The Official Radare2 Book - страница 2
An implementation of a block-based hash tool. From small text strings to large disks, rahash2 supports multiple algorithms, including MD4, MD5, CRC16, CRC32, SHA1, SHA256, and others. rahash2 can be used to check the integrity or track changes of big files, memory dumps, or disks.
$ rahash2 file
file: 0x00000000-0x00000007 sha256: 887cfbd0d44aaff69f7bdbedebd282ec96191cce9d7fa7336298a18efc3c7a5a
$ rahash2 -a md5 file
file: 0x00000000-0x00000007 md5: d1833805515fc34b46c2b9de553f599d
A binary diffing utility that implements multiple algorithms. It supports byte-level or delta diffing for binary files, and code-analysis diffing to find changes in basic code blocks obtained from the radare code analysis.
A program to find byte patterns in files.
A frontend for r_egg. ragg2 compiles programs written in a simple high-level language into tiny binaries for x86, x86-64, and ARM.
$ cat hi.r
/* hello world in r_egg */
write@syscall(4); //x64 write@syscall(1);
exit@syscall(1); //x64 exit@syscall(60);
main@global(128) {
.var0 = "hi!\n";
write(1,.var0, 4);
exit(0);
}
$ ragg2 -O -F hi.r
$ ./hi
hi!
$ cat hi.c
main@global(0,6) {
write(1, "Hello0", 6);
exit(0);
}
$ ragg2 hi.c
$ ./hi.c.bin
Hello
A launcher for running programs within different environments, with different arguments, permissions, directories, and overridden default file descriptors. rarun2 is useful for:
• Solving crackmes
• Fuzzing
• Test suites
$ cat foo.rr2
#!/usr/bin/rarun2
program=./pp400
arg0=10
stdin=foo.txt
chdir=/tmp
#chroot=.
./foo.rr2
1 - open a new terminal and type 'tty' to get a terminal name:
$ tty ; clear ; sleep 999999
/dev/ttyS010
2 - Create a new file containing the following rarun2 profile named foo.rr2:
#!/usr/bin/rarun2
program=/bin/ls
stdio=/dev/ttys010
3 - Launch the following radare2 command:
r2 -r foo.rr2 -d /bin/ls
A minimalistic mathematical expression evaluator for the shell that is useful for making base conversions between floating point values, hexadecimal representations, hexpair strings to ASCII, octal to integer, and more. It also supports endianness settings and can be used as an interactive shell if no arguments are given.
$ rax2 1337
0x539
$ rax2 0x400000
4194304
$ rax2 -b 01111001
y
$ rax2 -S radare2
72616461726532
$ rax2 -s 617765736f6d65
awesome
You can get radare from the GitHub repository: https://github.com/radareorg/radare2
Binary packages are available for a number of operating systems (Ubuntu, Maemo, Gentoo, Windows, iPhone, and so on). But you are highly encouraged to get the source and compile it yourself to better understand the dependencies, to make examples more accessible and, of course, to have the most recent version.
A new stable release is typically published every month.
The radare development repository is often more stable than the 'stable' releases. To obtain the latest version:
$ git clone https://github.com/radareorg/radare2.git
This will probably take a while, so take a coffee break and continue reading this book.
To update your local copy of the repository, use git pull anywhere in the radare2 source code tree:
$ git pull
If you have local modifications of the source, you can revert them (and lose them!) with:
$ git reset --hard HEAD
Or send us a patch:
$ git diff > radare-foo.patch
The most common way to get r2 updated and installed system wide is by using:
$ sys/install.sh
There is also a work-in-progress support for Meson.
Using clang and ld.gold makes the build faster:
>CC=clang LDFLAGS=-fuse-ld=gold meson . release --buildtype=release --prefix ~/.local/stow/radare2/release
>ninja -C release
># ninja -C release install
Take a look at the scripts in sys/, they are used to automate stuff related to syncing, building and installing r2 and its bindings.