OpenRCE

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Friday, October 24 2008 11:57.08 CDT

Modified: Friday, October 24 2008 12:37.48 CDT

Printer Friendly ...

changes in 1.0rc1

Author: trufae

# Views: 2226

In two weeks 1.0 will be released and nowadays, nibble is working hard on rabin,
revenge on the osx port and macho support, and me on all the other parts (building,
bugfixing, code analysis, gui, new stuff, stabilization..)

unstable w32 build 1.0rc1
Debian/Ubuntu package

Sources:
$ hg clone http://radare.nopcode.org/hg/radare

I would like to greet Nibble for his great job in rabin. The first steps for dietbin
are going pretty well and the refactoring of it will allow us to parse and modify
any binary using the same API (ELF, PE, CLASS, MACH0 ...) So keep up the good work!

Some summary of the last changes...

- xc renamed to 'rax' O:)
- multiple file mapping on the same byte space
  http://radare.nopcode.org/doc/html/Section3.4.html#iomap
- eval vars can be accessible for math expressions too ( ? $${file.size} )
  - other new vars are now used from the code analysis ($$j $$f (jump, false, $$r reference)
- huge refactoring for dietpe and dietelf
  - fixes output, flags, endian problems, bugs,..
- added IRA (decompiler POC)
  http://news.nopcode.org/ira.txt
- semiworking VG (VisualGUI) command (Gtk with plugins)
  - uses gui.* eval vars to configure it
- ruby support fixed
- fixes for the code analysis (split graph and arm)
- pm can show field names:
  http://radare.nopcode.org/doc/html/Section3.5.6.html#print-memory
- Sections support (multiple base address depending on offset)
  http://radare.nopcode.org/doc/html/Section3.3.html#sections
- Added a brainfuck debugger IO plugin
http://radare.nopcode.org/doc/html/Chapter19.html#debug-bf
- wo command to write xor, shift right, left, add, sub, mul... on the full block
  (allows to uncipher blocks from inside radare) :)
- some enhacements for the bochs-python debugger plugin
- yank command refactoring.
- n/N keys used to go next/prev search hit in visual mode
- radiff -r used to output radare commands to patch a file ala bindiff+patch way
  with radare core. (a bit buggy, but semi working O:) .. needs some love
- pointer size support for [1:0x33] [2:0x804844] [4:0x3000] expressions...
- added 'wb' command to fill block with circular userdefined byte buffer
- graph view now supports more keybindings
   s=step, S=stepover,
   t=go true branch, f=go false branch
   b/B = set/unset breakpoints
   hjkl/HJKL - move pan view/move selected node
   : = seek to eip
   . seek to selected node
  - shift+wheel zooms the view
  - control+wheel rotate the view
  - wheel scrolls down the view
- asm.objdump working again (lot of documentation for it)
- write history can be easily reverted
- Added multiple cmd.vprompt user defined commands
- Fix some bugs for the mips disassembler.
- an example for python scripting:
http://radare.nopcode.org/doc/html/Section21.4.1.html#python-hello
- fixed socket:// plugin for nonblocking remote IO
- added seeking+codeanalysis related commands
  sn , sb (seek to next opcode, or seek to opcode branch)
- Added remote radare python API (used by bochs)
  - Allows any python-enabled application to be used remotelly by radare
   (currently implemented for bochs, but the
   http://radare.nopcode.org/doc/html/Section20.1.html#debug-bochs-demo
- Nicer scr.pal.<color-palette> to allow users to change the colors
- make rasm dump ascii-nops and 4 byte enumerations for easing the exploit landing
- file.analyze uses '.af*@@sym_' to detect and analyze all the functions of the program.
- the function analysis now shows more information and detects code xrefs and data xrefs
  - detects function sizes, stack frame size, n local vars, n args.
- fixed the build for acr/make and waf.
- added conditional expression comparisions
   > ? eip == 0x8048050
   > ?? !step           ; run step if condition matches
   > ???                ; show result of last conditional
- Added new data type 'structure' to be used with 'pm' to show data structures
- ... and much more ...

The debugger is currently working on Linux, W32, OSX, *BSD and semiworking on Solaris,
The architectures supported are powerpc (osx, linux), intel (32, 64)(w32, osx, bsd,
solaris,linux), arm (linux) and mips (linux). The osx-arm port would be 3LOC patch, but
i need some soft/hard to do it..help is welcome :)

Feed me about the changes :) i want to know if you found a bug or you just feel that
we have to focus on some or other part. btw after releasing 1.0 and 1.1 the focus
will be on refactoring, so tehre'r a lot of TODO points which depends on this work
to make them possible.

Debian/Ubuntu package has been upgraded and Gentoo one will be done after the release
(thanks ianis!).

--pancake

There are 28,228 total registered users.

Recently Created Topics
Reverse Engineering ...	Jan/23
Career: DoD Agency I...	Jan/22
"Disappearing&q...	Jan/17
Career: Software Sec...	Jan/11
Where is the call st...	Jan/07
IDA Pro 6.1 Breakpoi...	Jan/01
How to create data s...	Dec/30
can i search all mod...	Dec/23
IDA symbol table exp...	Dec/20
An anti-attach trick	Dec/17

Recent Forum Posts
Reverse Engineering ...	NirIzr
"Disappearing&q...	NirIzr
Reverse Engineering ...	charlie
"Disappearing&q...	charlie
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
An anti-attach trick	waleeda...
An anti-attach trick	Bass
Looking for value in...	NirIzr

Recent Blog Entries
	cmathieu	Feb/07
Hacker Carnival
	waleedassar	Feb/06
OllyDbg v1.10 And Hardware ...
	waleedassar	Jan/31
Yet Another Anti-Debug Trick
	RolfRolles	Jan/22
Finding Bugs in VMs with a ...
	waleedassar	Jan/13
An OllyDbg Bug Disables Sof...
More ...

Recent Blog Comments
	waleedassar on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/07
OllyDbg v1.10 And Hardware ...
	NirIzr on:	Feb/05
Yet Another Anti-Debug Trick
	trolotou on:	Feb/05
Doudoune Moncler -Pennies F...
	waleedassar on:	Feb/01
Yet Another Anti-Debug Trick
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit