Locating hidden messages in exe files using a debugger -help

GEC: Discuss gaming, computers and electronics and venture into the bizarre world of STGODs.

Moderator: Thanas

Post Reply
AniThyng
Sith Devotee
Posts: 2777
Joined: 2003-09-08 12:47pm
Location: Took an arrow in the knee.
Contact:
Contact AniThyng

Locating hidden messages in exe files using a debugger -help

Post by AniThyng »

Here's the situation - as part of a little assignment that may land me a job with F-secure, I was given a win32 .exe file that contains a hidden message of some sort.

Using ollydbg I've stepped through and looked through the programs code and basically found out that it just gets the environment strings of the currently running OS, dumps them into memory and exits. I haven't found anything that may be hidden strings or anything of that sort.

So, can anyone who may have done something similar just give me some pointers on where I ought to begin looking for hidden messages..?
I do know how to spell
AniThyng is merely the name I gave to what became my favourite Baldur's Gate II mage character :P
Top
User avatar
Faram
Bastard Operator from Hell
Posts: 5271
Joined: 2002-07-04 07:39am
Location: Fighting Polarbears

Post by Faram »

Try opening it in a hex editor and check the code

http://mh-nexus.de/hxd/

Or try finding alternate ntfs streams

http://support.microsoft.com/kb/105763

And

http://www.windowsecurity.com/articles/ ... reams.html
[img=right]http://hem.bredband.net/b217293/warsaban.gif[/img]

"Either God wants to abolish evil, and cannot; or he can, but does not want to. ... If he wants to, but cannot, he is impotent. If he can, but does not want to, he is wicked. ... If, as they say, God can abolish evil, and God really wants to do it, why is there evil in the world?" -Epicurus

Fear is the mother of all gods.

Nature does all things spontaneously, by herself, without the meddling of the gods. -Lucretius
Top
Post Reply

Return to “Gaming, Electronics and Computers”