Hiew Hex Editor (opens in new tab)

(lock.cmpxchg8b.com)

194 pointstaviso2y ago47 comments

47 comments

0xeb2y ago

If you like scripting, you can use my HEM extension to write more stuff in Python:

- https://github.com/0xeb/pyhiew/tree/main/bin/pyhiew - https://github.com/0xeb/pyhiew/tree/main/bin/pyhiew - https://0xeb.wordpress.com/2010/08/21/introducing-pyhiew/

zith2y ago

In the end of the 90s I was 11-12 years old and used this to crack a copy of the video game SiN. I didn't really know what I was doing, but followed random tutorials for generic game cracking. They guided me through the w32dasm disassember, finding code referencing the "input your cd key" string, finding related jmps jumping to this part of the code, noting the address, opening up the executable in hiew and mulling them out.

It worked! I thought I was a genius. Now I'm amazed how I almost randomly got it right.

29athrowaway2y ago

There's a clone of Hiew called HT

https://hte.sourceforge.net/

It's packaged for many Linux distros, and is on Homebrew

    brew install ht

To disassemble, you press F6 and pick any of the detected formats for that file.

JoachimS2y ago

The official repo moved to Github in 2014: https://github.com/sebastianbiallas/ht

mbirth2y ago

And last commit was December 2016.

madars2y ago

Hiew is peak ergonomics, kinda like good orthodox file managers (FAR Manager/Total Commander). Hiew's color scheme is, obviously, Norton Commander's as well :-) One of the few Windows applications that make me keep a Windows VM.

pajko2y ago

Hiew is not free. Biew is a similar-looking cross platform hex editor which got renamed to beye (Binary Eye).

https://sourceforge.net/projects/beye/

wargames2y ago

Nothin' wrong with paying for software that is worth it.

lifthrasiir2y ago

Nothin' wrong with recreating one's favorite feature of paid software as well.

FounderBurr2y ago

Your work is valueless, mine is priceless.

ruslan2y ago

I had been using Hiew in early 90th on MS-DOS and OS/2. Unfortunately it's still MS-DOS/Windows only thing.

speps2y ago

I now use ImHex after looking for years for a good one. It has a pattern language to provide highlighting.

https://imhex.werwolv.net/

mbirth2y ago

For macOS users, there's also native app Hex Fiend (open source) which also has a pattern language.

https://hexfiend.com

HN discussion: https://news.ycombinator.com/item?id=2072899

And if you don't mind paying, there's also "Synalyze It", which allows you to build the pattern language via the GUI:

https://www.synalysis.net

EspadaV92y ago

I just found out about ImHex yesterday when I was trying to work out a save game format for an hold retro game. For my very basic needs it was great, and the diffing took came in very handy. Would be keen to see if I could make a pattern for the save game format somehow. Will be something I have to look into.

GuB-422y ago

I may take a look at it again.

I tried it a few years ago as a free alternative to 010editor and it was a bit unstable. But I see it is under active development, so maybe the issues have been fixed.

butz2y ago

ImHex has so many features. Very useful for ROM hacking, as it can display custom text table mappings. I haven't even looked into patterns and other features yet.

dang2y ago

One small related thread:

Hiew (Hacker's view) - https://news.ycombinator.com/item?id=18898214 - Jan 2019 (1 comment)

lifthrasiir2y ago

I have done several binary analyses as a hobby and never heard of Hiew and clones, how can I?!

(I tend to start with a standalone Python script which gets gradually customized over time. I don't even use a hex editor myself, and I just used xxd if I did really need hexdump for initial explorations. Of course I would comment that xxd output heavily in my editor, and that seems the best moment to use Hiew and clones.)

shmerl2y ago

Is there an easy way to use that DOS style font on Linux in something like Midnight Commander viewer or neovim?

I like that font for binary files, it's more distinct than having a bunch of ? symbols for bytes 0-31.

Brian_K_White2y ago

For displaying 0-31 in programs and scripts of my own, I add 64 and display that in inverse video.

The resulting glyph is the letter from the matching CTRL or ^ notation for that byte, but in a single character cell, and still distinct from a byte containing that letter.

So for instance, a NUL is value 0, which is CTRL+@ or ^@

But displaying ^@ screws up formatting, and displaying @ collides with byte value 64. Inverse video @ solves both, and doesn't need any special font. I do the same for DEL which is 127 displayed as inverse ?, but the ? is meaningful and adheres to the same rule because it's literally ^? not a placeholder for "no glyph" or "non-printing control byte"

Doesn't help you with configuring an editor but just describing a way to display those undisplayable bytes in a way that is actually meaningful & unambiguous and without caring what the font or even terminal type is. (ei: works the same in BASIC on a TRS-80 Model 100 or in bash on a xterm, or in c on windows, etc).

lifthrasiir2y ago

Unicode control pictures [1] are yet another alternative if you have a reasonable Unicode font and care more about reproducibility (e.g. formats can't be copied and pasted easily). In fact, monospace fonts with control pictures represented by those inverted glyphs would be the best of both worlds! There is no reason that their reference glyphs should be exactly replicated, after all.

[1] https://en.wikipedia.org/wiki/Control_Pictures

shmerl2y ago

I'd prefer that font, since it's succinct and expressive. Each byte from 0-31 just has a unique symbol.

Here is an example of the font: https://int10h.org/oldschool-pc-fonts/fontlist/font?ibm_vga_...

But simply switching to that font in something like Konsole doesn't seem to be enough.

1 more reply

tedunangst2y ago

Another approach on many terminals would be to add 96 and use the DEC special charset. https://en.wikipedia.org/wiki/DEC_Special_Graphics

1 more reply

smolsky2y ago

LOL, shout out to SEN - I used his tool, Hiew back in 1994 for the first time. Good times.

P.S. I still use it from time to time - it has a nice built-in assembler for x86/x86-x64.

evanrelf2y ago

I love Dexter! <3

xvilka2y ago

Everything Hiew can do, Rizin[1] can do too, and is completely free and open source[2] under LGPL3 license. Moreover, it supports more architectures, platforms, and file formats, as well as GUI in Qt - Cutter[3][4]. If something is missing in Rizin but presented in Hiew, please let us know by opening the issue with details.

[1] https://rizin.re

[2] https://github.com/rizinorg/rizin

[3] https://cutter.re

[4] https://github.com/rizinorg/cutter

29athrowaway2y ago

Other stuff you might be interested in

- Ghidra SRE (https://ghidra-sre.org/) from NSA

- https://frida.re/

- https://x64dbg.com/ (spiritual successor of OllyDbg for Windows)

- https://github.com/eteran/edb-debugger (spiritual successor of OllyDbg for Linux)

- https://github.com/ReFirmLabs/binwalk

- https://github.com/kentavv/binary_viewer (spiritual successor of Cantor Dust)

- https://dogbolt.org/ (decompiler explorer)

weinzierl2y ago

Not free, but from a small family-owned business - the classical hex editor used for reverse engineering by your favorite three letter agency:

010 Editor

https://www.sweetscape.com/010editor/

2 more replies

jonpalmisc2y ago

Don’t forget http://binary.ninja :)

1 more reply

0xeb2y ago

thanks for the links! especially the spiritual successor of Cantor Dust ;p

stavros2y ago

Does Rizin have a straight-up console hex editor? It looks great for reversing executables, but sometimes I just want to edit some binary data.

xvilka2y ago

Yes, for example, `p` commands for printing and `w` commands for writing, visual hex editor (`VP`), and bit-level editor modes. There is room for improvement, but I already used it to reverse unknown firmware formats, so it's usable in that regard.

You can even explore various histograms with `p=?` and `p==?` commands (they will print help for these).

1 more reply

jcul2y ago

I didn't realize radare2 had been forked to rizin. Haven't played around with it for a while.

jdefr892y ago

I must say I am impressed with how far Cutter had come. I will need to try it out again. I am partial to BinaryNinja because it is written by folks I was colleagues with.

smolsky2y ago

Is there x86-x64 assembler? If so, I would have put that on the front page...

xvilka2y ago

Sorry for the late answer. Yes, there is. We hoped a Keystone-based[1] plugin would be a better alternative since it's based on the LLVM code, but the project looks abandoned now[2].

[1] https://github.com/keystone-engine/keystone/

[2] https://github.com/keystone-engine/keystone/issues/560

smartis28122y ago

This is my found of the day!

Thank you!

endeavour2y ago

Very excited to give this a try!

FounderBurr2y ago

Except demanding political allegiance to its ‘license’.

j / k navigate · click thread line to collapse

47 comments

0xeb2y ago

If you like scripting, you can use my HEM extension to write more stuff in Python:

- https://github.com/0xeb/pyhiew/tree/main/bin/pyhiew - https://github.com/0xeb/pyhiew/tree/main/bin/pyhiew - https://0xeb.wordpress.com/2010/08/21/introducing-pyhiew/

zith2y ago

It worked! I thought I was a genius. Now I'm amazed how I almost randomly got it right.

29athrowaway2y ago

There's a clone of Hiew called HT

https://hte.sourceforge.net/

It's packaged for many Linux distros, and is on Homebrew

    brew install ht

To disassemble, you press F6 and pick any of the detected formats for that file.

JoachimS2y ago

The official repo moved to Github in 2014: https://github.com/sebastianbiallas/ht

mbirth2y ago

And last commit was December 2016.

madars2y ago

pajko2y ago

Hiew is not free. Biew is a similar-looking cross platform hex editor which got renamed to beye (Binary Eye).

https://sourceforge.net/projects/beye/

wargames2y ago

Nothin' wrong with paying for software that is worth it.

lifthrasiir2y ago

Nothin' wrong with recreating one's favorite feature of paid software as well.

