Radare2

From ICO wiki
Revision as of 00:25, 25 August 2016 by Itaal (talk | contribs)
Jump to navigationJump to search

Radare [1] is an open source and multi-platform framework for Reverse Engineering activities which supports assembly and disassembly many architectures and binary formats [2]. As any other reversing framework, Radare framework aims to recognize high level features on machine code, such as: data structures, functions and execution flows. Radare has buildings for the most populars Operating Systems, such as: Microsoft Windows, Mac OS X, Linux, BSD, iPhone OS, Solaris and MeeGo.

Radare offers few options of interactive graphical interfaces, such as: Web, GTK (Python) and ASCII-Art graph. Another very useful characteristic due to its designing is the capacity to easily implement new architectures, binary formats and analyses [3][4]. Radare provides an open API and with many bindings for many programming languages, such as: Python, Java, Ruby, Go and Perl. Radare is also integrated with the most popular debuggers supporting local and remote debugging [5], such as: gdb, rap, webui, r2pipe, winedbg and windbg.

The framework is essentially composed by 7 executables: 

   rax - responsible for converting numbers (e.g. string to hexadecimal, decimal to hexadecimal etc);
   rahash - block based hashing utility; 
   rabin - responsible for extracting information about binaries;
   rasm - assembly and disassembly from the shell;
   rafind - binary file search and edit tool;
   radiff - responsible for differential analysis. Very useful for analyzing patches;
   radare2 - main executable which combines all above mentioned binaries.
Retrieved from "https://wiki.itcollege.ee/index.php?title=Radare2&oldid=105043"