ppd491@leah.Albany.Edu (Peter P. Donohue @ nowheresville) (08/24/89)
Where my brother works, they have some software that has an error in it that they would like to fix (nor do I know what fortran compiler they used). The program was written in Fortran but they don't have the source code. Is there a way to modify the executable? The change fix should be relatively easy, just switching a number around. The program does something with wind direction, which the machine reads as being off by 180 degrees. It would be an easy fix if they had the source, but they don't. DOS has a utility called EXE2BIN.EXE, and from Turbo Pascal I have a utility called BINOBJ.EXE. Would these be of any help in modifying the program? If the binary or objective files were modified, how would you get back to executable? Thanks for any help or ideas. Pete -- Peter P. Donohue ppd491@albny1vx.bitnet . "Education is a journey, ppd491@leah.albany.edu . not a destination..."
brown@astroatc.UUCP (Vidiot) (08/25/89)
In article <1984@leah.Albany.Edu> ppd491@leah.Albany.Edu (Peter P. Donohue @ nowheresville) writes:
<
< Where my brother works, they have some software that has an error in
<it that they would like to fix (nor do I know what fortran compiler they
<used). The program was written in Fortran but they don't have the
<source code. Is there a way to modify the executable?
< The change fix should be relatively easy, just switching a number
<around. The program does something with wind direction, which the
<machine reads as being off by 180 degrees. It would be an easy fix if
<they had the source, but they don't.
< DOS has a utility called EXE2BIN.EXE, and from Turbo Pascal I have a
<utility called BINOBJ.EXE. Would these be of any help in modifying the
<program? If the binary or objective files were modified, how would you
<get back to executable?
Having modified some PC programs myself (removing copy protection from
programs that were in the way [the programs were legit]), there are ways
to do it. But you better know PC machine (8088) code. The programs you
mentioned have nothing to do with debugging code.
You use the program tool called DEBUG. By running that against the .EXE
program, you can run the program under the debugger and figure out where in
the code the offending area lies. This is not as easy as it sound, since
you don't have any source to know how the code flows or where any constants
are.
Also, if you do find the offending area, you cannot modify a .EXE file that
is brought into DEBUG. That is because DEBUG actually loads up the program,
ie, fixes up all of the relocatable addresses. Once you find the area,
you need to make a note about the area. You then get out of DEBUG, without
saving any changes. You have to then rename the .EXE program to a different
extention name. For example: LOTUS.EXE to LOTUS.XXX. Then you start up
DEBUG again, using the changed name. This keeps DEBUG from loading the
program, so that you can change it. You will not be able to execute it
while running DEBUG. Do your changes, save the file and rename it back.
After telling you all this, I have an easier way of getting it fixed:
call the original programming source and have them send you an update with
the bug fixed. You are probably not the only ones to notice the problem.
--
harvard\ att!nicmad\
Vidiot ucbvax!uwvax..........!astroatc!brown
rutgers/ decvax!nicmad/
ARPA/INTERNET: brown%astroatc.UUCP@spool.cs.wisc.eduhollen@eta.megatek.uucp (Dion Hollenbeck) (08/25/89)
From article <1984@leah.Albany.Edu>, by ppd491@leah.Albany.Edu (Peter P. Donohue @ nowheresville): > > Where my brother works, they have some software that has an error in > it that they would like to fix (nor do I know what fortran compiler they > used). The program was written in Fortran but they don't have the > source code. Is there a way to modify the executable? Use debug. First, rename the program from program.exe to program.bin; debug will not allow you to write the file back if it was an exe. Use "debug program.bin" to load the program and debug into memory. Use the search command to search the data and code segments for the value you want to change. In the data segment, you can be fairly sure that any search hits will be the number you want, but be sure to first use the dump command to look at surrounding stuff to be even surer. If you find any instances of the value showing up in the code segment, there is a small possiblity that it is an immediate value arguement to an opcode. To verify this, you must start a ways back from the suspected address and disassemble on successive incrementing byte boundaries until you get a disassembly which makes sense. Unless you are a seasoned assembly programmer to begin with, this will be a virtually hopeless task. You need to be able to look at snatches of disassembled code with no context whatsoever adn determine it they are valid (does anybody really write code this way). If the whole application was written in FORTRAN and you can somehow find the beginning of a subroutine and disassemble from there, you have a better chance of actually disassembling correct code. If you have finally found a byte to patch, use the enter command to change the byte. When all your patches have been made, use the write command, exit the debugger, and rename the file to exe and try to run it. GOOD LUCK and have your hard disk backed up before you do this!!!!! About the only time I have been able to patch executables blind was when I was looking to change the I/O address of a COM port or some such device so that I could search for the byte string representing IN AL, 03F8H or some such. I knew for sure that the port which I was trying to patch was at 3F8H and that an IN or OUT instruction would be used to access it. What you are trying to do is not easy, but sometimes you can get incredibly lucky and merely need to patch one value in the data segment and everything works. Dion Hollenbeck (619) 455-5590 x2814 Megatek Corporation, 9645 Scranton Road, San Diego, CA 92121 uunet!megatek!hollen or hollen@megatek.uucp
bradb@ai.toronto.edu (Brad Brown) (08/25/89)
ppd491@leah.Albany.Edu (Peter P. Donohue @ nowheresville) writes: > Where my brother works, they have some software that has an error in >it that they would like to fix (nor do I know what fortran compiler they >used). The program was written in Fortran but they don't have the >source code. Is there a way to modify the executable? > The change fix should be relatively easy, just switching a number >around. The program does something with wind direction, which the >machine reads as being off by 180 degrees. It would be an easy fix if >they had the source, but they don't. > DOS has a utility called EXE2BIN.EXE, and from Turbo Pascal I have a >utility called BINOBJ.EXE. Would these be of any help in modifying the >program? If the binary or objective files were modified, how would you >get back to executable? > Thanks for any help or ideas. exe2bin and binobj are not used for modifying executables, and would not be of any help. You need a program like Norton Utilities that will let you modify binary files. HOWEVER, the problem will be finding the code to modify. Changing a binary file is unbelievably tricky, and trying to change part of the program (as opposed to the data) is even harder. You would have to find a way to change some of the instructions in the program so that it read 180 degrees around, but the program would have to stay EXACTLY the same length and still do the same thing. It will be hard enough locating the part of the program that actually does the reading. It may be much more productive to find a work-around, like running the data through another program AFTER to change it, or something like that. (-: Brad Brown :-) bradb@ai.utoronto.ca
malloy@nprdc.arpa (Sean Malloy) (08/25/89)
In article <1984@leah.Albany.Edu> ppd491@leah.Albany.Edu (Peter P. Donohue @ nowheresville) writes: > The change fix should be relatively easy, just switching a number >around. The program does something with wind direction, which the >machine reads as being off by 180 degrees. It would be an easy fix if >they had the source, but they don't. There is a commercial program called Sourcer that is advertised fairly regularly in PC Magazine that will take binaries and turn them back into (semi-)commented assembler code (I call it semi-commented because while the program will tell you what the program is playing with, it can't know what the intent of the programmer is, so you have to go by context). Sean Malloy | "The proton absorbs a photon Navy Personnel Research & Development Center | and emits two morons, a San Diego, CA 92152-6800 | lepton, a boson, and a malloy@nprdc.navy.mil | boson's mate. Why did I ever | take high-energy physics?"