pancake
April 12th, 2014, 19:27
Radare is probably for you, if you want to, or have done any of the following:
The radare project started in February of 2006, aiming to provide a simple CLI hex-editor with
support for searching strings in large files (64bit offsets) in plain files or block devices
in order to recover some deleted files. The project has grown incorporating disassemblers for
a large set of architectures, debuggers for the most operating systems, and code analysis tools.
It has become a framework that aims to collect and incorporate the features and tools that a
reverse engineer, exploit artist, developer, and even a hobbyist might need to get the job done.
It's roots are basic *NIX concepts:
The project is built on top of a hexadecimal editor called 'r2', which
is linked to all the libr modules and provides an interface to use them:
Radare2 is a complete LGPL rewrite of the original radare, meaning it is free and open source,
each plugin have a license field which must be checked if you want to provide a privative solution
based on r2.
The program runs on Windows, Mac, Linux, BSD, Android, iOS, and different architectures including ARM,
x86, and Sparc. How much would you have to pay to get a license to run your favorite reverse
engineering program on all of this? $0 if you use radare2
For a grand total of $0 and 0 cents you get support for:
Multi-architecture and multi-platform
Highly scriptable
Hexadecimal editor
You may find several usage examples in http://rada.re ("http://rada.re"), some of them are:
Simple crackme course with radare2
http://dustri.org/b/defeating-ioli-with-radare2.html
Advanced crackme pcme0 solving with radare
http://crackmes.de/users/pancake/pcme0/
Using Radare to Enumerate Artifacts in a Java Class File
http://dso.thecoverofnight.com/posts/2014/04/radare-java-artifact-enumeration/
All this great stuff for free. But, we need your help. Our project did not make
for the Google Summer of Code, which put a damper on our project's development effort.
We decided to start a crowdfunding campaign to implement some of the features from
our GSoC proposal. We are calling the program: Radare Summer of Code (RSoC), which
has nothing to do with Google.
In order to achieve the fundings required to reward our contributors, the crowdfunding campaign
is organized to take accept donation in most of the major currencies (CoinYe not accepted
).
With your help, we are hoping to reach a goal of at least 12000 EUR. This goal is broken down in
the following pool:
If you have a particular feature you want to see completed first, let us know, and we will
do our best to apply your donation to that feature. Interesting concept, donate or contribute to
have your favorite feature implemented. win-win is what we say! So what are you waiting for,
show us some love and help us help you.
http://rada.re/y/?p=crowdfunding
Reverse engineered a binary format or modified a binary file or code
Had to find ROP gadgets in a binary, because NX and ALSR were enabled
Needed to debug a program from a command prompt while modifying the code in an editor
Recovered binary needle from a binary haystack
The radare project started in February of 2006, aiming to provide a simple CLI hex-editor with
support for searching strings in large files (64bit offsets) in plain files or block devices
in order to recover some deleted files. The project has grown incorporating disassemblers for
a large set of architectures, debuggers for the most operating systems, and code analysis tools.
It has become a framework that aims to collect and incorporate the features and tools that a
reverse engineer, exploit artist, developer, and even a hobbyist might need to get the job done.
It's roots are basic *NIX concepts:
everything is a file (sockets, programs, memory, disk, ...)
KISS - every command/module/plugin performs one task
Commands/Tools can be piped to filter or extend its functionality
The project is built on top of a hexadecimal editor called 'r2', which
is linked to all the libr modules and provides an interface to use them:
IO layer that abstracts sections and maps
virtual and physical addressing
assembler/disassembler
code analysis
scripting features
graphs of code and data
visual mode
easy unix integration
diffing engine
mapping of arbitrary files from arbitrary sources
a shellcode compiler
a ROP gadget finder
implementation of 2048
Radare2 is a complete LGPL rewrite of the original radare, meaning it is free and open source,
each plugin have a license field which must be checked if you want to provide a privative solution
based on r2.
The program runs on Windows, Mac, Linux, BSD, Android, iOS, and different architectures including ARM,
x86, and Sparc. How much would you have to pay to get a license to run your favorite reverse
engineering program on all of this? $0 if you use radare2
For a grand total of $0 and 0 cents you get support for:
Multi-architecture and multi-platform
GNU/Linux, Android, *BSD, OSX, iPhoneOS, Windows{32,64} and Solaris
i8080, 8051, x86{16,32,64}, avr, arc{4,compact}, arm{thumb,neon,aarch64}, tms320{c54,c55x+}, cr16, dalvik, ebc, h8, java, sparc, mips, nios2, powerpc, whitespace, brainfuck, malbolge, z80, psosvm, m68k, msil, sh, snes, gameboy, dcpu16, csr, arc
pe{32,64}, te, [fat]mach0{32,64}, elf{32,64}, coff, bios/uefi, dex and java classes
Highly scriptable
Vala, Go, Python, Guile, Ruby, Perl, Lua, Java, JavaScript, sh, ..
batch mode and native plugins with full internal API access
native scripting based in mnemonic commands and macros
Hexadecimal editor
64bit offset support with virtual addressing and section maps
Assemble and disassemble from/to many architectures
colorizes opcodes, bytes and debug register changes
print data in various formats (int, float, disasm, timestamp, ..)
search multiple patterns or keywords inwith binary masks
write code, strings, data from user input or files
truncate, replace, insert, copy-paste memory regions
You may find several usage examples in http://rada.re ("http://rada.re"), some of them are:
Simple crackme course with radare2
http://dustri.org/b/defeating-ioli-with-radare2.html
Advanced crackme pcme0 solving with radare
http://crackmes.de/users/pancake/pcme0/
Using Radare to Enumerate Artifacts in a Java Class File
http://dso.thecoverofnight.com/posts/2014/04/radare-java-artifact-enumeration/
All this great stuff for free. But, we need your help. Our project did not make
for the Google Summer of Code, which put a damper on our project's development effort.
We decided to start a crowdfunding campaign to implement some of the features from
our GSoC proposal. We are calling the program: Radare Summer of Code (RSoC), which
has nothing to do with Google.
In order to achieve the fundings required to reward our contributors, the crowdfunding campaign
is organized to take accept donation in most of the major currencies (CoinYe not accepted
). With your help, we are hoping to reach a goal of at least 12000 EUR. This goal is broken down in
the following pool:
3000 EUR to pay for each participant
1000 EUR for mentors
If you have a particular feature you want to see completed first, let us know, and we will
do our best to apply your donation to that feature. Interesting concept, donate or contribute to
have your favorite feature implemented. win-win is what we say! So what are you waiting for,
show us some love and help us help you.
http://rada.re/y/?p=crowdfunding