UNIX-like reverse engineering framework and command-line toolset
LGPL-3.0 License
Bot releases are visible (Hide)
Published by radare over 8 years ago
As usual, some numbers first:
Contributors: 48
Commits: 480
Issues: 135
Grep stats:
Contributor commit counter: (sys/pie.sh)
$ sys/pie.sh 0.10.1 | sort -un | tail -n 13
1 Adrien Garin
2 Adr1
3 Kitsu
4 Darredevil
5 Anders Kaare
6 Aneesh Dogra
7 Evan Shaw
8 Jeffrey Crowell
12 Maijin
16 Anton Kochkov
36 oddcoder
46 Álvaro Felipe Melchor
237 pancake
Special thanks from pancake to:
This release is much bigger than we ever thought. Thanks to Google and GSoC applications process we've got an honest amount of a students' contributions, who implemented a few file formats, improved analysis and fixed a bunch of issues.
r2 -d
and -R
shortcuts to simplify loading rarun2 profiles and using remote debugging pluginswoE
/woD
rabin2 -E
wo*y
commands using clipboard instead of [val]make menu
to choose plugins to build?E
clippy echo and use it in ????asm.spacy
and asm.flgoff
pds
)R
in visual to rotate on the color themes. (see scr.randpal
)asm.spacy
and asm.flgoff
glitchesecn
and use it from VR with scr.randpal
asm.fcnsign
is now working for non-windows binariesasm.(symbol|section)[.col]
fcn.fcnlines
in fcnvarlistr2pm -i www-t www-m
)http.referer
checks to fix CSRF vulnblx
for arm32 and thumbradiff2 -C
does not analyze by default, mimics r2 -A
aex
command to emulate an hexpair of native codeaaa
aae
aap
for static and make it work in debuggeraaaa
commandaai
command to show analysis statistics infoaav
command to show all references for section/mapt
command and add a lot of tests (@oddcoder)r2 -d gdb://
no need for -D gdb
doo
for ood
commandradare2-regressions
repoaaaaaa
commandr_lang_rust
rasm2 -A
to replace ranal2
rax2 -B
and -b
~/.config/radare2/radare2rc.d
wo*
commands to use clipboardPs
and PS
commands to save projectCz
like Cs
with automatic length detectionyl
, yw
, ywx
, wz
ys
to show clipboard as stringq
in scripts to stop interpreterPublished by radare over 8 years ago
Six weeks ago, when our great leader pancake announced "a release every 6 weeks", everyone was a bit, well, surprised, but it seems that we did it.
But first, some numbers:
solid chair society
This 0.10.1 release pushes other updates for:
Also binary builds for Windows and OSX are also available.
This is great, since it means that our downstream people who puts radare2 into package manager will be able to push updates quicker (yes, I'm looking at you, debian).
This also means more release party, which is a good thing. There wasn't an special focus on anything during that last 6 weeks, but if I had to comment on this release, I would say that its theme would be "compiling on windows", and "usability". Or something like that.
Anyway, here is the human-readable changelog:
asm.bbline
uses RAnal info to have precise resultsenv.sh
when using more than 9 argumentsebp-0x10
, ebp+0x13
becomes, respectively, local_10h
and arg_13h
) and now it works too when asm.ucase is set.Vdn
option to rename a flag/function/local variable/local argument used in the current instructionRFlag
+ better names for functions when there are symbolsahi
now supports IPv4 and syscall?d
or e asm.describe=true
)axg
to get a graph of the function xrefs to reach a specific point.The webui graph stopped working on Google Chrome because they have deprecated a js function to manipulate SVG which was used by the joint.js library, the webuis will be distributed in a separate repository and dependencies will be maintained using bower/grunt/npm. This way we will solve the license problems some distros (Debian) complained for not packaging the webuis because of non-free and confusing uglified js blobs. This will hopefully attract more web developers.
Debian, Docker, Void, FreeBSD, Sabotage and other distros raised the interest in our project, so, the 6week release cicle will hopefully fix the problem of having very old packaged versions of r2.
Windows binaries from appveyor still need to be fixed thus the windows installer.
There are some interesting wip patches to be included in the next release 0.10.2 scheduled for April 11th.
Also, it is important to note, that some people started to work on the GSoC microtasks even before knowing if we are accepted this year. This is a good sign which clearly shows the growing, healthy and brave community we have.
Have fun with this new release and keep up hacking!
Published by radare over 8 years ago
More details soon!
Published by radare about 9 years ago
Nightly build
Published by radare over 9 years ago
Homepage: http://www.radare.org
ChangeLog: http://rada.re/get/changelog2-0.9.9
Blog: http://radare.today
Android: https://play.google.com/store/apps/details?id=org.radare2.installer://play.google.com/store/apps/details?id=org.radare2.installer
iOS: http://cydia.radare.org
Windows: http://rada.re/get/pkg/radare2-w32-0.9.9.zip
WindowsPython: http://rada.re/get/pkg/radare2-bindings-w32-0.9.9.zip
Sources: http://rada.re/get/radare2-0.9.9.tar.xz
Bindings: http://rada.re/get/radare2-bindings-0.9.9.tar.xz
Extras: http://rada.re/get/radare2-extras-0.9.9.tar.xz
Valabind: http://rada.re/get/valabind-0.9.2.tar.gz
SDB: http://rada.re/get/sdb-0.9.6.tar.gz
ACR: http://rada.re/get/acr-1.0.tar.gz
Published by radare almost 10 years ago
Homepage: http://www.radare.org
Version: 0.9.8
SoundTrack: http://radare.org/get/Neuroflip-BabylonRocket-OriginalMixForR2.mp3
Music Artist: Thanks neuroflip!
ChangeLog: http://rada.re/get/changelog2-0.9.8
Sources: http://rada.re/get/radare2-0.9.8.tar.xz
Bindings: http://rada.re/get/radare2-bindings-0.9.8.tar.xz
Valabind: http://rada.re/get/valabind-0.9.0.tar.gz
SDB: http://rada.re/get/sdb-0.9.2.tar.gz
Published by radare over 10 years ago
CodeName: Segfault as a feature
ReleaseDate: 2014-03-03
http://rada.re/get/radare2-0.9.7.tar.xz
http://rada.re/get/radare2-bindings-0.9.7.tar.xz
Required valabind version to build the bindings: http://rada.re/get/valabind-0.8.0.tar.gz
ecf pink
)less
abilityt*
I would like to thank the help from Debian and VoidLinux packagers who pointed
me some issues in the build system and tested against their build machines.
Probably 0.9.7 would never have been released without them (because I was not planning
to make a bugfix release :P)
Published by radare over 10 years ago
hg tag -r 1974 0.9
codename: furoner
last commit: Tue Dec 06 01:41:17 2011 +0100
oldest commit: Tue Nov 01 12:59:07 2011 +0100
commits: 115
email: pancake<nopcode.org>
twitter: http://twitter.com/trufae
github: http://github.com/radare
Published by radare over 10 years ago
After about 10 months of development I'm proud to announce a new release of radare2. It has been delayed many times and I'm not happy about that, but stability requires some time. I'm happy to see new contributors and users interested on the project.
This document describes a compacted list of all the changes done from the previous release (0.9) and this one (0.9.2).
As always, if you want to use the r2 api from python, nodejs or others you need to install the r2-bindings package which depends on valabind and swig.
Big news for this release are an official Android package maintained by Pau Oliva (pof) and an embedded http-1.0 webserver which provides a simple way to implement an user interface.
Lot of bugs has been fixed and new CPUs are supported while code analysis gets better and is focused on x86-16,32,64, arm and mips.
Enjoy!
--pancake
git log 0.9..HEAD | grep Author| sort -u
pancake [email protected]
LGPLv3
More than 300 commits
Date: Mon Oct 1 17:48:10 2012 +0200
Date: Tue Dec 6 03:03:50 2011 +0100
mips : rewritten code analysis and added pseudodisasm and debugger
arm : import and use arm.winedbg (arm and thumb) and disassembler
x86 : enhace x86olly disasm, add more instructions to the x86.nz assembler
dalvik : add android4.x new opcodes and payload ones. added pseudo disasm
avr : use standard disassembly syntax
pd|!grep eax~ebx now works
Published by XVilka almost 11 years ago
date: 2013-11-11
^x^e
to edit the current prompt line using $EDITORSee e??scr.
for more information about the screen options.
Several enhacements to ARM, ARC, X86, Dalvik, Java (including v7) and Brainfuck assembler/disassemblers. Also, the embedded udis86/GNU based disassemblers have been updated from git.
You can now compile r2 for Haiku and Emscripten!
ASLR is now supported by using the -B flag which specifies the hardcoded base address when loading a PIE binary.
Import PLT addresses are no longer listed with rabin2 -i. For consistence: imports are ordinals and PLT entries are listed as symbols.
A reduced fork of libtcc is now included to parse C include files. At the moment only structs and enums are handled, but it is planned to support function signatures and conditional struct definitions in the future. Nested structures are supported.
[0x8048000]> "td struct Foo { int a; int b; }"
See 't?' for more help. But in short, you will be able to load .h files into sdb databases to define metadata for the disassembler.
Following the release of Valabind 0.7.4, we are now able to provide the following changelog:
I have added more scripting examples like a simple debugger.
Commands like 'clear', 'ls', 'cat', cd', 'pwd' are now supported. No need to escape to the shell with '!' for them. Bear in mind that cfg.sandbox
can be enabled to restrict access to filesystem, execution or sockets.
Those commands can be piped to system programs using the '|' like in a posix shell. The command line prompt is now better by supporting utf8 and handled new keybindings.
If in visual mode you place the cursor on top of a 'call' instruction that refers to an import and press '?' key you will read the associated manpage. Like 'K' key in vim.
You don't need to specify the path to the debugged program any more. It walks the $PATH or takes ./ if found. This is a way to make windows and unix process launching consistent.
You can run the visual debugger by using the following flags:
$ r2 -cVpp -d ls
Signals can now be captured, and passed to the target process.
Now you can properly debug 32bit binaries on Linux x86-64.
SDB is a simple key-value database that supports on-disk hashtable, arrays, json, CAS and easy string serialization for data structures.
From now on we are going to use SDB more and more inside r2 in order to speed up queries, simplify code maintainance and unify data as text with easy serialization methods.
This is the first release that comes with sdb.
An embedded webserver have been included, and you can invoke it using the =h' or '=H' commands. To make it public just
-e http.public=true`.
$ r2 -c=H /bin/ls
Improved JSON output for many commands. Just append 'j' to the command and it will use that format. From bindings you can call r_core_cmd_str() to retrieve the resulting string and parse it.
AJAX.get ("/cmd/isj", function (data) {
var symbols = JSON.parse (data);
...
}
The r2agent
is a new program that acts as a remote web interface for launching r2 sessions and interact with them using the webui.
This is the first release of r2 that makes an extensive use of the test suite in order to ensure no regressions appear while developing new features or fixing bugs. This is an important point from now on, so we will be able to cover r2 features, supported instruction set, etc. as much as possible.
We encourage all users to write test cases for every bug they report. Type 'make tests' to retrieve the testsuite from git, but this is only suposed to be used when developing. Stable versions are only for packagers. If you want to report a bug, first test it against the code in git.
The build farm runs the whole testsuite after every commit on the r2 or r2-regressions repos, this allows us to identify when and how every check was broken.
Thanks to a0rtega for his fuzzed binaries.
A new command 'pxa' have been added in order to provide support for annotated hexdumps.
Those hexdumps allows visual interaction and permits you to select range of bytes using the cursor mode, colorizing zones, adding comments, defining structs, etc.
This is still under development and we are open to new ideas and proposals to enhace this new interactive print mode.
Lot of bugs has been fixed, overflows, memory leaks, and many handcrafted binaries can now be loaded without the butthurt of segfaults, crashes or lack of info.
The farm allows us to get automatic builds for several platforms on every commit. And identify development issues earlier.
I'm pretty impressed by the raise of interest on contributing to radare2 lately, This release would not be possible without the help of the following people: