Steps for radare 1.0-beta
trufae <trufae gmail com> |
Tuesday, September 2 2008 23:01.46 CDT |
At the end of september i plan release 1.0beta for everybody
who wants to get the latest stable release before the 1.0.
Current changes in development are quite promising.. here's a
list of them:
- debugger ported to osx-powerpc
the support is a bit worst than osx-x86, but it is the first working
port for powerpc. (The linux-powerpc should be easier)
current osx-x86 port still unusable but lot of bugs has been
fixed and now is possible to read/write memory, change page
protections, list threads and get/set gp registers ( no control flow yet )
- A user-level documentation project is being done in "The Book"
Preview downloadable at:
http://radare.nopcode.org/get/radare.pdf
( I hope to have it done for 1.0 ) but writing documentation is
making me fix some things to make it more usable. Please bug me
with the usability problems you find! :)
- the asm.os environment allows to make the analyzer act with the
syscall numbers for example act in a certain way.
- great advances in rabin
Currently rabin ships a minimalistic elf parsing library called dietelf,
actually it needs some more work, but it is much faster than the old rsc
versions. Thanks nibble for this good job!
I have added support MACH-O files and a bit of PE with esteve's code into
the 'dietpe' library.
- I have fixed lot of minor bugs and refactorized some commands
- port to waf is complete
now the build system is faster , more extensible, easy to maintain
and works on more systems and compilers.
Build instructions:
$ ./waf configure
$ ./waf
$ sudo ./waf installCurrent tested OS/arch
- FreeBSD/OpenBSD/NetBSD/Linux (intel 32/64 bits, mips, arm)
- Windows (intel 32 bits)
- Solaris/OpenSolaris (sparc/intel 32)
- OSX (intel 32bits, powerpc)
- the osx-arm port (iphone) is just few lines to change
Supported compilers:
- GCC
- Sun Studio
- TinyCC
- The debugger is also semi-ported to OpenSolaris/Solaris.
The main work is done for OpenSolaris/x86 and some basic stuff
for the debugger has been implemented, but needs some more work
to make it functional.
- Assembling in the shell
The inline assembler now ships the ollyasm code to assemble opcodes
using the 'rasm' command with '-a olly' to select the architecture.
the ollyasm is full of segfaults, so, take care :) is not my code
so if you prefer you can also use the gnu assembler or nasm in this
way:
$ rasm -a rsc 'mov eax,33'
b8 21 00 00 00this can be used by pressing 'a' in the visual mode.
in the same way you can disassemble from the command line with:
$ rasm -d 'b8 21 00 00 00'
mov eax, 0x21- Write block command has been added to fill a buffer with a certain contents
using a cyclic memcpy:
[0x00000000]> b 128 ; set block size to 128 bytes
[0x00000000]> wb cc 90 90 cc 23 76 ; fill the block with these bytes- The seek history is now managed from the same 'seek' command:
> s- ; undo seek
> s+ ; redo seek
> s* ; list all seeks
> s! ; reset seek history- All the write changes done by radare are stored in a linked list and can
be managed with the 'u' command giving a positive or negative index to
toggle a write change.
- Visual browsers for flags and configuration
Pressing 'e' in visual mode you will enter in the 'eval' configuration
to setup it without having to manually read all the eval vars which
is sometimes a hard solution.
Pressing 't' you will track all the flag spaces and then browse the
inner flags and temporally visuzlie the buffer in hexa, disasm, etc..
or just seek to it by pressing 'return'
- Enhacements in the debugger
breakpoint handling has been finally fixed and now software and
hardware breakpoints can be used just changing dbg.hwbp variable.
both kind of breakpoints acts in the same way
The latest fixups for x86-64 makes it quite more usable and stable
on the GNU/Linux platform.
Now the debugger is working on x86, mips, arm and there's good
support for linux, bsd, w32 and work in progress one for solaris (on
intel and sparc) and macosx for intel, powerpc and arm.
- tracing functionalities
i have implemented the 'touchtrace' something that Gadix point me
to make a faster tracer to avoid tracing twice the same instructions.
the tracing results can be managed with 'at' (analyze traces) command.
each executed opcode stores inforamtion about execution time, number
of times it has been executed and order index.
There's a python API for handling this metadata
- There's not much usable GUI frontend but gradare provides a quite
scalable way to provide a simple one with external monitoring windows
and multiple graph views with integration with the debugger, so it
is possible to set breakpoints on basic blocks using the mouse on the
graph view for example.
- The '!set' and '!get' commands has been removed
TO change the values of the registers now use:
> !reg ; list all gp registers
> !reg eax ; show value of register eax
> !reg eax = 33 ; set valule- Scripting with python:
Currently radare can run scripts in python, lua and perl in batch mode
or from inside the radare session.
$ radare -i script.py -d /bin/lsf.ex: this .py script will be executing commands to debug the target program.
The code analysis engine and the graphing functionalities can be also
managed from python code.
- Import data from IDA using the ida2rdb.idc script for IDA after opening a file..
I will probably add support for evarista (from ERESI) too :)
- The java class disassembler and analyzer has been fixed again :)
Further work will focus the ARM port which is currently running quite
nicely but needs some more love like a better disassembler, btw i have
published a prebeta package for maemo (nokia 770,800,810):
http://radare.nopcode.org/get/radare_1.0-beta_armel.deb
As always you can fetch a fresh copy of the source at:
hg clone http://radare.nopcode.org/hg/radareOr browse the repository online:
http://radare.nopcode.org/hg/radare?log
See http://radare.nopcode.org for more information
Enjoy!
--pancake
Comments
| Posted: Wednesday, December 31 1969 18:00.00 CST | |