Figure 4.11 A screenshot of Process Explorer from SysInternals.
Patching Tools
Patching is not strictly a reversing-related activity. Patching is the process of
modifying code in a binary executable to somehow alter its behavior. Patching
is related to reversing because in order to know where to patch, one must
understand the program being patched. Patching almost always comes after a
reversing session in which the program is analyzed and the code position that
needs to be modified is located.
Patching is typically performed by crackers when the time arrives to “fix”
the protected program. In the context of this book, you’ll be using patching
tools to crack several sample crackme programs.
Hex Workshop
Hex Workshop by BreakPoint Software, Inc. is a decent hex-dumping and
patching tool for files and even for entire disks. It allows for viewing data
Reversing Tools 131