Once a program has been compiled, it’s tough to get a peek at the source code or to manipulate its behavior. But there is one thing we can do, which is to edit the hexadecimal values inside the binary files. This will sometimes reveal information about a file, or allow us to modify its behavior if we can edit the right bit.
A classic example is video game hacks. When playing a game, let’s say your character has a health value of 100. Chances are that a certain bit can be edited to make it 9999. This works more reliably in older, basic games, but it illustrates how hex editors can modify a compiled binary file.
In this guide, we’ll show how to install hex editors on Kali Linux, and give some examples so you can see how to use them on your own system.
In this tutorial you will learn:
- List of hex editors for Kali
- How to use hex editors on Kali
| Category | Requirements, Conventions or Software Version Used |
|---|---|
| System | Kali Linux |
| Software | xxd, hexedit, hexer, hexcurse, wxHexEditor |
| Other | Privileged access to your Linux system as root or via the sudo command. |
| Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
Hex editors on Kali
Kali comes with a few hex editors out of the box, and has a bunch more that you can easily install with the apt package manager. In this section, we’ll go over a few different hex editors that you can use on Kali, and show you how to search for even more.
xxd
xxd is a command line hex editor that can create a hex dump of a binary file. It can also convert the dump back to binary form later. This gives you the ability to edit the dump file and then convert it back to see how your changes have affected the program.
To install or update xxd:
$ sudo apt install xxd
hexedit
hexedit allows you to browse a binary file and see the hexadecimal data alongside its ASCII conversion. It’s a good and simple program to browse files for information and weaknesses.
To install or update hexedit:
$ sudo apt install hexedit
hexer
hexer’s main attraction is that it’s “vi-like”. So, if you’ve grown accustomed to vi’s look and feel, you’ll be right at home in hexer.
To install or update hexer:
$ sudo apt install hexer
hexcurse
hexcurse uses an ncurses interface, making it a little more welcoming than some of the other command line hex editors. You can see hex and ASCII next to each other, and edit either easily.
To install or update hexcurse:
$ sudo apt install hexcurse
wxHexEditor
If command line and ncurses isn’t your thing, wxHexEditor is a GUI program that can manage huge binary files. If you have a large binary file to look through, wxHexEditor will help you make your work a little easier, and give you a slick GUI to look at the whole time.
To install or update wxHexEditor:
$ sudo apt install wxhexeditor
How to search for more hex editors
Kali has a lot more hex editors available for installation, aside from what we’ve listed here. To search for them, you could try a command like:
$ apt-cache search hex edit beav - binary editor and viewer bless - A full featured hexadecimal editor ...
Some are command line and some are GUI, or use a middle ground like ncurses. Many are for general use, but some specialize in certain types of files. For example, bytecode-viewer is specifically for Java binaries, and hexbox can be used for .NET applications.
To see more information about searching for packages on Kali Linux, see our guide on searching for extra hacking tools on Kali.
Using a hex editor on Kali
To view a binary file’s hexadecimal contents, we just need to open the file in a hex editor. Here are a couple examples of viewing a video game binary in two of the hex editors we discussed earlier. You can also make changes to the file and resave it.
Closing Thoughts
In this guide, we saw how to install and use various hex editors in Kali Linux. The hex editor you should use will depend on the type of file you’re trying to open and the interface you feel most comfortable in. All of these editors essentially function the same, but have different features.