0
I wanted to ask about reading binary files with binary viewers / editors. I have a binary data file which I tried to open with oktata app, unfortunately I expected a bit different content to see, instead I've been given what you can see on the screenshot:
Any way you could help me determine whether it's encrypted or am I doing something wrong?
You'd probably also wonder why I'd like to view it - it's a config file of a game, which has very unfortunate way of editing (very inaccurate sliders), so I thought instead I'd like to try to edit it manually and eventually write a simple python script to automate the edition (I have about 100 files I need to modify every few minutes).
I'm on Ubuntu Linux, so any possible solutions would have to be doable on Ubuntu.
1That is binary data. What were you expecting to see? – Ron Maupin – 2017-02-04T16:23:54.970
The only way to work out the exact details of the file are to take a copy, make one change in your app, then compare the files, make another change, take another copy, ad infinitum until you have completely mapped out what the exact format of the file is. As Ron mentioned that is exactly the sort of visual garbage I would expect to see from a binary file of unknown provenance. There is no way to immediately tell whether it is encrypted or simply a compact data export. – Mokubai – 2017-02-04T16:28:41.440
@RonMaupin I suppose I'd like to do something similar to cheat engine search - I'd like to find certain values (like text, decimals, etc.) and modify them. Alternatively any straightforward way to figure out the structure of that file. – user693842 – 2017-02-04T16:30:28.130
The problem with that is that you have no way to interpret binary data. For example, an IP address is really just a 32-bit binary number. Assume
192.168.1.123
(really11000000101010000000000101111011
in binary). If you try to read it as text, you will get garbage characters. If you try to read it as an integer, you will get-1062731397
. The dotted-decimal notation used for IP addresses is purely contrived for human readability. You wouldn't even have any way of knowing what is an IP address in the binary sea of that file. – Ron Maupin – 2017-02-04T16:34:02.447@RonMaupin You're right, I'm aware of that :P But I need to find, for example, 109 (integer) and I can only guess it goes through the file and look for all 109s. Mokubai is right, I think that's the only way of working it out.! – user693842 – 2017-02-04T16:35:39.883
All files on a computer are binary, we as humans have just made editors to view their contents in a form we can actually read ( i.e. text files). Your question currently is way to broad. – Ramhound – 2017-02-04T16:35:51.997
The application that uses the binary file knows where the parameter with that
109
is stored in the file, and it can read the value of that parameter. You don't have a clue where to look. Depending on where you start you may be able to get a value of109
, but that may actually be part of a different parameter, or it may the a combination of the end of one parameter and the start of another. With binary files, even individual bits can be whole parameters. Maybe the maximum value for your parameter of109
is128
, then the parameter could be only four bits in the file. – Ron Maupin – 2017-02-04T16:41:46.117Going back to the actual real problem of inaccurate sliders, are you able to click them with the mouse and then use the left and right arrow keys to move them with more granularity? – Mokubai – 2017-02-04T16:47:43.100
@Mokubai unfortunately sliders are mouse-only aware. My ultimate goal is to write a small editor in python for these files though, so I need to figure out the structure. Unfortunately as I changed only one value (one slider), the whole file content has changed, so I assume it's somehow encrypted :/ – user693842 – 2017-02-04T16:51:30.953