The big lie of computer security is that security improves by imposing complex passwords on users. In real life, people write down anything they can't remember. Security is increased by designing for the way humans actually behave. -Jakob Nielsen
In my last tutorial I went over the absolute basics of binary numbers including how to convert a decimal number into it's binary equivalent and how to look at a string of 'bits' (ie. bytes) and determine their decimal value. In this tutorial we are going to touch base on some slightly more advanced topics and we will focus on learning to do most of these new conversions in our heads like we did in the first tutorial.
Hex & Nibbles
I'm sure you've heard of hexadecimal before and may even know basically what it is, but you may not know or appreciate why or what it is used for.
So what is it?
Okay here's the basic breakdown: 'Hexadecimal' uses a 'single digit' to represents a value from 0 - 15. Thats it. Because certain numbers are two digits (ie. 10, 11, 12, 13, 14, 15) those numbers must be substituted for 'letters' because 'Hexadecimal Values' are once again, only '1 digit' long.
So '10 becomes A', '11 becomes B', '13 becomes C' and so on and so on. 'Hexadecimal' can represent 0-F or (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, F).
Hopefully that is not confusing. Just remember that 'Hexadecimal' is a 'single digit' and each digit represents a number from 0-15. So when you see the letter F you will have to mentally count in your head from A (ie. 10) and figure out what the number is. Its not overly difficult.
Thats all great, but whats it used for?
Hexadecimal is used to 'represent' values. By looking at a 'hexadecimal digit' we can determine it's value very quickly in our heads, (you can count to 15 right?). So a better question would be what is it used for? In order to explain what it is used for specifically I need to touch base on another binary term, called the 'nibble'.
WTF is a nibble?
A 'nibble' is just a cute term for 'four bits'. Remember a 'byte' is 'eight bits' so instead of taking a bite you take a nibble, thus you have half a byte. Thats all you have to remember I promise.
Now lets make the connection between Hex & Nibbles. Lets look at what a 'nibble' might look like in our heads (or memory) using the placeholder technique we learned in the first tutorial.
Because a 'nibble' is only 'four bits' we must imagine four empty place holders in our head. We then determine the value of each place holder like we did in the first tutorial by starting at the far right with the value of one and doubling the previous value as we move from right to left as seen below.
Now that we are imagining a 'nibble' in our heads and we know the value of each place holder, lets go ahead and turn all of those place holders on to determine the maximum decimal value that a 'nibble' can have.
Let's add up the values: (8 + 4 + 2 + 1) = 15. So the maximum value any 'nibble' can have is 15. Have you made the connection?
0-15 The Magic Range
I am confident you made the connection between 'Hexadecimal' and 'Nibbles', for those that didn't, they both have a range of '0-15'. This is exciting because now we can convert 4 bits into a single digit and we can translate from hex to bits and vice-versa very quickly in our heads.
So if I were to give you the 'Hexadecimal' value of say "C" I am confident that you can convert that value into 'bits'. Heres the steps:
1. Determine what number C represents (12)
2. Using the technique described in the first tutorial imagine 4 empty placeholders in your head (4 bits) (ie. nibble)
3. Determine the value of each of those four place holders (8 4 2 1).
4. Turn the placeholders on one by one until you arrive at your desired value of 12.
5. 1100 is the binary equivalent of decimal 12 and can be represented by hexadecimal C.
Try to convert the bits '1011' to hexadecimal ;)
Blah Blah Blah, So What?
Armed with this new knowledge we can start looking at binary numbers in a slightly different way. We can use this knowledge to convert large binary numbers into a more compact form making it easier to read. Hexadecimal only has a value of 0-15 so this makes it easy to calculate in our heads whereas a full byte (ie. 8 bits) has a value range of 0-255 and could take a bit longer. Although we can still calculate the value of bytes in our heads it would be a lot easier if we split the byte into two and look at a byte as '2 nibbles' instead of one solid unit.
Lets take a look at what a byte would look like broken up into two nibbles.
The binary number '10010101' is equivalent to 149 and we can determine that by adding up the placeholders. But trying to remember the 8 individual bits is pretty damn hard and especially if your looking at hundreds of bits and bytes at a time trying to find something specific.
