Together they create one of the most powerful toolsets in the field of static and dynamic analysis, hex editing and exploitation (in the following articles I’ll dive deeper into developing exploits using radare2). This framework is composed of a set of utilities that can be used either together from r2 shell or independently – We’ll get familiar with tools such as rahash2, rabin2 and ragg2. But maybe above all of its features stands the ideology – radare2 is absolutely free. It has great scripting capabilities, it runs on all major platforms (GNU/Linux, Windows, *BSD, iOS, OSX, Solaris…) and it supports tons of architectures and file formats. Radare2 is an open-source framework for reverse engineering and binary analysis which implements a rich command-line interface for disassembling, analyzing data, patching binaries, comparing data, searching, replacing, visualizing and more. (see radare2/doc/fortunes.fun for more fortunes) radare2
Since these articles aim to teach you the basics of radare2, its features, and capabilities, I’ll explain much more than you actually need to know in order to solve each task. Either way, I honestly believe that you must include radare2 in your toolbox.īecause I got really enthusiastic about the project and I want more and more researchers to be familiar with it, use it and hopefully contribute to the project, I decided to create a series of articles and use-cases of r2. It might be because they’re afraid to break out of their comfort zone (IDA Pro, 圆4dbg, Ghidra, OllyDBG, gdb) or they have simply not heard of it. Sadly, I believe that only few people are familiar with radare2. It’s also my go-to tool for malware analysis tasks such as configuration retrievals. I found radare2 very helpful with many CTFs tasks and my solutions had shortened significantly. I was playing a lot with radare2 in the past years, ever since I began participating in CTFs and got deeper into RE and exploitation challenges. I will keep it updated every now and then to make sure it is up-to-date with the changes in radare2. This is an updated version of the original tutorial. I am now, for several years, a core member in the radare2 team and a maintainer of Cutter, a modern, GUI-based, reverse engineering framework that is powered by radare2.
Your feedback was amazing and I am very happy for the opportunity to teach new people about radare2.Ī lot has changed since I wrote this tutorial, both with radare2 and with me. Update (2020): Since writing this article, it has become, in a way, the go-to tutorial for learning radare2.
0 kommentar(er)
