{"@attributes":{"version":"2.0"},"channel":{"title":"The Official Radare Blog","link":"https:\/\/radareorg.github.io\/blog\/","description":"Recent content on The Official Radare Blog","generator":"Hugo -- gohugo.io","language":"en-us","lastBuildDate":"Sun, 06 Sep 2020 00:00:00 +0000","item":[{"title":"GSoC 2020: SLEIGH Disassembler Backend","link":"https:\/\/radareorg.github.io\/blog\/posts\/sleigh_disassembler_backend\/","pubDate":"Sun, 06 Sep 2020 00:00:00 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/sleigh_disassembler_backend\/","description":"Introduction Hello all, I’m Jiaxiang Zhou from China. I was lucky to be selected as a participant of Radare2 project this year. My main work was to integrate SLEIGH as a disassembly backend into Radare2. r2ghidra-dec was my main working repository, aiming to delivering Ghidra’s decompiler to Radare2. It could be renamed as r2ghidra since it would become not only a decompiler but a complete bridge between Radare2 and Ghidra after this project."},{"title":"RSoC 2019 Final: Console Interface Improvements","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2019-console-interface-improvement\/","pubDate":"Tue, 01 Oct 2019 14:10:05 +0530","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2019-console-interface-improvement\/","description":"RSoC 2019 Final: Console Interface Improvements Introduction: Hello all, I\u2019m deepakchethan from India. I got to work on the console interface improvements for radare2 as a part of 2019\u2019s edition of Radare Summer of Code. My main task was to improve the terminal interface of radare2. As a part of which I was tasked with completing 6 main tasks. I was unable to complete the table API myself, gladly pancake helped me with implementing the Table engine, while I worked on the integration and various improvements of it."},{"title":"Radare2 Summer of Code 2019 Selection Results","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2019-selection\/","pubDate":"Tue, 02 Apr 2019 00:00:00 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2019-selection\/","description":"As you might remember radare2 organization was a part of Google Summer of Code for many years already. Sadly this year we weren’t selected for participation, thus decided to open our own Radare2 Summer of Code season one more time (we did a few time already too). We want to thank NowSecure and KeenLab of Tencent one more time for helping us to make it happen.\nThe rules and requirements for the RSoC'19 were very similar to GSoC one, with a slightly shifted schedule, so people would give RSoC selection results before the GSoC deadline, to be able apply to GSoC in case of RSoC rejection."},{"title":"Radare2 Community Survey Results","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-survey\/","pubDate":"Sat, 02 Feb 2019 00:00:00 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-survey\/","description":"Overview As part of our efforts to make radare2 as relevant as possible for our community, we decided to involve our users in the decision-making process. A few weeks ago we published a short survey, collecting different questions from wide range of types. We asked our users to choose their preferences for different commands, what would they prefer for developers to focus on, and even what makes them prefer other tools over radare2."},{"title":"Radare2 and bioinformatics: a good match?","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-bioinformatics\/","pubDate":"Fri, 31 Aug 2018 00:00:00 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-bioinformatics\/","description":"Intro Ahead of this years’ radarecon, pancake nudged me into discussion we both have about how software reverse engineering and bioinformatics compare and might complement each other, if at all. Inspired by Bunnie Huang’s writeups on (computational) biology as a living example of a cross-domain polymath, I’ll attempt to write down some thoughts and pointers on how radare could be used (or not) in bioinformatics and hopefully manage expectations on what’s possible today."},{"title":"GSoC 2018 Final: Debugging and Emulation Support for Cutter","link":"https:\/\/radareorg.github.io\/blog\/posts\/cutter_debug\/","pubDate":"Mon, 20 Aug 2018 11:52:13 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/cutter_debug\/","description":"Intro Hi, I’m mandlebro and during the summer I worked on the GSOC project “Debugging and Emulation Support for Cutter”. The goal of this GSOC project was to integrate radare2’s debugging and emulation capabilities in Cutter.\nYou can check all my commits in the following links:\n Cutter commits radare2 commits  Developed features During the duration of the project I both worked in radare2 and Cutter. On radare2 side I provided a json interface to existing r2 commands so that they could be well parsed on Cutter side as well as worked on some ESIL features."},{"title":"GSoC 2018 Final: Console Interface Improvementes","link":"https:\/\/radareorg.github.io\/blog\/posts\/cli_improvements\/","pubDate":"Sun, 19 Aug 2018 08:27:46 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/cli_improvements\/","description":"Introduction Hi, I’m cyanpencil and I was selected for the Console Interface Improvement task for the 2018 edition of the GSoC.\nI had a lot of fun spending this summer coding for radare. I learned so many things, and had an amazing experience overall. I am very grateful to my mentors, Xvilka, Pancake and Maijin, they were always present and closely followed me during the entire summer.\nMy task was to improve some aspects of the terminal interface of radare2."