ht: High marks, even if it’s lost on me

This little adventure of the past two years has run me up against more than one tool that I like a lot, but haven’t a single use for. ht is one of those, for reasons that are probably obvious just in these screenshots.

2014-12-22-jsgqk71-hte-01 2014-12-22-jsgqk71-hte-02

ht, a/k/a hte or the HT Editor, has a perfect interface with lots of color, a drop-down menu approach, an adjustable two-pane layout, on-screen function keys and a mess of other goodies.

My only problem is, I can’t say that I’ve ever needed a disassembler and executable editor.😦

I see where it can double as a hex editor though, so perhaps I should just accept it as that, since I might be able to put it to that use … maybe once, sometime in the next two or three years.🙄 It probably wouldn’t be fair to just call it a hex editor though, since it’s obviously prepared to do a lot more.

I’ll give ht high marks for its style and presentation, even if the purpose of the program is completely over my head. That puts it in good company though, with things like tig, txt2regex and others.😦

ht is in Debian as well as Arch’s community, and probably for good reason. I’d be pleased to think I could put ht to use some time — heck, I might even settle for watching over someone’s shoulder while they use it.😐

P.S.: Argh, there’s that red-on-blue effect again. …😡

2 thoughts on “ht: High marks, even if it’s lost on me

  1. darkstarsword

    o_O Now this has my attention!

    + Build in expression evaluator is good, with loads of flexibility, such as interpreting the bytes under the cursor in various ways. Only thing I can’t work out how to do is interpret the bytes as a float – I can only interpret them as a 32bit integer and then convert that to a float, which isn’t the same thing, but I might be missing something. Would be nice to be able to leave the expression window open set for a particular kind of conversion while moving the cursor, but I really can’t complain – this is already very good, and very powerful🙂

    Disassembler shows evidence that the developer actually has reverse engineering experience:
    + Can analyse executable format headers (ELF, PE, etc) and edit them directly
    + Code analyser works on at least x86 and big-endian PPC
    + Can quickly jump to exports, and cross reference imports to find where they are used
    + Finds cross references to code, strings, etc. (pro tip: Find a string printed from an error, log message, etc and follow cross references to locate the code that uses the string)
    + Can add comments to assembly, which are saved between sessions – extremely useful to make notes while reverse engineering
    + Can name functions, data, etc. Possibly *THE* most useful feature of a reverse engineering tool, as it allows you to start to make sense of what you’re looking at.
    + Can handle ppc64be dot symbol ABI, though uses underscores instead of the dot.

    Obviously not as full featured as something like IDA or radare, but IDA is closed source and this much easier to use than radare (plus, I’ve never worked out how to find cross references to a string in radare, which this tool does with ease). Very good tool, thanks🙂

  2. Pingback: Bonus: 2014 in review | Inconsolation

Comments are closed.