OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Friday, October 29 2010 07:48.40 CDT

Direct Link, View / Make / Edit Comments

radare2 0.6 released

Author: trufae

# Views: 5873

Nibble and me are pleased to announce a new release of radare2 0.6.

It's about 3 months from the last release (0.5) and the changelog got about +200 commits
fixing and adding stuff.. We have written down a short list of the most important changes:

  http://radare.org/get/changelog2-0.6-short

The source code can be found here:

  http://radare.org/get/radare2-0.6.tar.gz

valaswig and r2-swig bindings have been upgraded too:

  http://radare.org/get/valaswig-0.3.tar.gz
  http://radare.org/get/radare2-swig-0.6.tar.gz

Now is time for the Arch/Debian/Gentoo/w32 packagers!

I have uploaded a build of r2 on windows:

  http://radare.org/get/w32/radare2-w32-0.6.zip

And a beta build of the python2.7 bindings for windows:

  http://radare.org/get/beta/radare2-swig-w32-0.6.zip

Have fun!

Created: Friday, July 23 2010 06:46.28 CDT

Modified: Friday, July 23 2010 06:48.45 CDT

Direct Link, View / Make / Edit Comments

radare2 0.5 released

Author: trufae

# Views: 4081

After 7 months of development we are proud to announce another great release of r2.

Codename is 'ilo li jo e ma'.. A quite general description of what radare is in tokipona :)

Many good changes come with it. So it's recommended for distro packagers and users to upgrade.

The source can be downloaded from:

  http://radare.org/get/radare-0.5.tar.gz

A short changelog can be found in:

  http://radare.org/get/changelog-0.5-short

Some highlights are:

- plugins can be now written in Vala
- support for java bindings
- better support for osx/w32
- enhacements in java, arm and mips
- signatures support (can generate, search and store)
- function level code graph diffing
- better code analysis
- some autocompletion goods in r2 prompt
- log execution traces and mark basic blocks
- new commands for debugger
- many many fixes
- new command '/a' to search opcodes referencing an address
- project files are now supported (r2 -p)
- and much more

if you want language bindings valaswig 0.2 and swig2 are required (swig2 is required for java, for perl, ruby, python and lua swig1.3 should do the trick)

  http://www.swig.org/
  http://live.gnome.org/Vala
  http://www.radare.org/get/valaswig-0.2.tar.gz

windows, osx builds and documentation will eventually appear.. But i cant promise anything now.

--pancake

Created: Friday, March 26 2010 03:48.30 CDT

Direct Link, View / Make / Edit Comments

radare2 0.4 released

Author: trufae

# Views: 14799

After 6 months from 0.3 we're proud to announce a new release of r2.

You can find the short changelog here:
  http://radare.org/get/changelog-0.4-short

The sources are:
  http://radare.org/get/radare2-0.4.tar.gz

This time, it comes with full language bindings for python, lua, ruby and perl. To build those bindings you need:
  * Installed radare2 and swig
  http://radare.org/get/valaswig-0.1.tar.gz
  http://radare.org/get/radare2-swig-0.4.tar.gz

I have also built a mingw32 version, not everything works as fine as in *nix..but its a good beggining:
  http://radare.org/get/radare2-0.4-w32.zip

The python web interface for r2 debugger and demos of the python bindings can be retrieved here:
  hg clone http://radare.org/hg/r2w

Valadoc is valid for bindings too, check vdoc for api documentation:
  http://radare.org/vdoc

Debian packages are already done and will be pushed into sid soon (thanks sre!). Ubuntu and gentoo will follow.

In this released we have focused the develpment in refactoring and cleaning up the build system to allow crosscompiling, automatic language binding, portability, debian inclusion, non-pic compilation and more..

But this is not all.. There's the first steps on the debugger implementation on linux 32/64/arm/mips and some minor work on osx and w32. Code analysis is also doing its first steps by generating full graph about 10 times faster than r1 (thanks nibble for this work).

See full changelog for more information!

Next release will focus on bindiffing, code analysis, debugging on w32, gdb and osx.. Feel free to comment your priorities or the stuff you are interested to have in r2.

--pancake

Created: Sunday, April 12 2009 17:13.08 CDT

Direct Link, View / Make / Edit Comments

radare2 porting hackaton

Author: trufae

# Views: 5993

I'm going to invoke a hackaton on radare2 for the next sunday (2009-04-19).