},{"title":"GSoC 2018: Control Flow Structuring for Radeco-lib","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_radeco_cfs\/","pubDate":"Sun, 12 Aug 2018 21:42:12 -0400","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_radeco_cfs\/","description":"GSoC 2018: Control Flow Structuring for Radeco-lib Introduction This summer, I implemented the control flow structuring algorithm described in No More Gotos. The algorithm takes a program represented as a control flow graph and converts it into a semantically equivalent program but with all control flow represented with C-like control flow statements (e.g. if-statements, while-loops, etc.) and zero goto statements.\nExample bool c0 = test0(); if (!c0) { run1(); } if (c0 && test2()) { run4(); } else { run3(); } run5(); Algorithm Overview This section is essentially a (very brief) summary of No More Gotos."},{"title":"Gsoc 2018 Radeco Pseudo C Code Generation","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_radeco_pseudo_c_code_generation\/","pubDate":"Sun, 12 Aug 2018 23:26:15 +0900","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_radeco_pseudo_c_code_generation\/","description":"GSoC 2018 Radeco Pseudo C Code Generation Introduction This summer, I was working on C-like pseudocode generation with radeco. Althrough radeco was able to analyze executables, it could not decompile analyzed executables. My work allows to use radeco for generating C-like pseudocode from analyzed executables.\nUsage Installation Note: Nightly Rust is required. You can install it using rustup.\n$ rustup install nightly $ rustup default nightly $ git clone https:\/\/github.com\/radareorg\/radeco $ cd radeco $ cargo install Decompilation $ echo '#include<stdio."},{"title":"GSoC'18 Final: Type inference","link":"https:\/\/radareorg.github.io\/blog\/posts\/type_inference\/","pubDate":"Sun, 12 Aug 2018 01:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/type_inference\/","description":"GSoC has almost been finished. I would like to summarize my work done so far this summer.\nThe goal of this task was to integrate types handling into the radare2 analysis loop, including automatic inference and suggestions.\nExample  C - source code  #include <stdio.h>#include <stdlib.h>#include <string.h> void main() { int length, length2; char *final; char *s1 = "Hello"; char *s2 = " r2-folks"; length = strlen (s1); length2 = strlen (s2); }  Before my work  \/ (fcn) sym."},{"title":"Background Tasks in radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/background_tasks\/","pubDate":"Tue, 03 Jul 2018 20:45:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/background_tasks\/","description":"Recently, I have been working on improving performance in Cutter, the radare2 GUI, especially when working with larger binaries. One major issue was that almost everything that accessed r2, such as updating the list of functions, strings, etc., was running on the main thread, and thus freezing the UI. While this is barely noticeable with smaller binaries, it can lead to a severe impact on usability for larger ones.\nThe obvious solution for this is to somehow run the work in the background and update the UI when it is done."},{"title":"Android Crackme and Structure offset propagation","link":"https:\/\/radareorg.github.io\/blog\/posts\/crackme_with_tl\/","pubDate":"Sat, 16 Jun 2018 01:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/crackme_with_tl\/","description":"Today we will look into the recently introduced feature in r2 - structure offset propagation.\nWe will use it to solve a crackme based on reversing an Android JNI (Java Native Interface) library.Beware that the feature is still WIP and being constantly improved.\nThis challenge is originally from NDH2012-wargame, so we are provided with an NDH.apk file, now after decompiling and using JD-GUI to browse through the code we can find some interesting functions :"},{"title":"GSoC'18 Progress Report - May","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_progress_report_may\/","pubDate":"Thu, 31 May 2018 01:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_progress_report_may\/","description":"A few weeks passed but our students worked hard and achieved a tremendous results already. Lets see what they have to say about this:\nCyanpencil’s update Hi, I’m cyanpencil, and in those initial three weeks of the GSoC 2018 I took care of the commands relative to graph drawing (all the commands starting with ag).\nThose commands were a bit confusing because each of them required a different syntax \/ used different config variables, resulting in a ag?"},{"title":"GSoC 2018 Selection Results","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_selection\/","pubDate":"Tue, 24 Apr 2018 02:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018_selection\/","description":"We are happy to announce this year we accepted five students: two for radare2 itself, two for radeco and one for cutter.\nHMPerson1 Hi, I’m Michael Zhang, also known as HMPerson1. I’m a first-year student at Purdue University. I use radare2 regularly when playing CTFs to disassemble and analyze binaries. Although radare is very powerful, there’s only so much that can be done staring at dissassembly. Having access to source code would make analysis much easier."},{"title":"GSoC 2018","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018\/","pubDate":"Mon, 05 Mar 2018 02:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2018\/","description":"Hell yeah! We’re accepted in the Google Summer of Code, again! Hurry hurry, pick (or propose) a task, and spend the summer with us, improving radare2! Analysis, decompilation, GUI, portability, \u2026 you name it.\nDuring the previous years, students implemented awesome features (analysis, structure support, windows-related improvements, \u2026). What are you going to implement next?