Stack Overflow
Stack Overflow

Questions tagged [radare2]

Use this tag for problems related to or involving Radare2, a portable reversing framework for dissembling , analyzing, and debugging binaries.

Radare2, sometimes referred to as r2, is a portable set of tools designed for reverse engineering binaries.

From the official website:

Radare is a LGPL portable reversing framework that can:

  • Disassemble (and assemble for) many different architectures
  • Debug natively or use remote targets (gdb, r2pipe, winedbg, windbg)
  • Run on Linux, *BSD, Windows, OSX, Android, iOS, Solaris and Haiku
  • Perform forensics on filesystems and data carving
  • Be scripted in Python, Javascript, Go and more
  • Support collaborative analysis using the embedded webserver
  • Visualize data structures of several file types
  • Patch programs to uncover new features or fix vulnerabilities
  • Use powerful analysis capabilities to speed up reversing
  • Aid in software exploitation

Related Resources

70 questions
1
vote
0 answers

tab completion in radare2 gives seg fault

I'm new to radare2 ans was previously using it on Ubuntu or Kali. I switched to Manjaro 20.2 and noticed that whenever I press the [TAB] it ends up in a segmentation fault something like this: >> r2 hello [0x00001040]> aa [x] Analyze all flags…
Abhay Bhat
  • 11
  • 2
1
vote
0 answers

radare2 -c and -i options do not execute more than one command

All commands below do not execute psz @ [rax]. Why? script=$(mktemp) cat > $script << EOF dcu 0x00404d29 psz @ [rax] EOF r2 -d -R input="a" -i $script exatlon_unpacked r2 -d -R input="a" -c "dcu 0x00404d29; psz @ [rax]" exatlon_unpacked r2 -d -R…
puleiya
  • 11
  • 1
1
vote
0 answers

Radare2 "dc" and "dce" command pausing

I am working on learning Radare2 for fuzzing\vulnerability research and I've found that the commands 'dc' and 'dce' aren't working the way I expect them to. I run the command radare2 -A -d BlazeHDTV.exe It does its magic and I'm at the…
joke2600
  • 11
  • 1
1
vote
1 answer

Find the function called when user interacts with an exe

I have an exe which I am trying to understand how it works. Whe I click on one of the UI elements of the exe , I think it is making a network request and receiving data . How would I trace what is being done by the exe ? Is there a way to use…
roller
  • 11
  • 1
1
vote
0 answers

Long consecutive number of "add" opcodes after disassembling

After disassembling PE 32 files using radare2 to extract opcodes from, I noticed that near the beginning of the opcodes I get a long consecutive list of "add" opcodes. I am wondering if anyone knows the reason for that and why it is there.
Allen Ye
  • 27
  • 2
  • 13
1
vote
0 answers

Radare2 "Block size too big"

I have a PE file that is roughly 30 MB. When I try to run on Radare2 "pD $s," it outputs an error saying block size is too big. Is there another way to disassemble all of the bytes in this file I am trying to look at?
Gavin Wong
  • 11
  • 1
1
vote
1 answer

Radare2 "pd" command

I am currently using Radare2 to extract opcodes from PE files. Currently, I am attempting to use the "pd" command which from the API: "pd n @ offset: Print n opcodes disassembled". I am wondering if there is a way to calculate/find out exactly what…
Allen Ye
  • 27
  • 2
  • 13
1
vote
0 answers

Python 3 RAW Byte String

I want to know how to format a string as raw bytes in python3 just like it was in python2. To clarify my Question, I have to following shellcode: x =…
Benedict Schlüter
  • 329
  • 4
  • 16
1
vote
0 answers

What is wrong with my Radare2 Visual mode?

When I open a file in radare2 and then enter Vpp, the first line appears next to the registers. Is this a bug or a config parameter which I could change ? That problem persists even if I move in the file with j or k And if it's a bug, is there a…
Saperlu
  • 11
  • 1
1
vote
1 answer

Cutter with arm debugging

I've been able to run the debugger inside Cutter (radare2) using my native host (x86_64) libraries when reversing a x86 binary. How would I do such a thing when trying to debug an arm binary? How can I get cutter to use the libc.so for arm instead…
bigfy
  • 145
  • 2
  • 7
1
vote
1 answer

Radare2/r2pipe Binary writng mode

I want to write some data to the ELF binary. I have tried to use this r2pipe function r = r2pipe.open('binary', flags=['-w'] How can I add some strings to ELF binary by using r2pipe binary write mode function? Sorry for this stupid question. Any…
Ali
  • 13
  • 3
1
vote
1 answer

rasm and gdb wrong instruction disassemble

What is instruction of the following opcode? 81 3E 38 43 55 AA 5A 5A I checked these opcodes in sandphile 81 is CMP opcode 3E is DS segment register override prefix 43 38 is offset 55 AA 5A 5A is operand According to sandpile I should get such…
Emin
  • 31
  • 1
  • 4
1
vote
1 answer

Multiprocessing With r2pipe

I'm having issues with using r2pipe, Radare2's API, with the multiprocessing Pool.map function in python. The problem I am facing is the application hangs on pool.join(). My hope was to use multithreading via the multiprocessing.dummy class in order…
Jacob Pimental
  • 33
  • 1
  • 5
1
vote
1 answer

how to give a name to global varrible in radare2?

I have something like this: (fcn) fcn.140001020 20 fcn.140001020 (); ; XREFS: CALL 0x140001080 CALL 0x140001098 CALL 0x1400010b0 CALL 0 ; XREFS: CALL 0x140001794 CALL 0x1400017ad CALL 0x140001029 mov…
MkInitCpIO
  • 11
  • 1
1
vote
1 answer

inserting file as user input in radare2 (VS shell & VS gdb) (linux)

I have a file that I want to use as the user input in a C program that ask for user input trough a scanf (playing and learning in linux) lets call the program a.out and the file with the contents myImput, thereby: in shell I can go: cat…
gokunef
  • 31
  • 3
1 2
3
4 5