Hiew+ is based on the FsPlus project. FsPlus is an implementation of an idea that allows you to access non disk files as if they were disk files. Hiew+ is a real life example of FsPlus where we take Hiew (an excellent hex editor) and turn it into an excellent process editor. Each process will be viewed as a file with a size as much as SYSTEM_INFO.lpMaximumApplicationAddress returns. In theory FsPlus should work with any hex editor to provide process memory editing, but this release is just Hiew ready.
To use FsPlus, you need to inject FsPlus.dll into Hiew’s process memory so that the APIs are hooked. After APIs are hooked, FsPlus will recognize and treat in a different manner any file name that has the following form: “pid|1234” where 1234 is a given PID. To make the usage even simpler, I provid a small GUI (FsPlusGui) to allow you launch Hiew conveniently.
In fact, Hiew+ can be considered as a nice addition to your reverse engineering tools arsenal (IDA Pro‘s debugger or any other debugger, etc.).
Here’s a screenshot of the FsPlusGui:
You will need to double click on a process to have Hiew or the desired process launched with FsPlus support.
Make sure you specify the settings correctly in FsPlus.ini:
To avoid reading errors and such, any unreadable memory page is filled with “BAD!” pattern.
Physical and Logical disk editing
This is not something added by FsPlus, rather it is a undocumented feature of Hiew32 where you can use Hiew to edit/view logical and physical disk sectors:
This tool has been tested with Windows Vista (32) and Windows XP SP2 and with Hiew 7.29.
Hope you find this tool useful as Hiew itself. Note: Please don’t contact me if you run into trouble. This tool is no longer supported.
In the Batchography book, not only you will learn about the command prompt’s keyboard shortcuts, macros and what not, but you will also learn the basic and fundamental topics for programming in the Batch language.
In this blog post, I present to you an excerpt from Chapter 1 in the Batchography book that covers all the useful keyboard shortcuts. My new favorite one is the F11 keyboard shortcut that is present in Windows 10 and up.