\nThe applications are ending the 27th of March, so hurry up, we’re waiting for you \u2665"},{"title":"Using r2 to analyse Minidumps","link":"https:\/\/radareorg.github.io\/blog\/posts\/minidump\/","pubDate":"Mon, 02 Oct 2017 08:00:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/minidump\/","description":"The minidump format is used by Microsoft for storing user-mode memory dumps. It is an openly documented format that is also extensible, but it is almost always analysed in WinDbg [1][2].\nThis article describes how to perform analysis of minidumps using radare2 mdmp module.\nInstallation If you use radare2 from git as recommended nothing to do, you should already be able to identify the fileformat as mdmp rather than any."},{"title":"GSoC 2nd stage and RSoC 1st stage report","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsocrsoc_2017_2\/","pubDate":"Mon, 14 Aug 2017 08:00:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsocrsoc_2017_2\/","description":"GSoC 2nd stage and RSoC 1st stage report Good morning ladies and gentlemen. As you probably know radare2 project was overly busy this summer by hosting Google Summer of Code and our own - Radare Summer of Code, 5 students in total. Woot, but now as summer comes to a close, we would like to report the progress from each of our students!\nSrimanta Barua (GDB server and client) Compared to the feature-implementing frenzy of the first phase, the second phase of GSoC involved more bug-fixes and closing of old issues."},{"title":"r2pipe API","link":"https:\/\/radareorg.github.io\/blog\/posts\/r2api\/","pubDate":"Mon, 17 Jul 2017 00:00:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/r2api\/","description":"r2pipe\nThe r2pipe design comes from the fact that using native APIs is much more complex and slower rather than using raw command strings and parsing the output. It encourages users to write pipe implementations which interact with the “quiet” mode of radare2 and use JSONs for easier deserialization. We have multiple implementations already present with a number of users opting to use exploratory languages such as Python and Ruby."},{"title":"RSOC 2017","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2017\/","pubDate":"Wed, 21 Jun 2017 21:42:10 -0700","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2017\/","description":"Radare Summer of Code 2017 - Selection Results This year, apart from our Google Summer of Code campaign we decided to start our own campaign again. But unlike the previous year we asked our candidates to focus on the high-level part of radare project - radeco and rune. We’ve been working on a decompiler (radeco) for 3 years already, and hope that this year you’ll be able to see the generated C pseudocode for the first time."},{"title":"GSoC 2017 selection results","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2017_selection\/","pubDate":"Mon, 15 May 2017 02:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2017_selection\/","description":"Google Summer of Code 2017 Good morning ladies and gentlemen! We’re happy to present you our 3 students, who passed all the hurdles of GSoC'17 selection and successfully shown their passion for radare2 development. Two projects are related to debugging capabilities of radare2 - both local and remote, and the 3rdone will improve the most wanted platform support - Windows.\nHere they are introducing themselves and their projects:\nRkx1209 Hi. I’m rkx1209 from Japan and I have been working on Timeless Debugging support for radare2’s debugger."},{"title":"Project files","link":"https:\/\/radareorg.github.io\/blog\/posts\/project-files\/","pubDate":"Sun, 12 Mar 2017 17:30:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/project-files\/","description":"Project files Disclaimer: Projects files are highly subject to change but here is the current state on March 14th 2017. The feature is still under high work in progress please see the section Future of Project Files and How to Help.\nPurposes The Project files are used to store information related to your radare2 session. The idea is to use this Project file to save your analysis for later work, share it with an audience (colleagues, friend, RE articles…), and scripting."},{"title":"Radare2 and Capstone","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-capstone\/","pubDate":"Thu, 09 Mar 2017 18:30:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-capstone\/","description":"Radare2 and Capstone This blogpost is the response to an observable fact: People don’t know that Radare2 is using Capstone\/Keystone\/Unicorn.\nThis is also a blogpost to address the numerous comparisons done online to these two different components.\nDefining the tools   Capstone is a multi-architecture disassembly framework\n  Keystone is a multi-architecture assembler framework\n  Unicorn Engine is a multi-architecture CPU emulator framework\n  Radare2 is a reverse engineering framework, it includes, in addition to other functionality: multi-architecture disassembly, assembly, and CPU emulation."},{"title":"GSoC 2017","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2017\/","pubDate":"Thu, 09 Mar 2017 02:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc_2017\/","description":"Good news everyone!\nGather round, we’ve got incredible good news for everyone!\nWe’re happy to announce that we’re (again) accepted for the Google Summer of Code! For this occasion, we wrote a fancy website with everyone you have to know to participate: mentors, ideas, contacts, protips, micro-tasks, \u2026\nDuring the last years, students implemented interesting features, like structures support, a better analysis engine, \u2026 we’re looking forward to see what you are going to implement next ;)"},{"title":"R2-1.0 Finally released","link":"https:\/\/radareorg.github.io\/blog\/posts\/r2-1.0\/","pubDate":"Sun, 06 Nov 2016 17:40:41 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/r2-1.0\/","description":"radare2 1.0 comes with 20122 new lines of new features, bug fixes and enhancements. Here some of the most important highlights:\nThe project have finally reached 1.0. What does it mean?