| Main
Papers Software Mailings Projects FreeNIT 0xFFFF ACR Cake dosis gDVB pvc radare rss2html screws spp stacktrace mesure mksend wistumbler2 xml2doc xsser VPMN Blogs brainstorm pancake pof esteve plue psy Servers Youterm News.nopcode Cvs.nopcode | RadareAuthor: pancakeOfficial homepage Radare started as a commandline hexadecimal editor aiming to use 64 bit offsets to read and write from/to large raw devices or plain files. The basic POSIX IO has been wrapped to support multiple IO plugins: * haret Remotely read WindowsCE memory ( haret://host:port ) * ptrace Debugs or attach to a process ( dbg://file or pid://PID ) * sysproxy Connects to a remote syscallproxy server * remote TCP IO ( listen://:port or connect://host:port ) * gdb Debugs or attach to a process using gdb (gdb://file, gdb://PID, gdb://host:port) * posix plain posix file access * w32 posix to native w32 api io The toolchain comes with other tools: * rasc shellcode generator and tester (outputs in raw, hexpairs or C) * xrefs find crossed references on raw images for ppc, arm and x86 * hasher hash files or streams data blocks with multiple hashing algorithms * rsc command line helpers written in shellscript or perl * armasm minimalistic arm assembler * xc converts between multiple radix numeric bases Some rsc tools: # Command line assembler/disassmbler for x86/arm transparently using objdump/gas/nasm/armasm
$ rsc asm 'mov eax, 0x33' b8 21 00 00 00 $ rsc dasm 'b8 21 00 00 00' mov eax, 0x33 # scan firmware image for known file formats $ rsc rfile-foreach my-firmware.fw # load dwarf information into the debugger < .!rsc syms-dbg-flag /bin/ls # generate program graph $ rsc bin2tab /bin/ls | rsc tab2gml < ls.gml # assembly dictionary $ rsc adict mov mov moves data from src to dst # Bindiffing two files $ bindiff file.orig file | rsc bdcolor 3 | less -r There'r two current developments for a graphical frontend: * gradare Gtk2-C frontend using grsc scripts piped to an vte * vala-radare Native Gtk2-Vala frontend embedded inside the radare core implementing an OO api The debugger now supports: * Support for w32, linux x86/mips/arm, {free|net|open}bsd * step / step-over * dump / restore memory and cpu state from/to disk * continue / until user code / until syscall / until fork * trace execution (running TRACECMD at a certain debug level) * filedescriptor manipulator * thread support on linux * memory allocation on the child process * process memory maps permissions manipulation * map files on process memory * run syscalls on the child process * DRx registers control on Linux * breakpoints / watchpoints (hardware and software) support * force core dump, jmps and calls * signal manipulation * process tree Future: * SQL integration with web frontend for bindiffing, tracing, tracediffing, comments, etc.. * Port the debugger to 64 bit architectures * Better debugger support for BSD * Port the debugger layer to w32 and Solaris Read more |