Radare2

Radare2
Radare2
	; Radare2 web interface
Type of	Disassembler and reverse engineering framework
Author	pancake
Developer	pancake
Written on	Si
Interface	command line , graphical , web interface
operating system	Linux , BSD , OS X , Windows , Solaris , Android , iOS , Firefox OS , MeeGo , QNX , Haiku
Interface languages	English
First edition	February 2006
Hardware platform	Cross platform
Latest version	;
condition	Active
License	LGPL
Site	radare.org

Radare2 (also known as r2 ) is a free cross-platform reverse engineering framework written in C , which includes a disassembler , a hex editor , a code analyzer, and so on ^[2] . Used when reversing and debugging malware and firmware ^[3] ^[4] .

Content

History and Development

The radare project ^[5] began to develop a hacker with the nickname pancake in 2006, and for a long time, in fact, he was the only developer. Initially, the project was conceived as a hex editor with a simple console interface, allowing to find and recover data from hard drives. Therefore, it was called "a tool for computer forensic examination ." Later, according to the authors, the project concept changed, and the developers' goal was to create a full-fledged platform for analyzing binary files , in particular, executables ^[6] .

In 2010, there was a "redesign" of the framework, after which the project began to grow and be replenished with new functions, which allowed using it not only as an editor, but also as a disassembler and analyzer of both code and shell codes .

Composition of radare2

The radare2 framework is available as libraries and utilities:

Rasm2 is an assembler / disassembler of the framework, executed as a separate application and allows you to disassemble both binary and separate lines.
Rabin2 is a utility for working with various executable files (ELF, PE, Java class, Mach-O). It is used to get various information about the file: imported functions, exported symbols, sections, plug-in libraries and so on.
Rahash2 is a utility for getting hash values in many formats from both binary files and certain parts of data.
Radiff2 is a utility for comparing binary files.
Rafind2 is a utility for searching both strings with and without regular expressions, as well as data in hexadecimal format or a binary pattern.
Ragg2 is an experimental utility for compiling small programs for x86 / x64 and ARM architectures.
Rax2 is a utility for converting data in various formats.
Rarun2 - allows you to run the program with different environment settings, arguments, rights and directories.
Radeco ^[7] is a decompiler .

Bokken

Bokken ^[8] - PyGtk graphical user interface for radare2.

Supported Architectures / File Formats

Supported Architectures	Supported File Formats
i4004 Intel x86 / x86-64 family ARM Atmel AVR Series Brainfuck Motorola 68k Hitachi / Renesas H8 / 300 Ricoh 5A22 MOS 6502 Smartcard PSOS Virtual Machine java virtual machine MIPS Family: mipsb / mipsl / mipsr / mipsrl / r5900b / r5900l PowerPC SPARC family TMS320Cxxx Argonaut RISC Core Intel 51 series : 8051 / 80251b / 80251s / 80930b / 80930s Zilog Z80 LH5801 CR16 Cambridge Silicon Radio (CSR) Android / VM Dalvik DCPU-16 EFI byte code Gameboy java bytecode Malbolge MSIL / CIL Nios ii Superh SPC700 System z TMS320 V850 Whitespace XCore Pebble	COFF and derivatives, including Win32 / 64 PE ELF and derivatives Mach-O ( Mach ) and Derivatives cartridges Game Boy and Game Boy Advance MZ ( MS-DOS ) java classes dyld cache dumps Dex ( Dalvik EXecutable) Xbox (xbe format) Plan9 executables Winrar filter virtual machine file systems ( ext , ReiserFS , HFS + , NTFS , FAT , etc.) DWARF and PDB debug information formats binary files (Raw binary)

Version History

Colour	Value
Red	Old version
Green	Current version

Version radare2	Date of issue	Features
0.9.2	October 2, 2012	New CPU support: Z80, dcpu16, m68k and arc. Added support for the following platforms: dalvik, mips, arm. Added zip: // and apk: // processing. Improved analyzer 16-bit x86-code. Many commands have been added, such as? I,? I,? K, b +, b-, etc. Valabind 0.7.2 is now required. Fixed error when decoding FF25 opcode in x86_64 architecture. The implementation of DWARF support has begun. Added support for jmp [(rip +) 0xoffset] and call [(rip +) 0xoffset].
0.9.6	November 11, 2013	Support for color schemes and display of arrows / frames with Unicode characters. The location of the configuration files is in accordance with the XDG specifications. Platform Support AArch64, Texas Instruments C55x +, 8051, ARCompact. Automatic recognition and loading of TE executable files (Terse Executable), BIOS / UEFI images. Java 7 class support. Support for declaring types of structures and sets, for example using the 'td' command. Python bindings are rewritten using ctypes, instead of swig. Java Binding JNI and D support To simplify the work, basic support for the 'clear', 'ls', 'cat', 'cd', 'pwd' commands has been added to r2. All commands can be connected via '\|' as in the usual POSIX shell. Refactoring and transition of the kernel to SDB (a simple key-value database) for storing meta information (functions, labels, comments, and much more) has been started.
0.9.9	June 5, 2015
1.0 ^[9]	November 6, 2016	Added autocompletion of commands, color themes, menuetOS, KolibriOS, DOS4GW formats, improved PE, MACH0, ELF, COFF character parsers, improved Android support
1.0.2 ^[9]	November 8, 2016

Notes

↑ Release 3.6.0 - 2019.
Osh Joshua J. Drake, Zach Lanier, Collin Mulliner, Pau Oliva Fora, Stephen A. Ridley. Android Hacker's Handbook . - John Wiley & Sons, 2014. - p. 495. - 576 p. - ISBN 9781118922255 .
↑ Workshop “Reversing and debugging malware and firmware using the radare2 framework”
↑ Ken Dunham, Shane Hartman, Manu Quintans, Jose Andre Morales, Tim Strazzere. Android Malware and Analysis . - CRC Press, 2014-10-24. - p. 146. - 246 p. - ISBN 9781482252194 .
↑ Git radare repository (English)
↑ Radare documentation, Chapter 1: Introduction, 1.1 History (English)
G Git radeco repository (English)
Bo Bokken Home Page
↑ ¹ ² Releases · radare / radare2 · GitHub

Literature

Boris Ryutin. On the radare in full view. Basics of working with the radare2 framework // Hacker. - 2014. - № 9 (188) .

In English

The radare book . - pancake, 2008. - p. 152.
Radare2 Book
pancake Binary Mangling with Radare // Phrack Magazine. - 2009. - № 66 .

Links

[_142f51cbb35fddfb-1] Release 3.6.0 - 2019.

[2] Osh Joshua J. Drake, Zach Lanier, Collin Mulliner, Pau Oliva Fora, Stephen A. Ridley. Android Hacker's Handbook . - John Wiley & Sons, 2014. - p. 495. - 576 p. - ISBN 9781118922255 .

[3] Workshop “Reversing and debugging malware and firmware using the radare2 framework”

[4] Ken Dunham, Shane Hartman, Manu Quintans, Jose Andre Morales, Tim Strazzere. Android Malware and Analysis . - CRC Press, 2014-10-24. - p. 146. - 246 p. - ISBN 9781482252194 .

[5] Git radare repository (English)

[6] Radare documentation, Chapter 1: Introduction, 1.1 History (English)

[7] G Git radeco repository (English)

[8] Bo Bokken Home Page

[autogenerated1-9] ¹ ² Releases · radare / radare2 · GitHub