\nIt means that 10 years have passed and the ecosystem changed enough since its inception that it requires a new rethink of the versioning numbers.\nPushing a new release every 6 weeks, increasing 0.1. And adding +1.0 after every r2con."},{"title":"r2con","link":"https:\/\/radareorg.github.io\/blog\/posts\/r2con_2016\/","pubDate":"Mon, 12 Sep 2016 12:30:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/r2con_2016\/","description":"During the last couple of days in Barcelona, at the aurea social, everyone was at the r2con, to celebrate the 10thbirthday of radare2! It was an amazing 3-days event, which first day was dedicated to trainings, while the two others were all about interesting\/fancy\/weird talks!\n\nWe did our very best to setup a video stream, but unfortunately, we didn’t managed to get something working. But, all the talks (except one) were recorded, and are now available online!"},{"title":"GSOC, The last commit 213c6f","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-the-last-commit-213c6f\/","pubDate":"Thu, 25 Aug 2016 13:13:29 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-the-last-commit-213c6f\/","description":"It has been so long since I posted, the reason is that I have been quite busy with my GSOC timeline. Yes, I know I said I will write blogs once every week, but I learned the hard way how not to do such promises again ;).\nI guess it is time to summarize the whole 3 months work, but before I start, I would like to state that all my contributions are in basically 2 repositories: radare2 and radare2-regression, you can find my contributions here and here for both repositories."},{"title":"GSoC WebUI overview","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-webui-overview\/","pubDate":"Sat, 20 Aug 2016 17:40:41 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-webui-overview\/","description":"by https:\/\/twitter.com\/GautierGC\nApril 22th, my GSoC proposal for the radare web UI [was accepted] https:\/\/summerofcode.withgoogle.com\/organizations\/4965722304282624\/#5484657504157696. Until today, I’ve made the UI progressed. The purpose of this article isn’t to close this chapter but to relate what I’ve done and share my experience about this Google Summer of Code.\nI would like to make a short overview of what I’ve done, a big picture of what I improved during the last months."},{"title":"Emulating a simple bootloader","link":"https:\/\/radareorg.github.io\/blog\/posts\/emulating-simple-bootloader\/","pubDate":"Tue, 16 Aug 2016 19:16:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/emulating-simple-bootloader\/","description":"Introduction Generally speaking, emulating a bootloader is simpler than it is for regular binaries, because they lack external libraries and usually have direct access to memory and hardware.\nIn this case, the bootloader is a binary for x86 architecture which runs in 16-bits real mode using BIOS calls to perform its loading duties and textual input\/output.\nThe idea here is to emulate Cropta1 crackme using radare2 ESIL emulation, providing the needed BIOS via a trivial quick & dirty python implementation of just what it’s needed to run the crackme code."},{"title":"Disassembly functionnalities inside Web UI \/m","link":"https:\/\/radareorg.github.io\/blog\/posts\/webui-m-disasm\/","pubDate":"Thu, 11 Aug 2016 19:02:46 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/webui-m-disasm\/","description":"by GautierGC\nIn this blog post, we will discover the functionnalities of the disasm panel from the material Web UI and how are they implemented. This take place in the Material Web UI in place of the current implementation. If you want to read more details about the implementation and how it works, you can read this technical article on my blog.\nSo, this new module about disassembly has the following functionnalities:"},{"title":"Retrieving configuration of a Remote Administration Tool (Malware) with radare2 statically","link":"https:\/\/radareorg.github.io\/blog\/posts\/malware-static-analysis\/","pubDate":"Thu, 11 Aug 2016 08:30:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/malware-static-analysis\/","description":"Introduction This article was written during BSidesLV, BlackHat and Defcon events.\n** We highly recommend you to try to do the analysis by yourself before looking at this article. Here is a fake one cfd26988d55294870f2676117cf1307ca4acdf8d **\nA remote administration tool (also known as a RAT) is a piece of software that allows a remote “operator” to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, such software is usually associated with criminal or malicious activity."},{"title":"Crosscompile radare2 with dockcross","link":"https:\/\/radareorg.github.io\/blog\/posts\/dockcross\/","pubDate":"Wed, 10 Aug 2016 00:30:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/dockcross\/","description":"So you want to cross-compile radare to some exotic architecture? Use this docker and you’ll save some headache:\nHere’s and example on how changes required for i.e ARMv5 (no hard float) borrowed from mk\/armel.mk:\nARCH=arm CROSS_ROOT=\/usr\/bin CROSS_TRIPLET=${ARCH}-linux-gnueabi CC=${CROSS_ROOT}\/${CROSS_TRIPLET}-gcc USERCC=${CROSS_ROOT}\/${CROSS_TRIPLET}-gcc RANLIB=${CROSS_TRIPLET}-ranlib CC_AR=${CROSS_ROOT}\/${CROSS_TRIPLET}-ar -r ${LIBAR} (...)  After defining your new mk\/arch.mk file it should be pretty straighforward to install the dockcross tool from one of its own containers:\n$ docker run thewtex\/cross-compiler-linux-armv5 > ~\/bin\/dockcross $ chmod +x ~\/bin\/dockcross  And then, compile normally from inside the container:"},{"title":"10 years old","link":"https:\/\/radareorg.github.io\/blog\/posts\/10-years-old\/","pubDate":"Fri, 05 Aug 2016 00:30:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/10-years-old\/","description":"10 years passed since the first release of radare, and 8 since radare2. It was pretty primitive at the time, and lot of things has happened since that.