1. 21

  2. 4

    I could really use a binary editor that has good structural support for CTFs – this looks promising, but I had trouble building it, and it looks like it’s currently in development. Does anyone have suggestions for good structured hex editors that are available today, preferably with a scripting interface in Python/Guile/Lua?

    1. 2

      In the few I tried when I used to do RE other than IDA was 010 Editor which has a nice library of template and a scripting engine. Non-free though.

      1. 2

        I use 010 editor for that purpose. The binary template language is OK but it’s not as good as a scripting interface in python would be.

        I posted my notes on getting it to build in reply to another comment on this thread. Honestly, if I didn’t already own a license to 010 editor, I would be in a real hurry to get this working :)

      2. 3

        I love binary editors, and am always happy to see a new one. That’s great news!

        I would appreciate a bit of explanation on the “philosophical goal” of this editor. What does it offer that does not exist yet in other editors like ghex?

        1. 3

          This talk is most likely what you want.

          My thoughts after watching a good chunk of it were:

          • Looks promising. The tools for working with structures seem really powerful.
          • It was completely unnecessary for him to bash 010 Editor. (A hex editor with completely different ambitions but some overlap.)

          I was interested enough to pull the source and try to build as I listened to the talk. It took me just over 25 minutes, according to the elapsed time on the VLC window I was watching the video in, to get it built on my Fedora 31 workstation.

          The HACKING file is essential reading.

          EDIT: One of the maintainers was on IRC, I reported it, and a fix was pushed. The patch below is no longer necessary.

          Once I had the various dependencies installed, I had to fix a bug in the build (I will send that to the maintainers. It’s small and obvious.) With that fixed, the build process was

          bash ./bootstrap --skip-po
          mkdir build
          cd build
          ../configure --prefix=${HOME}/builds/poke
          make -j10 && make install

          This looks like a good tool to have in the bag. It sounds like they’re thinking about gdb integration, which sounds even more useful. If you’re not happy troubleshooting autotools builds, you may want to wait until there’s a release of some sort.