radare2 3.7 releases: unix-like reverse engineering framework and commandline tools

Introduction

r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files.

Radare project started as a forensics tool, a scriptable command line hexadecimal editor able to open disk files, but later support for analyzing binaries, disassembling code, debugging programs, attaching to remote gdb servers, …

radare2 is portable.

The main tool of the whole framework. It uses the core of the hexadecimal editor and debugger. radare2 allows you to open a number of input/output sources as if they were simple, plain files, including disks, network connections, kernel drivers, processes under debugging, and so on.

It implements an advanced command line interface for moving around a file, analyzing data, disassembling, binary patching, data comparison, searching, replacing, and visualizing. It can be scripted with a variety of languages, including Python, Ruby, JavaScript, Lua, and Perl.

  • Architectures:
    • 6502, 8051, CRIS, H8/300, LH5801, T8200, arc, arm, avr, bf, blackfin, xap, dalvik, dcpu16, gameboy, i386, i4004, i8080, m68k, malbolge, mips, msil, msp430, nios II, powerpc, rar, sh, snes, sparc, tms320 (c54x c55x c55+), V810, x86-64, zimg, risc-v.
  • File Formats:
    • ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems.
  • Operating Systems:
    • Windows (since XP), GNU/Linux, OS X, [Net|Free|Open]BSD, Android, iOS, OSX, QNX, Solaris, Haiku, FirefoxOS
  • Bindings:
    • Vala/Genie, Python (2, 3), NodeJS, Lua, Go, Perl, Guile, php5, newlisp, Ruby, Java, OCaml, …

radare2 v3.7 has been released.

Changelog

Changes

anal

  • Fix #13766 – Sum the meta_data_code as covered code
  • Add more function definitions for posix and macOS binaries
  • Add argument to ‘afll’ to select column to sort by
  • Print MSVC RTTI Warnings only on anal.verbose=1
  • Add afj command to analyze jmptbl from the shell
  • Honor RAnalBlock->switch_op in afb. and afbi
  • Improve ARM64 PAC instructions support
  • Fix #14530 – Implementation of i.~{} aka RCoreItem
  • Added val op hints to let the user define jmptbl sizes
  • Fix #14501 – Jumptables are made of signed values
  • Reduce xrefs sorting for aflj perf
  • Initial implementation of anal.trycatch blocks

asm

  • Implement PAC instructions in the ARM64 assembler

more

Download

Tutorial

Copyright (C) 2013 radare 

Source: https://github.com/radare/

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

SC ProDefence SRL - Cyber Security Services