OpenRCE

📚 OpenRCE is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.

About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New

Customize Theme

Flag: Tornado! Hurricane!

Created: Sunday, April 12 2009 17:13.08 CDT

Printer Friendly ...

radare2 porting hackaton

Author: trufae

# Views: 5994

I'm going to invoke a hackaton on radare2 for the next sunday (2009-04-19).

Previous hackatons were organized without any defined objectives, but I
think we need to expose some points to do, to centralize the efforts and
stabilize the code for the release which is planned for 2009-04-25.

The main points for this hackaton (feel free to do whatever else ;) are:

- Porting radare2 to windows, freebsd, netbsd, openbsd, solaris
- Porting to sparc, mips, arm, powerpc, m68k
- Porting to other compilers (TCC, MSVC, MINGW32, ICC, Forte, ...)
- Fixing build issues for packaging on debian/gentoo/arch/nix/..
- Fixing gcc warnings

The work on these points can probably expose endian issues, makefile
design bugs, non-portable/standard C code, casting problems, etc..

---

Lot of work has been done these days without many mails in the
list, and if you are not following the commits this mail will give
you feedback about the current state.

elektranox is working on making radare1 to be included in the
Debian linux distribution. We are working together to fix the
lintian issues reported to avoid installation issues.

As I have already told, radare1 is currently in a frozen state. All
the current work is done in the radare2 repository and only
minor fixups and build issues are going to change in radare1.

New releases for both versions will be released next week during
the BS3C congress in Bilbo:

http://www.blindsec.com/jornadas/index.html

There will be two talks about radare. One about practical debugging
sessions and another about binary manipulation using r_bin, r_asm
and r_anal (this one by Nibble). They will be in spanish.

The talk I did a month ago in the Fiberparty (Barcelona) was recorded
and here's the media files to be downloaded (I would like to thank Graz
for the mirror).

http://mirror.radare.org/get/

There is also a wmv encoded clip, but the theora one is at best resolution.
This talk is in spanish too.

Nibble has been working in the analysis and binary modules of radare2
(r_anal and r_bin). The Java classfiles, ELF32/64 and PE32/64 binary formats
are now more stable and functional.

r_asm can now assemble multiple opcodes in a single line and it has been
integrated together with some basic directive commands (.byte , ..) in
rasm2 and radare2. You will have to quote the wa command to concatenate
the opcodes in a single line:

> "wa nop;mov eax,33;int 0x80"

The r_anal module now handles the ascii-art reflines at the left of the disasm
output using the 'pd' radare2 command.

We now have a new library called r_bininfo that implements an interface for
getting debugging information from binaries, The plugins will use libdwarf
and so on, to extract information from the r_io file.

From my side I am working on r_bp that interacts with r_debug and its plugins
to manage a generic breakpoint database independently from the debugger
backend, so we will be able to setup multiple breakpoints for software/hw,
for read-write-exec, for a certain length at a memory offset. And then move
the process from the dbg-ptrace backend to the dbg-qemu and keep the
breakpoints working. Breakpoint expressions will be also handled from the
same module.

The r_bp module will provide a plugin interface for extending software breakpoint
instructions for multiple architectures, endians, etc..

The r_asm module now rsolves an available assemble() plugin if the current plugin
used only support disassemble(). Each asm plugin now exports information
about the architecture string suported and the supported register sizes.

The Visual mode in radare2 is now more functional and usable, cursor usage can be
now used with the 'a' and 'w' commands to write assembled opcodes or hexpair
strings like in r1.

We now have some basic metadata support in radare2, so we can add comments.

I have added a basic binary tree implementation and it is currently used in r_flag
to accelerate the resolution of flags by offset.

configure script accepts --with-compiler and --with-ostype flags to choose compiler
profiles and force operating system. I have fixed some basic issues for the mingw32
porting.

There are more things done, but these are the most interesting ones.

Enjoy

Blog Comments

Dreg	Posted: Tuesday, April 14 2009 00:00.11 CDT
very good work, like ever :-)

graz	Posted: Wednesday, April 15 2009 03:08.39 CDT
Nice!

There are 31,328 total registered users.

Recently Created Topics
[help] Unpacking VMP...	Mar/12
Reverse Engineering ...	Jul/06
let 'IDAPython' impo...	Sep/24
set 'IDAPython' as t...	Sep/24
GuessType return une...	Sep/20
About retrieving the...	Sep/07
How to find specific...	Aug/15
How to get data depe...	Jul/07
Identify RVA data in...	May/06
Question about memor...	Dec/12

Recent Forum Posts
Finding the procedur...	rolEYder
Question about debbu...	rolEYder
Identify RVA data in...	sohlow
let 'IDAPython' impo...	sohlow
How to find specific...	hackgreti
Problem with ollydbg	sh3dow
How can I write olly...	sh3dow
New LoadMAP plugin v...	mefisto...
Intel pin in loaded ...	djnemo
OOP_RE tool available?	Bl4ckm4n

Recent Blog Entries
	halsten	Mar/14
Breaking IonCUBE VM
	oleavr	Oct/24
Anatomy of a code tracer
	hasherezade	Sep/24
IAT Patcher - new tool for ...
	oleavr	Aug/27
CryptoShark: code tracer ba...
	oleavr	Jun/25
Build a debugger in 5 minutes
More ...

Recent Blog Comments
	nieo on:	Mar/22
IAT Patcher - new tool for ...
	djnemo on:	Nov/17
Kernel debugger vs user mod...
	acel on:	Nov/14
Kernel debugger vs user mod...
	pedram on:	Dec/21
frida.github.io: scriptable...
	capadleman on:	Jun/19
Using NtCreateThreadEx for ...
More ...

Imagery

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit