5

I am attempting to write a small utility to produce a binary file that will mimic the one produced by another closed application. I've used hex editors to decrypt the format by I'm stuck trying to understand what the format/encoding is so that I can produce it using C++ or C#.

The file starts with the first four bytes: 01 00 followed by FF FE. My understanding is that the file begins with SOH followed by the byte order mark for little endian. After these four bytes, the program appears to write BSTR's for each of the string fields from the app's GUI.

Using C#, I have produced a unicode file that starts with FF FE, but I'm not sure how to insert the SOH character first.

I would be forever grateful if someone could offer insight to the file format or encoding and why the file starts with the SOH character.

Thank you in advance.

John Saunders
  • 160,644
  • 26
  • 247
  • 397
Rob
  • 53
  • 1
  • 3
  • Can you give us a hint about what this closed software does? Can you at least say which industry or area of endeavor it is associated with? – John Saunders Dec 22 '10 at 23:38
  • The file is produced by a GUI that automates the backup of an object oriented and a SQL database while creating a file that is used to restore the backup. I want to create an executable that can produce the same file using arguments so that I can automate the backup and produce a file that could be used by the GUI to restore my scripted backup. I'm not attempting to bypass any licensing or produce something to sell. It's just for an app that will saving me from running the backups manually. The file is only 1k in size. – Rob Dec 22 '10 at 23:56

2 Answers2

4

Reverse engineering a binary file format can be a challenging task. On the surface, I don't recognize this as an obvious, well-known file format ... but there are thousands out there, so who knows.

Legal issues aside, I would suggest you look at some of the following resources that talk about approaches to such an endeavor:

Community
  • 1
  • 1
LBushkin
  • 129,300
  • 32
  • 216
  • 265
3

If you are just having trouble writing out the first four bytes this will do it for you.

using (var stream = new FileStream("myfile.bin", FileMode.Create))
{
     using (var binaryWriter = new BinaryWriter(stream))
     {
         binaryWriter.Write((byte)1);
         binaryWriter.Write((byte)0);
         binaryWriter.Write((byte)0xFF);
         binaryWriter.Write((byte)0xFE);
         binaryWriter.Write(Encoding.Unicode.GetBytes("string"));
     }
}

This will output the following file

01 00 FF FE 73 00 74 00 72 00 69 00 6e 00 67 00  ....s.t.r.i.n.g.

Edit: Added Mark H's suggestion for writing out a string.

Darryl Braaten
  • 5,229
  • 4
  • 36
  • 50
  • Wow! Thank you! I wish I had asked for help sooner. Would you happen to know how a BSTR data type could be written using the same writer? – Rob Dec 23 '10 at 00:02
  • Thank you all for the help. With your assistance I was able to create the application in just a couple hours. I sincerely appreciate it! – Rob Dec 23 '10 at 03:11