OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Friday, October 24 2008 11:57.08 CDT

Modified: Friday, October 24 2008 12:37.48 CDT

Printer Friendly ...

changes in 1.0rc1

Author: trufae

# Views: 2744

In two weeks 1.0 will be released and nowadays, nibble is working hard on rabin,
revenge on the osx port and macho support, and me on all the other parts (building,
bugfixing, code analysis, gui, new stuff, stabilization..)

unstable w32 build 1.0rc1
Debian/Ubuntu package

Sources:
$ hg clone http://radare.nopcode.org/hg/radare

I would like to greet Nibble for his great job in rabin. The first steps for dietbin
are going pretty well and the refactoring of it will allow us to parse and modify
any binary using the same API (ELF, PE, CLASS, MACH0 ...) So keep up the good work!

Some summary of the last changes...

- xc renamed to 'rax' O:)
- multiple file mapping on the same byte space
  http://radare.nopcode.org/doc/html/Section3.4.html#iomap
- eval vars can be accessible for math expressions too ( ? $${file.size} )
  - other new vars are now used from the code analysis ($$j $$f (jump, false, $$r reference)
- huge refactoring for dietpe and dietelf
  - fixes output, flags, endian problems, bugs,..
- added IRA (decompiler POC)
  http://news.nopcode.org/ira.txt
- semiworking VG (VisualGUI) command (Gtk with plugins)
  - uses gui.* eval vars to configure it
- ruby support fixed
- fixes for the code analysis (split graph and arm)
- pm can show field names:
  http://radare.nopcode.org/doc/html/Section3.5.6.html#print-memory
- Sections support (multiple base address depending on offset)
  http://radare.nopcode.org/doc/html/Section3.3.html#sections
- Added a brainfuck debugger IO plugin
http://radare.nopcode.org/doc/html/Chapter19.html#debug-bf
- wo command to write xor, shift right, left, add, sub, mul... on the full block
  (allows to uncipher blocks from inside radare) :)
- some enhacements for the bochs-python debugger plugin
- yank command refactoring.
- n/N keys used to go next/prev search hit in visual mode
- radiff -r used to output radare commands to patch a file ala bindiff+patch way
  with radare core. (a bit buggy, but semi working O:) .. needs some love
- pointer size support for [1:0x33] [2:0x804844] [4:0x3000] expressions...
- added 'wb' command to fill block with circular userdefined byte buffer
- graph view now supports more keybindings
   s=step, S=stepover,
   t=go true branch, f=go false branch
   b/B = set/unset breakpoints
   hjkl/HJKL - move pan view/move selected node
   : = seek to eip
   . seek to selected node
  - shift+wheel zooms the view
  - control+wheel rotate the view
  - wheel scrolls down the view
- asm.objdump working again (lot of documentation for it)
- write history can be easily reverted
- Added multiple cmd.vprompt user defined commands
- Fix some bugs for the mips disassembler.
- an example for python scripting:
http://radare.nopcode.org/doc/html/Section21.4.1.html#python-hello
- fixed socket:// plugin for nonblocking remote IO
- added seeking+codeanalysis related commands
  sn , sb (seek to next opcode, or seek to opcode branch)
- Added remote radare python API (used by bochs)
  - Allows any python-enabled application to be used remotelly by radare
   (currently implemented for bochs, but the
   http://radare.nopcode.org/doc/html/Section20.1.html#debug-bochs-demo
- Nicer scr.pal.<color-palette> to allow users to change the colors
- make rasm dump ascii-nops and 4 byte enumerations for easing the exploit landing
- file.analyze uses '.af*@@sym_' to detect and analyze all the functions of the program.
- the function analysis now shows more information and detects code xrefs and data xrefs
  - detects function sizes, stack frame size, n local vars, n args.
- fixed the build for acr/make and waf.
- added conditional expression comparisions
   > ? eip == 0x8048050
   > ?? !step           ; run step if condition matches
   > ???                ; show result of last conditional
- Added new data type 'structure' to be used with 'pm' to show data structures
- ... and much more ...

The debugger is currently working on Linux, W32, OSX, *BSD and semiworking on Solaris,
The architectures supported are powerpc (osx, linux), intel (32, 64)(w32, osx, bsd,
solaris,linux), arm (linux) and mips (linux). The osx-arm port would be 3LOC patch, but
i need some soft/hard to do it..help is welcome :)

Feed me about the changes :) i want to know if you found a bug or you just feel that
we have to focus on some or other part. btw after releasing 1.0 and 1.1 the focus
will be on refactoring, so tehre'r a lot of TODO points which depends on this work
to make them possible.

Debian/Ubuntu package has been upgraded and Gentoo one will be done after the release
(thanks ianis!).

--pancake

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit