Neperos
SIGN IN
Copy Link
Add to Bookmark
Report

NULL mag Issue 03 17 Hex editing with DD

eZine's profile picture
eZine lover (@eZine)
Published in 
null magazine
 · 26 Dec 2020

  

https://www.rationallyparanoid.com/articles/dd-hex-editor.html 
How to use dd as a hex editor                                 April 13, 2010 

WARNING: All commands should be tested first or performed on copies of the  
files using an account with minimal privileges. A slip-up while using dd with  
a root account can have a significant impact on your system. Author is not  
liable for any damages resulting from inaccuracies or mistakes within this  
page. 

dd can be used much like a hex editor to perform low-level file-content  
editing, but through a command-line instead of a GUI. This can be useful in  
cases where you have shell access to a system and need to edit binary files  
on the spot. 

In this tutorial the target file will be a 64 byte block of null characters  
called "64zero". Its contents is the following: 

user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

We will also use 2 input files. One called a.txt that consists of 16 bytes of  
the ASCII value A: 

user@linux:~$ xxd a.txt 
0000000: 4141 4141 4141 4141 4141 4141 4141 4141 AAAAAAAAAAAAAAAA 

And the other called b.txt which is a 16 byte string of the ASCII values  
A to P: 

user@linux:~$ xxd b.txt 
0000000: 4142 4344 4546 4748 494a 4b4c 4d4e 4f50 ABCDEFGHIJKLMNOP 

In every example we will show you the command required to perform the desired  
action, and demonstrate the results. Although it is not as efficient from a  
performance perspective, a block size of 1 is specified in each example for  
the sake of simplicity. 

Overwrite 1 byte of data in target file 64zero at offset 0 (i.e. the beginning 
of the file) with random data: 

user@linux:~$ dd if=/dev/urandom count=1 bs=1 of=64zero conv=notrunc 
1+0 records in 
1+0 records out 
user@linux:~$ xxd 64zero 
0000000: 5200 0000 0000 0000 0000 0000 0000 0000 R............... 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite 1 byte of data in target file 64zero at offset 8 with random data: 

user@linux:~$ dd if=/dev/urandom count=1 bs=1 seek=8 of=64zero conv=notrunc 
1+0 records in 
1+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 d500 0000 0000 0000 ................ 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite 4 bytes of data in target file 64zero starting at offset 8 with  
random data: 

user@linux:~$ dd if=/dev/urandom count=4 bs=1 seek=8 of=64zero conv=notrunc 
4+0 records in 
4+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 edd7 0128 0000 0000 ...........(.... 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite 4 bytes of data in target file 64zero starting at offset 8 with the  
contents of a.txt: 

user@linux:~$ dd if=a.txt count=4 bs=1 seek=8 of=64zero conv=notrunc 
4+0 records in 
4+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 4141 4141 0000 0000 ........AAAA.... 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite data in target file 64zero starting at offset 8 with the entire  
contents of a.txt: 

user@linux:~$ dd if=a.txt bs=1 seek=8 of=64zero conv=notrunc 
16+0 records in 
16+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 4141 4141 4141 4141 ........AAAAAAAA 
0000010: 4141 4141 4141 4141 0000 0000 0000 0000 AAAAAAAA........ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite data in target file 64zero starting at offset 0 with the entire  
contents of a.txt: 

user@linux:~$ dd if=a.txt of=64zero conv=notrunc 
0+1 records in 
0+1 records out 
user@linux:~$ xxd 64zero 
0000000: 4141 4141 4141 4141 4141 4141 4141 4141 AAAAAAAAAAAAAAAA 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite data in target file 64zero starting at offset 8 with 1 byte of b.txt  
after skipping the first 3 bytes of b.txt: 

user@linux:~$ dd if=b.txt skip=3 seek=8 bs=1 count=1 of=64zero conv=notrunc 
1+0 records in 
1+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 4400 0000 0000 0000 ........D....... 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Overwrite data in target file 64zero starting at offset 8 with 2 byte of b.txt 
after skipping the first 3 bytes of b.txt: 

user@linux:~$ dd if=b.txt skip=3 seek=8 bs=1 count=2 of=64zero conv=notrunc 
2+0 records in 
2+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 4445 0000 0000 0000 ........DE...... 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 

 
Append entire contents of b.txt to the end of target file 64zero: 

user@linux:~$ dd if=b.txt of=64zero oflag=append conv=notrunc 
0+1 records in 
0+1 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000030: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000040: 4142 4344 4546 4748 494a 4b4c 4d4e 4f50 ABCDEFGHIJKLMNOP 

 
Overwrite data in the target file 64zero starting at offset 16 with entire  
contents of b.txt. Truncate the output file: 

user@linux:~$ dd if=b.txt seek=16 bs=1 of=64zero 
16+0 records in 
16+0 records out 
user@linux:~$ xxd 64zero 
0000000: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 
0000010: 4142 4344 4546 4748 494a 4b4c 4d4e 4f50 ABCDEFGHIJKLMNOP

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

eZine's profile picture
eZine lover (@eZine)
27 Apr 2024
you are welcome :)
eZine's profile picture
eZine lover (@eZine)
27 Apr 2024
These files were released in the 80s and 90s on BBSs, ancient ancestors of the modern internet. This file in particular dates back to Octobe ...
eZine's profile picture
eZine lover (@eZine)
27 Apr 2024
I love it too
eZine's profile picture
eZine lover (@eZine)
27 Apr 2024
Thank you. Old ezines need to be preserved
guest's profile picture
@guest
27 Apr 2024
this tutorial is from 2006, completely useless today. where do I find the software mentioned in it?
guest's profile picture
@guest
27 Apr 2024
thanks for sharing
guest's profile picture
@guest
27 Apr 2024
Rainbow Six was a great game. I prefer the playstation version
guest's profile picture
@guest
26 Apr 2024
Where did you find it?
lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
26 Apr 2024
Thank you for posting this old digest :)
guest's profile picture
@guest
26 Apr 2024
Doom was my favorite game. I have played it for years and created a lot of customs levels.
a Francesco Arca production 2016 - 2024
Terms of Service - Privacy Policy
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT