Basic Hex Editing Windows Binary EXE files on Linux with Hexeditor Tutorial

Vim is able to find it because 1. Those dots are really dots to vim inside the editor and 2. vim does a regex search when / is used, and dot matches any character in this case. Another important point is thay you would need more sophisticated tools if you wanted to search for unicode strings.

hos

About vim... The "xxd" isn't one of vim's modes, so I guess that when you switch to xxd you basically work on some "piped" content, and when you revert back to vim's normal mode you also revert back to the original content.

DarkAncientZ

If i remember well, 2 hex digits are 1 byte so you can search for numbers inside a file for example into a saved game file to modify bullets, hp, or something like that.

alienmind

I use to use hex editor in windows to bypass cdkeys or 30 trial period

gotbletu

Unix Fu is seemingly hard to grasp these days when concepts of everything is a file, or buffer in memory. And anything can be "copy-and-pasted" aka piped into the input buffer of one program from the output buffer of another. But your on the right track with your. 

To help one needs to remember that when using the line '%!xxd` one is really piping the contents of your current vim buffer (noted as `%`) to the stdin for unix command xxd(1). These commands are treated as filters on your current buffer (ie the currently displayed _window_ holding the memory contents of the open file/stdin).

To actually write the file back do the following:

<ESC>:w !xxd -r > filename

What happens here is one enters into command mode from insert mode, then tells vim to write the contents of the buffer as stdin for the command xxd -r which is also then piping the stdout of xxd into your new filename.

@Kris Occhipinti, I do apologies for the tone of this post, most of this was meant to inform new vim users whom would come visit your video to think correctly about vim/unix while also attempting to answer your question.

DenzukoDomo

Those are not "dots" its actually a unicode string hence the 2 bytes per character, your other string without "dots" are ansi strings(1 byte per char). the reason your vim is not working is because its converting "." to 2E in hex which is ansi string 

TheDrunkenAlcoholic

Can you use this method to remove a serial key registration?

VinnieVincent

Ive always found your videos very helpful! How can i contribute with a donation??

mtflud

very comprehensive thank you very much

anubhavmehra

About vim, in hex 'mode', the right text column is ignored. You should change the hex values.
Nice tutorial!

iiKoe

Reminds me of the old days of hacking Nintendo DS games with HEX.

josephkreifelsii

I You See A Sting Like: "C.r.a.s.h D.u.m.p" That Means It's A Unicode String.

jacobthesitton