Previous hackatons were organized without any defined objectives, but I
think we need to expose some points to do, to centralize the efforts and
stabilize the code for the release which is planned for 2009-04-25.

The main points for this hackaton (feel free to do whatever else ;) are:

- Porting radare2 to windows, freebsd, netbsd, openbsd, solaris
- Porting to sparc, mips, arm, powerpc, m68k
- Porting to other compilers (TCC, MSVC, MINGW32, ICC, Forte, ...)
- Fixing build issues for packaging on debian/gentoo/arch/nix/..
- Fixing gcc warnings

The work on these points can probably expose endian issues, makefile
design bugs, non-portable/standard C code, casting problems, etc..

---

Lot of work has been done these days without many mails in the
list, and if you are not following the commits this mail will give
you feedback about the current state.

elektranox is working on making radare1 to be included in the
Debian linux distribution. We are working together to fix the
lintian issues reported to avoid installation issues.

As I have already told, radare1 is currently in a frozen state. All
the current work is done in the radare2 repository and only
minor fixups and build issues are going to change in radare1.

New releases for both versions will be released next week during
the BS3C congress in Bilbo:

http://www.blindsec.com/jornadas/index.html

There will be two talks about radare. One about practical debugging
sessions and another about binary manipulation using r_bin, r_asm
and r_anal (this one by Nibble). They will be in spanish.

The talk I did a month ago in the Fiberparty (Barcelona) was recorded
and here's the media files to be downloaded (I would like to thank Graz
for the mirror).

http://mirror.radare.org/get/

There is also a wmv encoded clip, but the theora one is at best resolution.
This talk is in spanish too.

Nibble has been working in the analysis and binary modules of radare2
(r_anal and r_bin). The Java classfiles, ELF32/64 and PE32/64 binary formats
are now more stable and functional.

r_asm can now assemble multiple opcodes in a single line and it has been
integrated together with some basic directive commands (.byte , ..) in
rasm2 and radare2. You will have to quote the wa command to concatenate
the opcodes in a single line:

> "wa nop;mov eax,33;int 0x80"

The r_anal module now handles the ascii-art reflines at the left of the disasm
output using the 'pd' radare2 command.

We now have a new library called r_bininfo that implements an interface for
getting debugging information from binaries, The plugins will use libdwarf
and so on, to extract information from the r_io file.

From my side I am working on r_bp that interacts with r_debug and its plugins
to manage a generic breakpoint database independently from the debugger
backend, so we will be able to setup multiple breakpoints for software/hw,
for read-write-exec, for a certain length at a memory offset. And then move
the process from the dbg-ptrace backend to the dbg-qemu and keep the
breakpoints working. Breakpoint expressions will be also handled from the
same module.

The r_bp module will provide a plugin interface for extending software breakpoint
instructions for multiple architectures, endians, etc..

The r_asm module now rsolves an available assemble() plugin if the current plugin
used only support disassemble(). Each asm plugin now exports information
about the architecture string suported and the supported register sizes.

The Visual mode in radare2 is now more functional and usable, cursor usage can be
now used with the 'a' and 'w' commands to write assembled opcodes or hexpair
strings like in r1.

We now have some basic metadata support in radare2, so we can add comments.

I have added a basic binary tree implementation and it is currently used in r_flag
to accelerate the resolution of flags by offset.

configure script accepts --with-compiler and --with-ostype flags to choose compiler
profiles and force operating system. I have fixed some basic issues for the mingw32
porting.

There are more things done, but these are the most interesting ones.

Enjoy

Created: Monday, January 26 2009 09:53.21 CST

Modified: Monday, January 26 2009 09:53.43 CST

Direct Link, View / Make / Edit Comments

radare 1.2 and libr refactoring

Author: trufae

# Views: 5518

This is an stabilization release after the new year's 1.1 one. It fixes some
installation issues noticed by the gentoo maintainer.

Dont expect too much new features in this version, We (nibble and me) have been
spending most of the time working on 'libr'. The full refactoring of radare into
a set of libraries reducing LOCs, adding test cases, removing warnings, adding
language bindings and the vala api.

As always:

  http://radare.org/get/radare-1.2.tar.gz
  http://radare.org/get/changelog-1.2-short

We plan to make a hackaton for libr in about two weeks. I will ping the mailing
again :)

The reason for libr is that after two years of scratchy development we think the
base is well defined and now the task is a full rewrite from scratch trying to
refactor everything to keep the core simple and minimalistic but bypassing all the
limitations and ugly hacks we have faced during the development of the old 1.0 core.