If we take the byte (10010101) and break it up into two nibbles (in our heads of course) we would see something like this: (1001 0101) and we could use the techniques we just learned to convert each nibble to hexadecimal. Add up the placeholder values of each nibble and arrive at a value between 0-15 and then convert it to a hexadecimal digit.
1001 = 9 and 0101 = 5. Just looking at the bits you should be able to do that in your head. So take those two hexadecimal values and put them together so you have '95'. 95 is the hexadecimal equivalent to '10010101'.
We just represented a string of 8 bits (a byte) using two digits. Makes things a lot easier when reading binary and doing conversions if you work with hex and break binary numbers down into chunks of four (nibbles).
When working with hexadecimal numbers in a language such as c++ you must specify that you are in fact working with a hexadecimal number and not just a regular decimal number. This is done by attaching '0x' to the beginning of your hexadecimal value. This tells the compiler that you are using hex.
So the next time you see 0xFF you will know that it really means (15 & 15) and thus:
0xFF = (1111 1111) or (11111111).
You will also know that 0xF3E4C is equal to (15, 3, 14, 4, 12) or (1111 0011 1110 0100 1100).
I'm hoping that some light bulbs are starting to go off in your head and you are beginning to see the benefits of using 'hexadecimal'. Working with binary numbers in 'fours' (ie. nibbles) is a lot easier than trying to memorize or calculate full-size binary numbers.
Where would I use it?
I'm going to give you some examples on where you might find 'Hexadecimal' and where you may have worked with it and never really given a thought about what it means.
One of the first examples I can think of is colors. You use colors when you work with image editors (ie. Photoshop) and more specifically you indicate the colors you want to use when you are building a web-page and writing HTML.
Heres an example:
Now when I was very new at programming I used to think FF meant (Full Full) as in full color. lol. Yes I was that dumb. I guess I was a little bit right, but still very wrong.
If we were to take the color '#FF00C2' (which is in hex) we can convert it into bytes and figure out what the actual numerical values are. The color is in an (RGB Format) and by converting the color from hex into bytes/decimals we can determine how much red, green, and blue is being used. So let's try it:
FF = 11111111 or 255, 00 = 00000000 or 0, and C2 = 11000010 or 194.
You may have noticed that I treated two hexadecimal digits as a whole. I did this because 'hexadecimal' is generally used to represent individual 'bytes'. Thus your generally dealing with hex in twos. (Computers store information in bytes remember?). We only really use 'Hex and Nibbles' to break binary numbers down and read them better, but when we put all that info back together we are still generally dealing with bytes. Confused? Yeah me too.
Okay so going back to the color example. We have converted '#FF00C2' to '255 0 194'. So we have a red value of 255, a green value of 0 and a blue value of 194. We will end up with a pinky color because we have red blended with a fair bit of blue. I don't know if this information will help you, but at least you know what #FF00C2 means.
Where else will I encounter Hex?
Hexadecimal is used when programming at lower levels (ie. the hardware level), it's used in network programming, video games, hex editors, and many other things. Hexadecimal is a great thing to know if you wish to get into more advanced programming such as 'Bit Manipulation' and 'Bit Masks' which we will cover in the next tutorial so make sure you fully understand Hex, Nibbles, Binary, Bytes, and so forth.
Something Fun to Try (Hacking)
Since this is a hacking site I'm going to give you an idea of where knowing binary and hexadecimal might come in handy. You will need a 'Hex Editor' if you want to try this out.
I am running linux and use a 'Hex Editor' called 'Bless', but if you are running Windows I am sure you can find a free 'Hex Editor' somewhere.
What is a Hex Editor?
A Hex Editor allows you to open any type of file in 'Binary Mode' so you get to look at all the bits and bytes in the file. You can also make changes to some of the bits/bytes if you know what your looking for and know what to change.
Okay I have the Hex Editor Now What?
A while back me and my girlfriend decided to purchase I-Pods. I remember there was a game on it I think called 'Klondike' and to keep this story short, she was better than me.
So I decided to cheat a little bit. I knew that the game must be storing our scores somewhere but I didn't really have the slightest clue as to where. I connected my I-Pod to my computer and started looking at the hidden files and found the directory where the 'Klondike' game was stored. It only had a few files and I think one of the files might have been named profile or something. So I opened it up in a 'Hex Editor' and I noticed my Nickname from the game was stored in this file (it showed up as text in right hand window).
Anyways I figured this file must also store my settings and my score, but the question is how do I find it? Now there are two approaches to this. One is to save that file somewhere on my hard-drive and then play the game for a bit until my score changes again. Then I would save the new version of the profile file (since it has a new score) somewhere on my hard-drive as well.
I could then compare the two files byte-for-byte to see what byte(s) changed. It would then be safe to assume that the bytes that changed were probably my score.
Or another way would be to think about how my score would be stored and then look for my score directly. Say I had a score of 2,300.
As a programmer I know that computers store numbers in certain data-types such as a short, integer or long. Since it is a whole number I know it's not a float. And a short (2 bytes) can only have maximum value of 32767 and if I am a very good player it might be possible for me to get a higher score than that so it probably wouldn't be wise for the person that programmed this game to store my score in a 'short' since I might exceed it's capacity.
So I am going to have to go to the next highest data-type available which is an integer (4 bytes) which can have a maximum value of 2147483647. I doubt I am that good so it's probably safe to assume that the people who wrote this game used an 'integer' to store my score so that is what I am going to look for within the file (4 consecutive bytes).
I would like to change my score and in order to do that I need to find the bytes that represent my score. But how?
Doing this is actually quite easy. First you need to know what your score is, in this case I'm using 2,300 is an example. We have to think of 4 bytes glued together in our head and turn the placeholders on one by one until we arrive at a value of 2300.
We would end up with:
00000000 00000000 00001000 11111100
And using our Hexadecimal knowledge we can break it down to '00 00 08 FC'
So using our [b]'Hex Editor' we would do a search for the 'Hexadecimal Value' of '00 00 08 FC'. If you manage to find it I would bet money that its probably your score.
[b]Alright I found the Score, How do I change it?
In order to change our score we need to change those four bytes. Say I wanted to make my score 45,000. The first step would be to determine what 45,000 would look like as an integer (4 bytes glued together). Using the empty placeholder technique we can turn bits on one by one until we arrive at this number. I'll save you the pain and do it for you:
00000000 00000000 10101111 11001000
Which is also equivalent to '00 00 AF C8' in Hex. So if I replace '00 00 08 FC' with '00 00 AF C8' and save the file, I should now have a winning score.
I know it takes a little bit of figuring out, but you could potentially take this knowledge and modify health values in video-games if you learn how to read and write to memory and you could enable some type of godmode or change how much ammo you have, etc, etc.
By understanding binary and hexadecimal you will be able to read files at the binary level and make changes to unlock certain features that were never meant to be unlocked. It can be quite powerful knowing some basic binary.
Quick Note: If you can't find your score it may be because of something called 'endianness' which I will cover in another tutorial, basically the bytes are reversed (so 00 00 AF C8 would actually be C8 AF 00 00). To make the change just reverse the answer you came up with to follow the format of the bytes. More on this later.
Wrapping it Up!
I don't want to cover too much in one tutorial. Let some of this info sink into your brain so you can be prepared for my next tutorial. I hope you now understand 'Hexadecimal', 'Bits', 'Bytes', and 'Nibbles'.
I know it can be a bit confusing converting back and forth between the different forms, but if you can get a good grasp on the topics we have covered up to this point, the more advanced techniques I will cover in the next tutorial won't seem so hard.
What to expect next?
In the next tutorial I will cover 'Bit Manipulation', 'Bit Masks', 'Data-Types', 'Negative Numbers', 'ASCII', 'Endianness', and 'XOR Linked Lists'
Cast your vote on this article 10 - Highest, 1 - Lowest
Comments: Published: 17 comments.
HackThisSite is is the collective work of the HackThisSite staff, licensed under a CC BY-NC license.
We ask that you inform us upon sharing or distributing.