Results 1 to 5 of 5

Thread: Altering an .exe to remove an input limit check

  1. #1
    Senior Member

    Join Date
    Jan 2008
    Location
    A rock in the ocean
    Posts
    752
    Thanks
    99
    Thanked 135 Times in 79 Posts
    Rep Power
    290
    Reputation
    3356

    Default Altering an .exe to remove an input limit check

    Not done any programming since my high school days, when 8 bit assembler, BASIC, Pascal & dataflex were the languages I learnt. Got no idea on where to start with this little project.
    A device is configured by way of an .exe file which takes user input and sends it via USB to the device. One of the user fields is checked to ensure it's within a very conservative acceptable input range. I'd like to increase that range, or totally eliminate the sub routine that checks if the value is in range.
    The exe file isn't too big, about 500k, and looks like it's been compiled as there's lots of text tags within the executable file. Hopefully it's not a complex task?



Look Here ->
  • #2
    Senior Member

    Join Date
    Jan 2008
    Location
    A rock in the ocean
    Posts
    752
    Thanks
    99
    Thanked 135 Times in 79 Posts
    Rep Power
    290
    Reputation
    3356

    Default

    All good now. Found the .exe referred to a separate binary file to get the acceptable input limit ranges, and all I needed to do was to overwrite those bytes with FF to effectively remove the limits within the program.

  • #3
    Premium Member

    Join Date
    Jan 2008
    Posts
    4,311
    Thanks
    5,982
    Thanked 4,171 Times in 1,771 Posts
    Rep Power
    1348
    Reputation
    50392

    Default

    Well done, mitaux8030.

    I'm glad that you have solved the problem with a little lateral thinking.

    How did you go about it ...decompiler .....or were there enough clues visible by using an hex editor?

  • #4
    Senior Member

    Join Date
    Jan 2008
    Location
    A rock in the ocean
    Posts
    752
    Thanks
    99
    Thanked 135 Times in 79 Posts
    Rep Power
    290
    Reputation
    3356

    Default

    Got some clues just by careful analysis of the program's behaviour. Originally thought that the limits were passed to the executable by way of an .ini file - some values actually were, but not the values I was interested in.

    The particular limits that I was wanting to do away with could be altered a little, though still within hard set limits encoded within the executable. Those limits were retained the next time the executable ran, so figured they'd be saved somewhere. After looking at date stamps of files, the likely file was identified. That file was copied, renamed and moved. Then ran the .exe again, gave it new limits, and likewise copied & moved the file. Did an old DOS FC (binary file compare) against the two files and what do you know... two bytes stood out as being different. Fire up the hex editor and saw that it was a simple hex little endian representation of the limit stored. Overwrote them with FF - a value well outside the sensible limit range and presto! Desired result achieved. Obviously the executable doesn't sanity check the limits it gets from the saved binary file, and proceeds to use them as the new acceptable input range.

  • The Following 2 Users Say Thank You to mitaux8030 For This Useful Post:

    lsemmens (21-08-17),tristen (20-08-17)

  • #5
    Premium Lager

    Join Date
    Jan 2008
    Age
    60
    Posts
    4,882
    Thanks
    1,635
    Thanked 2,711 Times in 1,230 Posts
    Rep Power
    1174
    Reputation
    40746

    Default

    Sometimes initalisation data is compiled into a bin file by the vender to prevent "fiddling" around in their software.

    Gotta love the odd hack.
    __________________________________________________ __
    Statistically, if you wait long enough, everything will happen!

  • Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •