Newsletter # 15 - Using radare2 to patch a binary Dec 28 2019

Hello,

I hope that you had a good week, and if you celebrate Christmas, I hope you had a good one. I've been enjoying this week playing with binaries.

I sometimes feel like keeping up with high-level languages like Swift and JavaScript is very tiring. There is always something "new" and not all the time easy to grasp the implications of the changes. Anyways, it's fun to see that the old assembly languages are still there and I can jump back to them after a few years and find them familiar.

In the past few weeks, a lot of shopping has been going on around on the Internet. Also, a lot of tracking of your interests. Now you'll get tons of ads targeted especially to you. Have you wondered how they track you? Well, they normally use some cookie or tracking method to follow your movements and match you to the sites you visit. If you want to learn more about how tracking pixel work, here is a blog post by Julia Evans (also check her zines, they are great):

https://jvns.ca/blog/how-tracking-pixels-work/

I think you'll enjoy the post, and also, it's important to be aware of how are we being tracked and maybe we can devise a way to prevent it. Let me know what you think.

Alright, this week's post came a little late. Also, the newsletter was late, sorry for the delay. I've been busy spending some time with family and eating a lot :). Anyways, this week's post shows you how to patch a binary.

We know that programs are only bits (ones and zeroes), but it's sometimes a little bit abstract. If you want to demystify it a little, try patching a binary it's a fun exercise. The post includes an example using radare2 to do the disassembly and analysis, also how you could patch the binary using xxd and vim. If you are interested here is the link:

https://rderik.com/blog/using-radare2-to-patch-a-binary/

Give it a go, and I hope you enjoy it.

Ok, that's it for this week. Have a happy New Year.

Derik

Tip of the week

If you ever wanted to view the output of a command and also store it on a file for future reference, tee(1) can help you.

For example, imagine we are "searching" for files that match a pattern using find (yea, our example matches everything). We could pipe the find results to tee. tee will save the results to find_results.txt, and then we can pass the output from tee to less for easy reading.

1

$ find ./ | tee find_results.txt | less

It can also be useful when we do a hex dump:

1

$ xxd a.out | tee a.hex | less

** If you want to check what else I'm currently doing, be sure to follow me on twitter @rderik or subscribe to the newsletter. If you want to send me a direct message, you can send it to derik@rderik.com.