Radare2: Difference between revisions

From ICO wiki
Jump to navigationJump to search
No edit summary
No edit summary
Line 6: Line 6:


The framework is essentially composed by 7 executables:  
The framework is essentially composed by 7 executables:  
Radare2
It is the core of of the hexadecimal editor and debugger. It allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on.


    rax - responsible for converting numbers (e.g. string to hexadecimal, decimal to hexadecimal etc);
Radare2 implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, visualizing. It can be scripted with a variety of languages, including Ruby, Python, Lua, and Perl.
    rahash - block based hashing utility;
 
    rabin - responsible for extracting information about binaries;
Rabin2
    rasm - assembly and disassembly from the shell;
It allows you to extract information from executable binaries, such as ELF, PE, Java CLASS, and Mach-O. rabin2 is used by the core to get exported symbols, imports, file information, cross references (xrefs), library dependencies, sections, etc.
     rafind - binary file search and edit tool;
 
    radiff - responsible for differential analysis. Very useful for analyzing patches;
Rasm2
     radare2 - main executable which combines all above mentioned binaries.
It is a command line assembler and disassembler for multiple architectures (including Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and MSIL).
 
Rahash2
An implementation of a block-based hash tool. From small text strings to large disks, rahash2 supports multiple algorithms, including MD4, MD5, CRC16, CRC32, SHA1, SHA256, SHA384, SHA512, par, xor, xorpair, mod255, hamdist, or entropy. rahash2 can be used to check the integrity of, or track changes to, big files, memory dumps, and disks.
 
Radiff2
It is a binary diffing utility that implements multiple algorithms. It supports byte-level or delta diffing for binary files, and code-analysis diffing to find changes in basic code blocks obtained from the radare code analysis, or from the IDA analysis using the rsc idc2rdb script.
 
Rafind2
It is a program that allows you to find byte patterns in files.
 
Ragg2
A frontend for r_egg. ragg2 compiles programs written in a simple high-level language into tiny binaries for x86, x86-64, and ARM.
 
 
Radare2 - The Reverse Engineering Framework (Tool For Hackers)
9:33 AM HackingTools , SecurityTools
Radare2
 
Radare2 is a portable framework for reverse engineering and analyzing binaries. It is actually a rewrite from the scratch of radare -- a forensics tool.
 
(Download link is at the end of this article)
 
It consists of the following command-line utilities:
 
    radare2
 
    rabin2
 
    rasm2
 
    rahash2
 
    radiff2
 
    rafind2
 
    ragg2
 
    rarun2
 
     rax2
 
 
Radare2
It is the core of of the hexadecimal editor and debugger. It allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on.
 
Radare2 implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, visualizing. It can be scripted with a variety of languages, including Ruby, Python, Lua, and Perl.
 
Rabin2
It allows you to extract information from executable binaries, such as ELF, PE, Java CLASS, and Mach-O. rabin2 is used by the core to get exported symbols, imports, file information, cross references (xrefs), library dependencies, sections, etc.
 
Rasm2
It is a command line assembler and disassembler for multiple architectures (including Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and MSIL).
 
Rahash2
An implementation of a block-based hash tool. From small text strings to large disks, rahash2 supports multiple algorithms, including MD4, MD5, CRC16, CRC32, SHA1, SHA256, SHA384, SHA512, par, xor, xorpair, mod255, hamdist, or entropy. rahash2 can be used to check the integrity of, or track changes to, big files, memory dumps, and disks.
 
Radiff2
It is a binary diffing utility that implements multiple algorithms. It supports byte-level or delta diffing for binary files, and code-analysis diffing to find changes in basic code blocks obtained from the radare code analysis, or from the IDA analysis using the rsc idc2rdb script.
 
Rafind2
It is a program that allows you to find byte patterns in files.
 
Ragg2
A frontend for r_egg. ragg2 compiles programs written in a simple high-level language into tiny binaries for x86, x86-64, and ARM.
 
 
Rarun2
A launcher for running programs within different environments, with different arguments, permissions, directories, and overridden default file descriptors.
 
Rarun2 is useful for:
 
    Crackmes
    Fuzzing
     Test suites
 
 
Rax2
A minimalistic mathematical expression evaluator for the shell that is useful for making base conversions between floating point values, hexadecimal representations, hexpair strings to ASCII, octal to integer, etc. It also supports endianness settings and can be used as an interactive shell if no arguments are given.
==References==
==References==
[1] http://radare.org/
[1] http://radare.org/

Revision as of 00:35, 25 August 2016

Radare [1] is an open source and multi-platform framework for Reverse Engineering activities which supports assembly and disassembly many architectures and binary formats [2]. As any other reversing framework, Radare framework aims to recognize high level features on machine code, such as: data structures, functions and execution flows. Radare has buildings for the most populars Operating Systems, such as: Microsoft Windows, Mac OS X, Linux, BSD, iPhone OS, Solaris and MeeGo.

Radare offers few options of interactive graphical interfaces, such as: Web, GTK (Python) and ASCII-Art graph. Another very useful characteristic due to its designing is the capacity to easily implement new architectures, binary formats and analyses [3][4]. Radare provides an open API and with many bindings for many programming languages, such as: Python, Java, Ruby, Go and Perl. Radare is also integrated with the most popular debuggers supporting local and remote debugging [5], such as: gdb, rap, webui, r2pipe, winedbg and windbg.

The framework is essentially composed by 7 executables: Radare2 It is the core of of the hexadecimal editor and debugger. It allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on.

Radare2 implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, visualizing. It can be scripted with a variety of languages, including Ruby, Python, Lua, and Perl.

Rabin2 It allows you to extract information from executable binaries, such as ELF, PE, Java CLASS, and Mach-O. rabin2 is used by the core to get exported symbols, imports, file information, cross references (xrefs), library dependencies, sections, etc.

Rasm2 It is a command line assembler and disassembler for multiple architectures (including Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and MSIL).

Rahash2 An implementation of a block-based hash tool. From small text strings to large disks, rahash2 supports multiple algorithms, including MD4, MD5, CRC16, CRC32, SHA1, SHA256, SHA384, SHA512, par, xor, xorpair, mod255, hamdist, or entropy. rahash2 can be used to check the integrity of, or track changes to, big files, memory dumps, and disks.

Radiff2 It is a binary diffing utility that implements multiple algorithms. It supports byte-level or delta diffing for binary files, and code-analysis diffing to find changes in basic code blocks obtained from the radare code analysis, or from the IDA analysis using the rsc idc2rdb script.

Rafind2 It is a program that allows you to find byte patterns in files.

Ragg2 A frontend for r_egg. ragg2 compiles programs written in a simple high-level language into tiny binaries for x86, x86-64, and ARM.


Radare2 - The Reverse Engineering Framework (Tool For Hackers) 9:33 AM HackingTools , SecurityTools Radare2

Radare2 is a portable framework for reverse engineering and analyzing binaries. It is actually a rewrite from the scratch of radare -- a forensics tool.

(Download link is at the end of this article)

It consists of the following command-line utilities: 

   radare2

   rabin2

   rasm2

   rahash2

   radiff2

   rafind2

   ragg2

   rarun2

   rax2


Radare2 It is the core of of the hexadecimal editor and debugger. It allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on.

Radare2 implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, visualizing. It can be scripted with a variety of languages, including Ruby, Python, Lua, and Perl.

Rabin2 It allows you to extract information from executable binaries, such as ELF, PE, Java CLASS, and Mach-O. rabin2 is used by the core to get exported symbols, imports, file information, cross references (xrefs), library dependencies, sections, etc.

Rasm2 It is a command line assembler and disassembler for multiple architectures (including Intel x86 and x86-64, MIPS, ARM, PowerPC, Java, and MSIL).

Rahash2 An implementation of a block-based hash tool. From small text strings to large disks, rahash2 supports multiple algorithms, including MD4, MD5, CRC16, CRC32, SHA1, SHA256, SHA384, SHA512, par, xor, xorpair, mod255, hamdist, or entropy. rahash2 can be used to check the integrity of, or track changes to, big files, memory dumps, and disks.

Radiff2 It is a binary diffing utility that implements multiple algorithms. It supports byte-level or delta diffing for binary files, and code-analysis diffing to find changes in basic code blocks obtained from the radare code analysis, or from the IDA analysis using the rsc idc2rdb script.

Rafind2 It is a program that allows you to find byte patterns in files.

Ragg2 A frontend for r_egg. ragg2 compiles programs written in a simple high-level language into tiny binaries for x86, x86-64, and ARM.


Rarun2 A launcher for running programs within different environments, with different arguments, permissions, directories, and overridden default file descriptors.

Rarun2 is useful for: 

   Crackmes
   Fuzzing
   Test suites


Rax2 A minimalistic mathematical expression evaluator for the shell that is useful for making base conversions between floating point values, hexadecimal representations, hexpair strings to ASCII, octal to integer, etc. It also supports endianness settings and can be used as an interactive shell if no arguments are given.

References

[1] http://radare.org/ [2] https://en.wikipedia.org/wiki/Radare2#Supported_architectures.2Fformats [3] https://github.com/radare/radare2/wiki/Implementing-a-new-architecture [4] https://github.com/radare/radare2/wiki/Implementing-a-new-analysis-plugin [5] http://solidsec.blogspot.de/2015/09/reversing-elf-binaries-remote-debugging.html

Retrieved from "https://wiki.itcollege.ee/index.php?title=Radare2&oldid=105045"