Reading a files bytes on hard drive

Question

lochnessmonster 0 Junior Poster

13 Years Ago

Im currently wanting to open a file on my Hard Drive, and be able to scan it's contents to see if it has any bytes that match a specific pattern of bytes which i have stored in a byte array. Im curious as to how i can do this? will i need to use api functions, if so which ones should i read into? Also what would be an efficient way to do such a task? Can i accomplish this by opening a file in binary mode using the C++ fstream(i wanna scan in and compare the bytes to hex values for example)

i dont wanna see compare bytes like this 00000001(in binary) i wanna compare the equivalent in hex 0x0001....would i have to physically scan in the bytes and convert them to hex myself before i do a comparison? -thx!

c++

3 Contributors
4 Replies
197 Views
9 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by lochnessmonster

All 4 Replies

vijayan121 1,152 Posting Virtuoso

13 Years Ago

will c++ let you open a .exe or any file for that matter in binary mode?

Yes.

what would be the most efficient way of scanning thru a file on disk

Don't do any conversion to hex or any other text format; just compare the raw bytes.

#include <fstream>
#include <iterator>
#include <algorithm>

typedef unsigned char byte ;

bool is_byte_seq_present_in_file( const char* file_path,
                        const byte* byte_array, std::size_t array_size )
{
    // 1. open the file in binary mode
    std::ifstream file( file_path, std::ios::binary ) ;

    // 2. create a pair of iterators to iterate over the sequence of bytes in the file
    std::istream_iterator<byte> begin(file), end ;

    // 3. use std::search() to search for the byte sequence in the file
    return std::search( begin, end, byte_array, byte_array+array_size ) != end ;
}

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

WaltP 2,905 Posting Sage w/ dash of thyme Team Colleague · Answer 1 · 2011-02-10T06:35:07+00:00

Just open the file in binary mode and read it. Nothing magical or hard about it. You don't need APIs.

And in a computer, all values are numbers. And all bases (binary, decimal, hex) are equivalent. For example, if xval=66, all these statements test TRUE:

if (xval == 66)      // decimal 
    if (xval == 0x42)    // hex
    if (xval == 'B')     // character

There is no 'native' binary in C++. Hex is the closest we have

lochnessmonster 0 Junior Poster · Answer 2 · 2011-02-10T07:19:32+00:00

i c! thanks! also what would be the most efficient way of scanning thru a file on disk in your opinion if i were to scan it for a certain byte signature? also will c++ let you open a .exe or any file for that matter in binary mode? or must it have .bin format? if so how do i get around this??

lochnessmonster 0 Junior Poster · Answer 3 · 2011-02-10T08:14:17+00:00

1 last question!

1.) Wouldn't it be pointless to scan in the beginning of a windows PE? it seems like at the top of a .exe there is junk...such as msdos header....and it seems like this could possibly miss allign the reading of bytes and make the comparison not give correct results? Shouldn't you start right at the codes entrypoint or no?

Reading a files bytes on hard drive

Recommended Answers Collapse Answers

All 4 Replies

Recommended Answers