Stack Overflow
Stack Overflow

Questions tagged [radare2]

Use this tag for problems related to or involving Radare2, a portable reversing framework for dissembling , analyzing, and debugging binaries.

Radare2, sometimes referred to as r2, is a portable set of tools designed for reverse engineering binaries.

From the official website:

Radare is a LGPL portable reversing framework that can:

  • Disassemble (and assemble for) many different architectures
  • Debug natively or use remote targets (gdb, r2pipe, winedbg, windbg)
  • Run on Linux, *BSD, Windows, OSX, Android, iOS, Solaris and Haiku
  • Perform forensics on filesystems and data carving
  • Be scripted in Python, Javascript, Go and more
  • Support collaborative analysis using the embedded webserver
  • Visualize data structures of several file types
  • Patch programs to uncover new features or fix vulnerabilities
  • Use powerful analysis capabilities to speed up reversing
  • Aid in software exploitation

Related Resources

70 questions
7
votes
1 answer

Radare2 Disassembler How Do You Organize Visual Panels (V!)?

I would like to use Radare2 to learn about how C is assembled into assembly but I am having trouble with the layout. I think the V! mode would be very handy as you can watch the registers update as the instruction pointer moves through the program,…
Aaron
  • 117
  • 7
5
votes
0 answers

How do I compare two EXE files, find differences and decompile those with Cutter or Radare2?

After struggling for days, I'd like to ask the community :) I have two exe files. Both at the same size and pretty big (around 80MB). The first exe is the original file, which has been compiled some time ago. I also have the corresponding PDB…
Knutwurst
  • 53
  • 2
  • 8
4
votes
1 answer

ASM pattern search in radare2

I want to perform a search in radare2 for an ASM pattern of the type pop, mov, mov that is three consecutive instructions: the first beginning with pop, the second beginning with mov and the third also. There is a related issue of Radare2…
YMR
  • 67
  • 5
4
votes
0 answers

How do I install Radare2 on Windows?

I am trying to get Radare2 installed on my Windows machine. I do have Windows Subsystem for Linux up and running if that changes things. I have tried the git technique from their website: git clone https://github.com/radare/radare2 cd…
AwesomeCronk
  • 421
  • 6
  • 16
4
votes
1 answer

Strange decompilation when using gcc with different optimization

I am running on linux 5.4.18-1-MANJARO with gcc version 9.2.0 (GCC) Filename:a.c #include int main(void) { int a; scanf("%d", &a); if (a < 5 || a > 6) puts("fail"); else puts("succeed"); } Then I run: gcc…
coolder
  • 144
  • 2
  • 9
4
votes
2 answers

Dockerfile build error: Unable to locate

I am trying to build the following Radare2 dockerfile, but I think I may have some formatting wrong. I can't seem to figure out how to make everything install correctly and build. Any help would be appreciated. FROM radare/radare2 USER root RUN…
Devin Zane
  • 41
  • 2
4
votes
1 answer

Getting full binary control flow graph from Radare2

I want to get a full control flow graph of a binary (malware) using radare2. I followed this post from another question on SO. I wanted to ask if instead of ag there is another command that gives the control flow graph of the whole binary and not…
user7487817
4
votes
2 answers

python - couldn't open a file using radare2: invalid option -- '0'

I have installed radare2 using pip install and then in the python shell I gave the followig lines of code Python 2.7.6 (default, Jun 22 2015, 17:58:13) [GCC 4.8.2] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>>…
UdaySagar
  • 83
  • 13
3
votes
0 answers

How to get the symbols information with radare2 when attaching to a running process

I use the below command to attach to a running process to debug it. But I can't get the symbols with the command 'is' which output nothing. r2 -a arm -b 32 -dA gdb://localhost:1234 The process is running on another device on which gdbserver is…
user3236879
  • 511
  • 2
  • 7
  • 17
3
votes
2 answers

GDB or Radare2?

Should I use GDB or Radare2 for reversing an executable(I am a beginner)? I try to programming in C and I got a SegFault. I want to Reverse Engineer it to get experience in Assembly and see where I get the SegFault.
MP13
  • 390
  • 3
  • 11
3
votes
0 answers

How to get function argument list and return value (type and value) by r2 or r2pipe, static disassembling and dynamic debugging?

When disassemble a program (Intel, arm with format elf or exe , etc) , I need to print each function's argument. Now I am working on radare 2 with r2pipe. How can I get a function's argument list (both number and type) ? Or can I get argument list…
SwordWorth
  • 39
  • 2
3
votes
2 answers

how to get value at an address with radare

If I'm using radare2, and I run, lets say dr while debugging, it'll print pointers for some of the registers. Lets pretend like esp is resolving to 0x04084308 or something similar. If I want to get the value that esp is pointing to, how could I do…
Sam Clarke
  • 120
  • 1
  • 11
3
votes
1 answer

How can I properly install and invoke 'r2snow' radare2 decompiler?

I have spent the past several hours attempting to install a decompiler with no success. Since I've recently been using radare2 as a disassembler, I figured using the associated decompiler package would work well. After finding out that radeco and…
TimD1
  • 982
  • 15
  • 26
2
votes
1 answer

Cutter console does not show printf result

0 I'm using last version (2.0.5) of Cutter. I am not able to find a way to display std in/out in Cutter Console. In the picture I cleared the console before starting debugging and you can see it after the call to the printf. Am I doing something…
Luigi
  • 21
  • 4
2
votes
0 answers

radare2: qualified vs. unqualified flags?

If I define a flag in radare2 without a prefix, like this: fs symbols f myflag=0x412 Then radare will show this label on the target address: ╎ ;-- myflag: ┌──> 0x00000412 200689 jsr 0x8906 ;[2] …
larsks
  • 277,717
  • 41
  • 399
  • 399
1
2 3 4 5