FounderBurr2y ago

Your work is valueless, mine is priceless.

ruslan2y ago

I had been using Hiew in early 90th on MS-DOS and OS/2. Unfortunately it's still MS-DOS/Windows only thing.

speps2y ago

I now use ImHex after looking for years for a good one. It has a pattern language to provide highlighting.

https://imhex.werwolv.net/

mbirth2y ago

For macOS users, there's also native app Hex Fiend (open source) which also has a pattern language.

https://hexfiend.com

HN discussion: https://news.ycombinator.com/item?id=2072899

And if you don't mind paying, there's also "Synalyze It", which allows you to build the pattern language via the GUI:

https://www.synalysis.net

EspadaV92y ago

GuB-422y ago

I may take a look at it again.

I tried it a few years ago as a free alternative to 010editor and it was a bit unstable. But I see it is under active development, so maybe the issues have been fixed.

butz2y ago

ImHex has so many features. Very useful for ROM hacking, as it can display custom text table mappings. I haven't even looked into patterns and other features yet.

dang2y ago

One small related thread:

Hiew (Hacker's view) - https://news.ycombinator.com/item?id=18898214 - Jan 2019 (1 comment)

lifthrasiir2y ago

I have done several binary analyses as a hobby and never heard of Hiew and clones, how can I?!

shmerl2y ago

Is there an easy way to use that DOS style font on Linux in something like Midnight Commander viewer or neovim?

I like that font for binary files, it's more distinct than having a bunch of ? symbols for bytes 0-31.

Brian_K_White2y ago

For displaying 0-31 in programs and scripts of my own, I add 64 and display that in inverse video.

The resulting glyph is the letter from the matching CTRL or ^ notation for that byte, but in a single character cell, and still distinct from a byte containing that letter.

So for instance, a NUL is value 0, which is CTRL+@ or ^@

lifthrasiir2y ago

[1] https://en.wikipedia.org/wiki/Control_Pictures

shmerl2y ago

I'd prefer that font, since it's succinct and expressive. Each byte from 0-31 just has a unique symbol.

Here is an example of the font: https://int10h.org/oldschool-pc-fonts/fontlist/font?ibm_vga_...

But simply switching to that font in something like Konsole doesn't seem to be enough.

1 more reply

tedunangst2y ago

Another approach on many terminals would be to add 96 and use the DEC special charset. https://en.wikipedia.org/wiki/DEC_Special_Graphics

1 more reply

smolsky2y ago

LOL, shout out to SEN - I used his tool, Hiew back in 1994 for the first time. Good times.

P.S. I still use it from time to time - it has a nice built-in assembler for x86/x86-x64.

evanrelf2y ago

I love Dexter! <3

xvilka2y ago

[1] https://rizin.re

[2] https://github.com/rizinorg/rizin

[3] https://cutter.re

[4] https://github.com/rizinorg/cutter

29athrowaway2y ago

Other stuff you might be interested in

- Ghidra SRE (https://ghidra-sre.org/) from NSA

- https://frida.re/

- https://x64dbg.com/ (spiritual successor of OllyDbg for Windows)

- https://github.com/eteran/edb-debugger (spiritual successor of OllyDbg for Linux)

- https://github.com/ReFirmLabs/binwalk

- https://github.com/kentavv/binary_viewer (spiritual successor of Cantor Dust)

- https://dogbolt.org/ (decompiler explorer)

weinzierl2y ago

Not free, but from a small family-owned business - the classical hex editor used for reverse engineering by your favorite three letter agency:

010 Editor

https://www.sweetscape.com/010editor/

2 more replies

jonpalmisc2y ago

Don’t forget http://binary.ninja :)

1 more reply

0xeb2y ago

thanks for the links! especially the spiritual successor of Cantor Dust ;p

stavros2y ago

Does Rizin have a straight-up console hex editor? It looks great for reversing executables, but sometimes I just want to edit some binary data.

xvilka2y ago

You can even explore various histograms with `p=?` and `p==?` commands (they will print help for these).

1 more reply

jcul2y ago

I didn't realize radare2 had been forked to rizin. Haven't played around with it for a while.

jdefr892y ago

I must say I am impressed with how far Cutter had come. I will need to try it out again. I am partial to BinaryNinja because it is written by folks I was colleagues with.

smolsky2y ago

Is there x86-x64 assembler? If so, I would have put that on the front page...

xvilka2y ago

Sorry for the late answer. Yes, there is. We hoped a Keystone-based[1] plugin would be a better alternative since it's based on the LLVM code, but the project looks abandoned now[2].

[1] https://github.com/keystone-engine/keystone/

[2] https://github.com/keystone-engine/keystone/issues/560

smartis28122y ago

This is my found of the day!

Thank you!

endeavour2y ago

Very excited to give this a try!

FounderBurr2y ago

Except demanding political allegiance to its ‘license’.

j / k navigate · click thread line to collapse