In a month we have refactored most of the old code into 20 libraries which can be
easily detached from each other to use in your own projects. Expect some licensing
changes for this library..GPL is not designed for libraries and LGPL is probably a
good option but we have to discuss about it. Because the base should be Free.

We have managed to write some minimal implementations of the radare1 programs (rax,
rabin, rasm, radare...) as test programs inside libr (see src/libr fmi) they are
now 10-200 LOC =). Obviously they are incomplete and didnt support all the options
of the old ones, but this is just a question of time. radare2 will be built on top
of libr.

Our plan is to continue working in the refactoring to provide a simpler user interface
but at the same time providing more features in less lines of code. Some basic
optimizations has been done, but major ones will be done when finished.

Actually it's just a toy, but reusing the old code is pretty simple and the development
goes fast :) as always ;)

You can find some vala code examples in src/libr/vapi/t like this one:

--------------------------------------------------
using Radare;

public class AsmExample
{
        public static void main(string[] args)
        {
                Asm.State st = new Asm.State();
                st.set_arch( Asm.Arch.X86 );
                st.set_bits( 32 );
                st.set_big_endian( false );
                st.set_pc( 0x8048000 );

                uint8 *buf = "\xcd\x21";
                st.disasm(buf, 2);
                stdout.printf("%s\n", st.buf_asm);
        }
}
---------------------------------------------------

For 1.3 the plans are to have some core apps replaced by the new libr ones and get more
stuff done in libr with some more refined apis.

Current libraries are:

asm: assemble, disassemble, pseudodisassemble in multiple architectures
bin: parse elf32/64 and pe32 (pe64, mach0, class will be imported soon)
cmd: handles short and long radare commands
config: handles configuration hashtable
cons: multi-os access to console (ansi, html and plain text)
core: implements a radare instance
flags: handles offset marks
hash: checksumming, hashing and entropy calculations
io: wraps IO with backend plugins with support for maps, sections, undos and caches
lib: multi-os library for loading plugins
line: minimalistic multi-os replacement for readline
macro: the scripting macro engine of radare
print: multiple print modes (hexdumps, dates, formatted structures, etc..)
range: handle ranged list of elements
search: search engine with binary masks, strings (ascii, widechar), patterns, expanded aes, ...
socket: easy-to-use socket api
syscall: multi-os api for querying syscall information
util: cross-library utilities for strings, memory, numbers, mathematical expressions...
vm: standalone implementation of the radare vm for emulating any architecture

vm, search, cons and io are not yet stabilized at api level. If you want to follow the
development, please pull the source from mercurial

  hg clone http://radare.org/hg/radare

Plans for 2.0 are:
  - use r_lib as plugin loading api (plugins for all!)
  - parrot bindings (no more scripting limitations)
  - vala bindings (fearless graphical programming)
  - switchable debugging api (use ptrace, mach, bochs, internal vm, etc.. seamlessly)
  - distribute libr as binary modules for your projects.
  - r_core_thread for multithreaded capabilities
  - lot of test cases
  - stabilize api
  - free beer :)

Thanks to Nibble for the development and nopcode people for supporting my crazy talks
about radare scripting. mandingo for the betatesting and esteve for the pattern finding
algorithm fix :)

Enjoy

Archived Entries for trufae

Subject	# Views	Created On
radare 1.1 - codename "pre2k9"	4767	Wednesday, December 31 2008
Another invalid opcode representation	3579	Thursday, November 20 2008
radare 1.0 released	3400	Sunday, November 9 2008
changes in 1.0rc1	2744	Friday, October 24 2008
Closer to radare 1.0	2335	Friday, September 19 2008
Steps for radare 1.0-beta	2535	Tuesday, September 2 2008
radare 0.9.6 released	2903	Wednesday, May 21 2008
Opcode execution cost	4995	Thursday, April 24 2008
Another incorrect disassembly	3707	Wednesday, April 9 2008
Debugging with your fingers	3768	Monday, February 18 2008
radare videos	3932	Sunday, February 10 2008
Gokolu - Binary string source identifier	3219	Friday, December 21 2007
Multi-Byte nops	3346	Wednesday, November 28 2007
pcme crackme	2819	Friday, August 31 2007
Analyzing binaries using a navigator	3119	Saturday, May 26 2007

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit