Stack Overflow
Stack Overflow

Questions tagged [radare2]

Use this tag for problems related to or involving Radare2, a portable reversing framework for dissembling , analyzing, and debugging binaries.

Radare2, sometimes referred to as r2, is a portable set of tools designed for reverse engineering binaries.

From the official website:

Radare is a LGPL portable reversing framework that can:

  • Disassemble (and assemble for) many different architectures
  • Debug natively or use remote targets (gdb, r2pipe, winedbg, windbg)
  • Run on Linux, *BSD, Windows, OSX, Android, iOS, Solaris and Haiku
  • Perform forensics on filesystems and data carving
  • Be scripted in Python, Javascript, Go and more
  • Support collaborative analysis using the embedded webserver
  • Visualize data structures of several file types
  • Patch programs to uncover new features or fix vulnerabilities
  • Use powerful analysis capabilities to speed up reversing
  • Aid in software exploitation

Related Resources

70 questions
1
vote
1 answer

How to reformat a c structure in ida pro

I'm trying to disassemble a arm64 based binary I want to know how can I reformat structure as it was before I mean not strings but the values at least placed that they were before in code? Take example static struct mystruct cmn = { { 0xFF,…
Rohit
  • 17
  • 4
1
vote
1 answer

How to fix 'cannot assemble 'bl 0x400588' at line 3' in radare2

I'm hooking a binary (aarch64) and I want to rewrite branch instructions to branch to specific addresses. I'm using Radare2 for rewriting branches. But it says 'cannot assemble...' whenever the target address of branching is before the current…
Sara
  • 71
  • 10
1
vote
0 answers

register values don't match disassembly in crackme suite

So I'm pretty new to this whole reverse engineering thing. Ive been working on the IOLI crackme challenges which has 10 levels and ive solved 3 of them with radare2. But i'm stuck on the 4th one as of now and something is going on with the registers…
user10422449
  • 19
  • 2
1
vote
0 answers

Virtual addresses in Dump

Why are the virtual addresses in the dumpfiles different, when I use XDD and Radare2? Radare2-dump Xdd-dump The first image shows the Radare2-dump, the second one the xdd-dump. The addresses are not completely different. The xdd is: 000007b0…
AndiYo
  • 43
  • 6
1
vote
1 answer

How do I install radare2 plugins in offline installation?

I understand how to normally install the plugins with $ r2pm init $ r2pm update $ r2pm -i r2snow $ r2pm -i r2dec But how would I install r2dec when I am on a system that has radare2 installed already but no internet access? Is there a way to copy…
Justin Henderson
  • 11
  • 2
1
vote
1 answer

How to hide auto-generated comments?

When disassembling in Radare2, the output is decorated with random annotations of memory peeks, decimal conversions, etc., for example: ... 0000:06ea and al, 0x7f 0000:06ec cmp al, 5 ; 5 0000:06ee jne…
The Vee
  • 11,420
  • 5
  • 27
  • 60
1
vote
0 answers

Why does radare2 return an empty list of imports for a non empty main()?

I have the following little program I want to generate a call graph for: #include int main() { auto s = std::string("hello"); s += " welt"; return 0; } I compile it in a way which I hope preserves all information in order to be sure…
frans
  • 8,868
  • 11
  • 58
  • 132
1
vote
0 answers

why rasm2 generates different code for one instruction than my instruction in original binary?

I have a code in x86 binary, I opened it with radare2 and (in visual mode) I have the following instructions: Address Instruction ASM Istruction 0x00401251 85c0 test eax, eax 0x00401253 0f84c0000000 je 0x401319; Rabin2…
aramburu
  • 130
  • 1
  • 7
1
vote
0 answers

Why does 'axt' and 'aaa' not work in Radare 2?

Here's everything I typed:(I followed this tutorial: https://crackmes.one/static/solution/5b51b18833c5d41c0b8ae543.zip) xeus@Xeus:~/Downloads/Crackmes$ r2 crackMe1.bin [0x000008a0]> aaa [0x000008a0]> fs strings [0x000008a0]> f 0x000008a0 256…
Not Important
  • 29
  • 1
  • 3
1
vote
1 answer

radare2 Patch Keyboard Input

I am doing a reverse engineering practice with radare2. I want to patch the vim binary file (linux), so that when a user presses "i" it is replaced with "e". How I can find what is read from the keyboard in the disassembly file using radare2?
sMojtaba Mar
  • 359
  • 2
  • 5
  • 15
0
votes
1 answer

Trouble installing r2ghidra

I am using a MacBook with OS Ventura 13.3 and trying to install the r2ghidra plug-in through the command r2pm -ci r2ghidra but it fails with the following error: I have tried various fixes such as reinstalling radare2 both by running brew install…
adahy
  • 25
  • 4
0
votes
1 answer

radare2 load register map

I'm reversing some stm32f030 code I downloaded from the chip. I do understand the stm32s and arm assembly but I'm completely new to radare2. There are many special registers e.g. 0x40021000 is RCC_CR, 0x40021004 is RCC_CFGR, 0x48000000 is…
Scheintod
  • 7,953
  • 9
  • 42
  • 61
0
votes
0 answers

How to write floating values in assembly libil2cpp.so?

Okay so I'm learning a lot about lib patching. I use a program called radare2 in termux in Android. I'm trying to hack an offline game to get unlimited stars. When collecting stars, each on the value is one. I dumped libil2cpp.so in Termux, went to…
BIG R Studios
  • 1
0
votes
0 answers

Radare2 is showing global.mk:12: *** Current working directory cannot contain spaces and not getting installed

I tried installing Radare2 according to the guide. I ran the following commands: git clone https://github.com/radareorg/radare2 radare2/sys/install.sh But it is showing the following error and the command r2 is not working. Wasn't able to find…
FaizanNehal
  • 22
  • 5
0
votes
0 answers

Radare2: is it possible to open (with vi editor) the source file reference at position?

suppose you are in Visual mode and like to open with default editor (vi) the file start.S at line 43, how can that be done via radare command? Thanks!
aAWnSD
  • 124
  • 10
1 2 3
4
5