691 Times in 219 Posts
Thanks Given: 700
Thanks Rcvd at 939 Times in 186 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
Inline Empty Byte Finder

Inline Empty Byte Finder is a tool designed to help you find a location inside an executable or dll file to create an inline patch or code cave. It can check for specific section flags to meet the requirements for your inline. Inline finder searches for areas the meet the size that you specify, but also lists how many extra bytes are available at that offset. It searches for the empty bytes by section to prevent the code cave from overlapping other sections.

Features:
  • Drag and Drop Support
  • Command line Support
  • Define Empty Byte Value
  • Define needed Section Flags

Download:
Code:
https://mega.nz/#!p50zUS4Y!xSTu4qaEgUIFXYzIEmU_lqBOESEf4usKRQe1J2LduAc

Screenshot:

Code:
https://1.bp.blogspot.com/-FO3PxX1cMPI/W0FgpG2TZFI/AAAAAAAAAuk/XD5jk8xnFZAUTq2VmrMnliy6OS4H3uHGwCLcBGAs/s400/InlineFinder_2018-07-07_20-52-02.png
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler
Reply With Quote
The Following 5 Users Gave Reputation+1 to chessgod101 For This Useful Post:
b30wulf (07-16-2018), canopus (08-11-2018), CodeCracker (07-13-2018), MarcElBichon (07-14-2018), niculaita (07-14-2018)
The Following 15 Users Say Thank You to chessgod101 For This Useful Post:
2late (07-24-2018), besoeso (07-14-2018), CodeCracker (07-13-2018), dosprog (07-13-2018), Hypnz (07-13-2018), Mahmoudnia (07-14-2018), Megin (07-14-2018), niculaita (07-14-2018), NoneForce (07-14-2018), taos (07-13-2018), TechLord (07-13-2018), user_hidden (07-13-2018), wilson bibe (07-13-2018), zeffy (07-13-2018), Zeokat (07-14-2018)
  #2  
Old 07-13-2018, 14:44
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
Please add possibility to call Hiew32.exe with PE-file name and PE-offset from selected line of listing.
Reply With Quote
The Following User Says Thank You to dosprog For This Useful Post:
zeuscane (07-14-2018)
  #3  
Old 07-14-2018, 04:33
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 535
Rept. Given: 2,218
Rept. Rcvd 691 Times in 219 Posts
Thanks Given: 700
Thanks Rcvd at 939 Times in 186 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
That's a very good idea, dosprog. Here is an updated release with the feature implemented:
Download:
Code:
https://mega.nz/#!I582nATZ!cziRlP7krGlQQ0sBe-CdcB17SraXWkOETy2U21HWWz4
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler
Reply With Quote
The Following 4 Users Say Thank You to chessgod101 For This Useful Post:
besoeso (07-14-2018), dosprog (07-14-2018), Mahmoudnia (07-14-2018), zeuscane (07-14-2018)
  #4  
Old 07-14-2018, 06:51
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
Great.

Duplicate, please, context menu functions HEX/ASM with keys <F3> & <F4>.

Then the context menu should look like this:

|------------------------------
| <F3> = Follow offset in HEX
| <F4> = Follow RVA in DASM
|------------------------------

--Add--

Little bug: Settings->Hiew32Path not saved on exit.
Works only if Hiew32 Path selected in current program session.

Last edited by dosprog; 07-14-2018 at 07:16.
Reply With Quote
The Following User Says Thank You to dosprog For This Useful Post:
niculaita (07-14-2018)
  #5  
Old 07-14-2018, 09:50
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 535
Rept. Given: 2,218
Rept. Rcvd 691 Times in 219 Posts
Thanks Given: 700
Thanks Rcvd at 939 Times in 186 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
Quote:
Little bug: Settings->Hiew32Path not saved on exit.
Works only if Hiew32 Path selected in current program session.
It does save the path on exit. Make sure you run it as admin so it can create the Settings.ini file in the application directory.
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler
Reply With Quote
The Following 2 Users Say Thank You to chessgod101 For This Useful Post:
niculaita (07-14-2018), TechLord (07-14-2018)
  #6  
Old 07-14-2018, 16:17
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
Run as admin Ok.
But file settings.ini not created.

It created only if Hiew32.exe placed at program directory ("E:\1\")
then HiewPath = E:\1\HIEW32.EXE.

When "settings.ini" edited manually to set
HiewPath=C:\EDITOR\HEX\HIEW\HIEW800\HIEW32.EXE
- then works Ok.

May be problems with selecting/saving too complex path?


Last edited by dosprog; 07-14-2018 at 16:22.
Reply With Quote
  #7  
Old 07-15-2018, 03:48
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 535
Rept. Given: 2,218
Rept. Rcvd 691 Times in 219 Posts
Thanks Given: 700
Thanks Rcvd at 939 Times in 186 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
I found the issue. I failed to note that the CurrentDirectory is reset when a file is passed via command line. I used an alternate method to obtain the exe directory:
Code:
https://mega.nz/#!ZhdDlKKT!sawucwBXtwKeViQROViMXg4rivMGSNJURZoyN9dOx1k
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler
Reply With Quote
The Following User Says Thank You to chessgod101 For This Useful Post:
tonyweb (07-15-2018)
  #8  
Old 07-15-2018, 14:06
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
Ok. Works fine.

Quote:
Originally Posted by chessgod101 View Post
I found the issue. I failed to note that the CurrentDirectory is reset when a file is passed via command line. I used an alternate method to obtain the exe directory.
The best way is using GetCommandLine().

-- add --

What about creating accelerators <F3> & <F4>? - Really needed function


Last edited by dosprog; 07-15-2018 at 14:14.
Reply With Quote
  #9  
Old 07-15-2018, 23:33
chessgod101's Avatar
chessgod101 chessgod101 is offline
Co-Administrator
 
Join Date: Jan 2011
Location: United States
Posts: 535
Rept. Given: 2,218
Rept. Rcvd 691 Times in 219 Posts
Thanks Given: 700
Thanks Rcvd at 939 Times in 186 Posts
chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699 chessgod101 Reputation: 500-699
Here is version 1.3. I added sorting to the columns and hotkeys for the hiew functions:
Code:
https://mega.nz/#!159GGIgK!XUzoE3GcIh_6b5AtyxX2OnfGskZua43ULyssOsw9y9w
__________________
"As the island of our knowledge grows, so does the shore of our ignorance." John Wheeler
Reply With Quote
The Following 2 Users Say Thank You to chessgod101 For This Useful Post:
dosprog (07-15-2018), niculaita (07-15-2018)
  #10  
Old 07-16-2018, 00:15
dosprog dosprog is offline
Friend
 
Join Date: Feb 2018
Posts: 114
Rept. Given: 0
Rept. Rcvd 17 Times in 16 Posts
Thanks Given: 33
Thanks Rcvd at 146 Times in 74 Posts
dosprog Reputation: 17
) I beg your pardon, i'm created new theme -> here <-
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Tool to scan files for common byte sequences dila General Discussion 15 02-18-2018 19:11
pic 16f84 and skip security byte? hrco General Discussion 11 05-25-2004 15:40
MOV BYTE PTR DS:[463315],EB not working? Nilrem General Discussion 7 01-13-2004 06:14


All times are GMT +8. The time now is 17:27.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )