Radare2 -commands for Reverse Engineering

-

 

 File and Binary Loading

  • r2 <binary>: Open a binary file.
  • r2 -d <binary>: Open a binary in debugging mode.

aaa

This is a shortcut for “analyze all." This command analyses our binary and looks for executable sections and looks for calls. when it finds a call, it looks for the destination of the call.

afl

Display all the functions in the code.

V

By pressing the capital letter V, show us all the different types of views the assembly view, graph views and the debugging view. Press the letter ‘p’ to navigate between the views.

  • pdf: Print the disassembled function where the current seek is.
  • pdr: Print function recursively (entire call graph).
  • af <address>: Analyze a specific function at <address>.
Navigation
  • s <address>: Seek to a specific address.
  • s - or s +: Move backward or forward.
  • s entry0: Seek to the program's entry point.
  • s sym.main: Seek to the main function (if symbols are present)

Disassembly and Debugging

  • pd 10: Disassemble 10 instructions from the current address.
  • px 32: Print 32 bytes in hex.
  • db <address>: Set a breakpoint at <address>.
  • dc: Continue execution.
  • ds: Step into the next instruction.
  • dso: Step over the next instruction.
  • dr: Display or modify registers (e.g., dr eax=0).

Searching

  • /c <string>: Search for a string.
  • /x <hex>: Search for a hexadecimal pattern.
  • /R <value>: Search for a specific value in memory.

Debugging in Visual Mode

  • V: Enter visual mode.
    • F2: Set a breakpoint.
    • F7: Step into.
    • F8: Step over.
    • F9: Continue execution

 Information

  • i: General information about the binary.
  • iI: Detailed imports information.
  • ii: List of imports.
  • is: List of symbols.
  • ic: List of classes (if the binary uses C++ or similar).

Comments

Post a Comment

Popular posts from this blog

Bug Boundy Methodology, Tools & Resources

-
Image
Start by defining a clear objective, such as exploiting a remote code execution (RCE) vulnerability or bypassing authentication on your target. Then, consider how you can achieve this goal using various attack vectors like XSS, SSRF, or others - these are simply tools to help you reach your objective. Use the target as how a normal user would, while browsing keep these questions in mind: 1)How does the app pass data? 2)How/where does the app talk about users? 3)Does the app have multi-tenancy or user levels? 4)Does the app have a unique threat model? 5)Has there been past security research & vulnerabilities? 6)How does the app handle XSS, CSRF, and code injection?
Read more

Install & set up mitmweb or mitmproxy in Linux

-
Image
Step 1: Go to the mitmproxy page and download the binaries. Step 2: Install the downloaded tar file with the command " tar -xzf <filename>.tar.gz " Step 3: In the FoxyProxy add the proxy 127.0.0.1:8080  and turn it on. Step 4 : In the terminal run command " ./mitmweb " Step 5: Go to the page  http://mitm.it/   and download the mitmproxy's Certificate. Step 6: If you downloaded the certificate for Firefox, then go to " settings -> Privacy & Security -> Click View Certificates -> Click  Import ", then import the certificate.  Step 7: Now you are ready to capture the web traffic. Step 8 : In terminal run " ./mitmweb"
Read more

Day 20: Search in Rotated Sorted Array: Binary Search - leetcode - Python3

-
Image
  There is an integer array   nums   sorted in ascending order (with   distinct   values). Prior to being passed to your function,  nums  is  possibly rotated  at an unknown pivot index  k  ( 1 <= k < nums.length ) such that the resulting array is  [nums[k], nums[k+1], ..., nums[n-1], nums[0], nums[1], ..., nums[k-1]]  ( 0-indexed ). For example,  [0,1,2,4,5,6,7]  might be rotated at pivot index  3  and become  [4,5,6,7,0,1,2] . Given the array  nums   after  the possible rotation and an integer  target , return  the index of  target  if it is in  nums , or  -1  if it is not in  nums . You must write an algorithm with  O(log n)  runtime complexity. Example 1: Input: nums = [4,5,6,7,0,1,2], target = 0 Output: 4 Example 2: Input: nums = [4,5,6,7,0,1,2], target = 3 Output: -1 Example 3: Input: nums = [1], target = 0 Output: -...
Read more