\nSPOILER: Radare2’s Congress Announcement\nThe tool was mainly used and written by me (@pancake) from the very first days. I was missing many interesting features in the opensource reverse engineering so I decided to collect and integrate all the interesting things that could fit on top of an abstracted IO layer, from disassemblers to debuggers or filesystems."},{"title":"RSoC 2016 progress","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2016-progress\/","pubDate":"Tue, 02 Aug 2016 13:00:10 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2016-progress\/","description":"This year we’re hosting our own Radare Summer of Code, again!\nThis is why we have selected 4 students:\n Aneesh Dogra (FAT PE binaries) Alexandru Razvan Caciulescu (ROP generator) Rakholia Jenish (Kernel level interfaces) Pankaj Kataria (SROP and COOP generators)  FAT PE binaries At first, Aneesh Dogra adding the support of FAT PE binaries: those PEs can contain multiple programs inside, like 16bit MZ stub, both native and MSIL\/CIL(."},{"title":"How goes the Google Summer of Code?","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-midterm-2016\/","pubDate":"Thu, 23 Jun 2016 21:00:10 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc-midterm-2016\/","description":"As you know this year we’re taking part in the Google Summer of Code, with 3 students on cool tasks:\n completing radeco, our own decompiler, by sushant94 improving variables and function arguments analysis, by anoddcoder completing our web interface, by gauthiergc  Lets see what our students were supposed to do, what they did, and what is now planned.\nRadeco The main task for GSoC\u201916 is to introduce type inference for radeco and produce pseudo C output."},{"title":"Radare2 Explorations: New book released!","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-explorations\/","pubDate":"Fri, 10 Jun 2016 18:00:46 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-explorations\/","description":"by http:\/\/github.com\/monosource\nContext One of the challenges that people must face when starting to learn radare is getting to know how to use it for their specific needs; after all, not everyone uses radare for exploitation or forensics. As mentioned before, radare is indeed documented.\nIf the difficulty is not related to a lack of documentation, then where does it originate from? There’s no middle ground between experimenting with each command in radare and replicating the writeups that people post online for often difficult challenges they solved."},{"title":"Improving analysis","link":"https:\/\/radareorg.github.io\/blog\/posts\/improving-analysis\/","pubDate":"Mon, 09 May 2016 21:00:10 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/improving-analysis\/","description":"One of the main tasks of Radare2 is to statically analyse executables. This includes binary files disassembly, analysing functions setting calling conventions, auto detecting arguments and type propagation. Autodetecting arguments and type propagation are part of my Google Summer of Code task.\nNew analysis round is added for argument detection. It is architecture independent and supposed to capture all arguments and variables then auto rename them. This analysis round is built on top of ESIL."},{"title":"The BIG big endian patch","link":"https:\/\/radareorg.github.io\/blog\/posts\/big-big-endian\/","pubDate":"Wed, 04 May 2016 16:04:13 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/big-big-endian\/","description":"This text comes from radare2’s doc\/endian. And aims to explain the reason why radare2 codebase was handling endianness in a problematic way. damo22 cooked a huge patch addressing those issues and making the code endian-independent. This means that at compile time the code doesn’t assumes any local specific endian.\nEndian issues As hackers, we need to be aware of endianness.\nEndianness can become a problem when you try to process buffers or streams of bytes and store intermediate values as integers with width larger than a single byte."},{"title":"Using RAsm","link":"https:\/\/radareorg.github.io\/blog\/posts\/rasm\/","pubDate":"Tue, 26 Apr 2016 11:47:13 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rasm\/","description":"RAsm Recently I have noticed that many people gets saturated by the amount of stuff r2 can do and most users end up not learning anything.\nSo that’s why I am going to start writing a series of blog posts showing one feature at a time, making it as simple as possible.\nWhat’s rasm? The ‘r’ in r_asm stands for radare, and it’s one of the several libraries shipped with radare2."},{"title":"Radare 0.10.2","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-2\/","pubDate":"Mon, 11 Apr 2016 23:30:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-2\/","description":"radare2 0.10.2 - Release Notes Codename: Panamake\nAs usual, some numbers first:\nContributors: 48 Commits: 480 Issues: 135 Grep stats: * Fixes: 269 * Add: 107 * Enhance: 7 * New: 7 * Esil: 18 * Anal: 36 * Leak: 15 Contributor commit counter: (sys\/pie.sh)\n$ sys\/pie.sh 0.10.1 | sort -un | tail -n 13 1\tAdrien Garin 2\tAdr1 3\tKitsu 4\tDarredevil 5\tAnders Kaare 6\tAneesh Dogra 7\tEvan Shaw 8\tJeffrey Crowell 12\tMaijin 16\tAnton Kochkov 36\toddcoder 46\t\u00c1lvaro Felipe Melchor 237\tpancake Special thanks from pancake to:"},{"title":"Ramoji2","link":"https:\/\/radareorg.github.io\/blog\/posts\/ramoji2\/","pubDate":"Fri, 01 Apr 2016 00:00:00 +0000","guid":"https:\/\/radareorg.github.io\/blog\/posts\/ramoji2\/","description":"The main complain by new radare2 users is the learning curve because of the complexity of the mnemonic commands.\nThis is why we are releasing a new interface based on emoji! No need to know english, or assembly or even understand what the hell the entropy is. Just look at those cute pictures and build a story right in your terminal.\nWe hope that such a mode could bring the joy of reverse engineering to everyone, including kids."},{"title":"Radare 0.10.1","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-1\/","pubDate":"Mon, 29 Feb 2016 23:30:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-1\/","description":"radare2 0.10.1 - Release Notes Six weeks ago, when our great leader pancake announced “a release every 6 weeks”, everyone was a bit, well, surprised, but it seems that we did it.\nBut first, some numbers:\n Codename: solid chair society Weeks: 6 Commits: ~280 Issues Fixed: 50 Contributors: 38 New contributors: 10 New easter-eggs: 1  This 0.10.1 release pushes other updates for:\n sdb acr radare2 radare2-bindings radare2-extras  Also binary builds for Windows and OSX are also available."},{"title":"Radare 0.10.0","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-0\/","pubDate":"Thu, 21 Jan 2016 23:30:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-10-0\/","description":"On Monday 16th, we released a new version of radare2, the 0.10.0, codename NOLAN. Since you might be a but too lazy to read every single commit, we\u2019re going to highlight some cool new features together!\nNumbers Thanks to more than 100 contributors who issued more than 2000 commits, here is what changed:\n$ git checkout 0.10.0 && git diff 0.9.9 --shortstat 1095 files changed, 80695 insertions(+), 40792 deletions(-) We would like to thanks all contributors, especially the newcomers, that made this release possible."},{"title":"Unpacking shikata-ga-nai by scripting radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/unpacking-shikata-ga-nai-by-scripting-radare2\/","pubDate":"Tue, 08 Dec 2015 01:00:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/unpacking-shikata-ga-nai-by-scripting-radare2\/","description":"During latest hacklu’s radare workshop, one part was dedicated to how to generically unpack shikata-ga-nai. This blogpost is a simple transposition of the slides into a blogpost.\nDisclaimer: almost everything here is stolenbased on ideas from NighterMan.\nFirst, was is Shitkata-ga-nai? It’s a polymorphic shellcode encoder implemented into metasploit:\nmsf > info encoder\/x86\/shikata_ga_nai > out.txt Name: Polymorphic XOR Additive Feedback Encoder Module: encoder\/x86\/shikata_ga_nai Platform: All Arch: x86 Rank: Excellent Provided by: spoonm <spoonm@no$email."},{"title":"Analysis By Default","link":"https:\/\/radareorg.github.io\/blog\/posts\/analysis-by-default\/","pubDate":"Wed, 25 Nov 2015 12:47:13 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/analysis-by-default\/","description":"Analysis By Default Many people that starts using radare2 complain about having a different workflow than other similar tools like IDA or Hopper.\nProbably the most annoying part for them is that it doesn’t run the analysis at startup. And this is the reason why I’m writing this blog post right now : to avoid having to explain why, again and again :)\nTo begin with, r2 is a pretty broad tool."},{"title":"Hacklu 2015","link":"https:\/\/radareorg.github.io\/blog\/posts\/hacklu-2015\/","pubDate":"Tue, 27 Oct 2015 16:10:46 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/hacklu-2015\/","description":"Like last year, some radare2 developers and contributors went to the 11th edition of the hack.lu, in Luxembourg, to hold not one, but two 5 hours-long workshops!\n maijin did the first part, about what is radare2 and how to use it jvoisin did the second one, about how to write a nocd for a classic game, and (based on the work of NighterMan, also about how to unpack shikata ga nai with ESIL."},{"title":"Update On Radeco","link":"https:\/\/radareorg.github.io\/blog\/posts\/update-on-radeco\/","pubDate":"Sat, 26 Sep 2015 23:51:06 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/update-on-radeco\/","description":"This post is to outline the work completed during the Google Summer of Code 2015 (GSoC) period and show you a glimpse of radeco and where we are heading with it.\nFor those who are not aware, radeco is a decompiler framework that is developed and maintained by the radare team. The entire framework is open source, flexible and reusable. The base of radeco is radeco-lib that implements the analysis and transformations that are needed for decompiler."},{"title":"Extracting Digital Signatures from Signed Malware with pf","link":"https:\/\/radareorg.github.io\/blog\/posts\/extracting-digital-signatures-from-signed-malware\/","pubDate":"Thu, 03 Sep 2015 23:14:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/extracting-digital-signatures-from-signed-malware\/","description":"Introduction Lot of malware\/PUP (Potential Unwanted Programs)\/Adwares are now digitally signed. Those signatures can contain interesting properties that can be used as Indicators Of Compromise (IOC) by analysts or used to perform some large-scale analysis on a lot of samples. As an example, let’s use the recent signed dridex sample sample (5df62149bb91084eb677aecff7a8ca5fffeaaa23).\nOn Windows the Portable Executable file format uses IMAGE_DIRECTORY_ENTRY_SECURITY to store the information which corresponds to the 5th IMAGE_DATA_DIRECTORY."},{"title":"chsh -s \/usr\/bin\/r2","link":"https:\/\/radareorg.github.io\/blog\/posts\/r2-as-a-unix-shell\/","pubDate":"Wed, 26 Aug 2015 16:36:33 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/r2-as-a-unix-shell\/","description":"Radare2’s prompt is quite powerful and handy to use, but sometimes you need to interact with the filesystem or spawn system programs.. and spawning new shells or quitting r2 is not an option.\nFor those cases, the simplest solution would be to just type ! and then type the shell command you like. This prefix command will just escape to the shell and run the text you type as in the system shell."},{"title":"The GSoC is Over!","link":"https:\/\/radareorg.github.io\/blog\/posts\/the-gsoc-is-over\/","pubDate":"Tue, 25 Aug 2015 13:13:29 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/the-gsoc-is-over\/","description":"Good news everyone! Our first time participation in the Google Summer of Code, thanks to our previous and current experience of the hosting of the Radare Summer of Code, was a great success. It wouldn’t have been possible without the help of the great Solar Designer, who took us under Openwall’s project umbrella for the GSoC.\nWe had two GSoC students successfully complete tasks related to Radeco, our new, work in progress, decompiler."},{"title":"Interview of ret2libc","link":"https:\/\/radareorg.github.io\/blog\/posts\/interview-of-ret2libc\/","pubDate":"Thu, 16 Jul 2015 11:53:57 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/interview-of-ret2libc\/","description":"Almost one month since our last article, time flees. This article is an interview of a new contributor, that greatly enhanced one of the most visually impressive feature of radare2, the one that our propaganda departmentcontributors loves to show at conferences!\n Who are you ?   Hi, I’m ret2libc, I was an IDA addicted and this is my 10thday that I don’t use IDA.\n  Hi ret2libc   Just joking, I still use IDA, but I’d really love to switch in the future, when r2 will be good enough."},{"title":"Update from the GSoC 2","link":"https:\/\/radareorg.github.io\/blog\/posts\/update-from-the-gsoc-2\/","pubDate":"Thu, 18 Jun 2015 14:55:42 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/update-from-the-gsoc-2\/","description":"As part of GSoC I (dkreuter) and sushant94 have been working the last three weeks on what should become the basis for a decompiler integrated with the radare2 reversing framework.\nFor now it’s a standalone program written in Rust that can read the radare2 code format ESIL. The rough process involves generating control and data flow graphs in SSA form for the input, applying simplifications on that, similar to compilers, and picking appropriate constructs in a target language to represent the input."},{"title":"Update From the GSoC","link":"https:\/\/radareorg.github.io\/blog\/posts\/update-from-the-gsoc\/","pubDate":"Mon, 15 Jun 2015 21:36:21 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/update-from-the-gsoc\/","description":"As you know, we have 2 students working on r2 for the Google Summer of Code!\nAs we’re 3 weeks into the Summer, here’s what one of our student, sushant94 has to say about what he’s been working on!\nIt’s been three weeks into GSoC and I’m having an amazing time. I am working along side dkreuter and been learning tons from him too!\nHere is the repository where you can track our progress and also give us suggestions :)"},{"title":"Radare 0.9.9","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-9-9\/","pubDate":"Sat, 06 Jun 2015 11:46:57 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-9-9\/","description":"Today, we’re releasing a new version of radare2, the 0.9.9, codename Almost There. Since you might be a bit too lazy to read every single commit, we’re going to highlight some cool new features!\nNumbers Thanks to more than 50 contributors who issued something like 1700 commits, here is what changed:\n$ git checkout 0.9.9 && git diff 0.9.8 --shortstat 839 files changed, 156490 insertions(+), 18885 deletions(-) {pancake} I would like to give a special thanks to all the new contributors that made this release possible."},{"title":"Solving 'int3rupted' from defcon 2015 qualifier with r2","link":"https:\/\/radareorg.github.io\/blog\/posts\/solving-int3rupted-from-defcon-2015-qualifier-with-r2\/","pubDate":"Thu, 04 Jun 2015 21:43:59 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/solving-int3rupted-from-defcon-2015-qualifier-with-r2\/","description":"In previous blog posts we’ve shown how radare2 can be useful for exploiting “baby” level challenges. Let’s show how we can use it to find the bug and ultimately exploit a 5 point pwning challenge from the DEFCON 2015 qualifiers!\nYou can find the binary here if you want to play along at home.\nTo start with, in the challenge, we were just given a hostname and ip address, no binary was given!"},{"title":"Defeating baby_rop with radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/defeating-baby_rop-with-radare2\/","pubDate":"Tue, 19 May 2015 23:55:59 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/defeating-baby_rop-with-radare2\/","description":"In order to content the people that wanted something less hand-holding than this writeup which they say is too detailed and this one not enough, we decided to write this blogpost: not too short, not too long, and about pwning!\nThe binary was a challenge (called baby_rop) from a small CTF that took place in France, called the sthack.\nAs always, if you don’t get a command, append ? to it to get documentation."},{"title":"Using radare2 to pwn things","link":"https:\/\/radareorg.github.io\/blog\/posts\/using-radare2\/","pubDate":"Thu, 14 May 2015 23:45:49 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/using-radare2\/","description":"While more and more people are using radare2 during ctf, in the same time we’ve got more and more complains that there is not enough documentation about radare2.\nThis article’s goal is to make a small cheat-sheet when it comes to pwn things with our beloved piece of software.\nKeep in mind that:\n Every character has a meaning (w stands for write, p stands for print, \u2026) Every command can be a succession of character (pdf stands for p: print, d: disassemble, f: function Every command is documented with ?"},{"title":"GSoC qualifications","link":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc\/","pubDate":"Mon, 27 Apr 2015 22:45:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/gsoc\/","description":"Attention, people of the internet!\nGather round, we’ve got incredible good news for everyone!\nWe’re incredibly happy to announce the acceptance of two students for the Google Summer of Code 2015:\nDavid Kreuter and Sushant Dinesh.\nBoth students have already completed complex tasks, just as a qualification: an ESIL implementation for the 8051 architecture, and an ESIL-to-REIL converter.\nWe hope that they’ll continue hard work at the same tempo and will make decompilation for radare2 much better Hex-Rays’ decompiler."},{"title":"Rop'n'roll","link":"https:\/\/radareorg.github.io\/blog\/posts\/ropnroll\/","pubDate":"Sat, 18 Apr 2015 15:00:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/ropnroll\/","description":"You may have already read this article 8 months ago, but since we changed a lot the ROP-related syntax, we’re quite sure that you won’t mind reading an updated version\nAs attackers are moving forwards, so does the defense. Since a couple of years, every decent operating system has non-executable stack, defeating the classic ‘put your shellcode on the stack and execute it’ modus operanti.\nThis is why attackers are now using (among other things) Return Oriented Programming, also known as ROP, to bypass this protection."},{"title":"We have been acquired by Hex-Rays","link":"https:\/\/radareorg.github.io\/blog\/posts\/we-have-been-acquired-by-hex-rays\/","pubDate":"Wed, 01 Apr 2015 13:19:38 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/we-have-been-acquired-by-hex-rays\/","description":"[edit] Of course, this article was an April fool.\nThis will be the final post here (you can now follow us on this one instead), as radare has been acquired by Hex-Rays, and the radare2 project will be soon ported to ida-python. This has several advantages :\n Maintaining such a big software in such an old language like C is tiresome, using a high-level one will allow use to write more features in less lines of code."},{"title":"[GR]SoC","link":"https:\/\/radareorg.github.io\/blog\/posts\/grsoc\/","pubDate":"Wed, 11 Mar 2015 23:02:27 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/grsoc\/","description":"We’ve got two pieces of good news for you; the first one is that our RSoC is now live! The second is a bit surprising: we’ve got a GSoC slot!\nGSoC Thanks to solar designer who offered us to be part of the GSoC, under the umbrella of the Openwall project, we’ve got a slot for a single student to work on radare2 for a couple of months, while being payed $5,500!"},{"title":"RSoC 2015","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2015\/","pubDate":"Tue, 03 Mar 2015 17:18:58 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-2015\/","description":"It seems that our rejection from the GSoC is becoming a tradition: along with Mozilla, Tor, The Linux Foundation, and OWASP, we weren’t accepted. But fear not, like last year, we’re going to do our very own Radare Summer of Code: welcome to the RSoC'15!\nLast year was our first time. Some things went wrong, others went well; but at the end r2 gained both shiny features and happy new contributorsa and those are the only things that really matter."},{"title":"Google Summer of Code 2015","link":"https:\/\/radareorg.github.io\/blog\/posts\/google-summer-of-code-2015\/","pubDate":"Fri, 20 Feb 2015 21:37:40 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/google-summer-of-code-2015\/","description":"We have applied to be a mentoring organization for this year\u2019s Google Summer of Code.\nWe recognize that GSoC is always a fierce competition, but we are, as ever, hopeful that we will join many other fine organizations in a great summer of hacking. If you are a student interested in applying, please head over to our ideas page and begin thinking about what you might like to hack on. Furthermore, we have several low-hanging fruits if you want to play a bit with the codebase."},{"title":"Interactive ASCII graphs","link":"https:\/\/radareorg.github.io\/blog\/posts\/awesome-ascii-graphs\/","pubDate":"Fri, 06 Feb 2015 22:30:43 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/awesome-ascii-graphs\/","description":"The graph feature of IDA, ImmunityDBG or Hopper are great to have a quick overview of what you’re dealing with. This is why we have graphs too in radare2, but since we’re terminal-lovers, ours are cooler in ASCII!\nAfter analyzing a function with af or any other method, type VV to get: We’ve got call graphs, which are way more understandable than simply listing the XREF adresses. To see it, simply press V when you’re in graph mode."},{"title":"What is planned for r2 in 2015?","link":"https:\/\/radareorg.github.io\/blog\/posts\/what-is-planned-for-r2-in-2015\/","pubDate":"Tue, 27 Jan 2015 19:39:56 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/what-is-planned-for-r2-in-2015\/","description":"That’s an interesting question, isn’t it?\nOur last release was intended to be focused on bug-fixing, but we accidentally added tons of features, a new webui, enhaced debugger, code emulation and much more. This was supposed to land in the 0.9.9 version, which will be ready in February.\nLocal variable detection has been uncommented and it’s now using SDB as storage and supports basic X86-32\/64 and ARM constructions.\nCurrently, you can do several low level analysis operations like manually define\/resize\/remove\/merge\/… functions (ask a?"},{"title":"Parsing a fileformat with radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/parsing-a-fileformat-with-radare2\/","pubDate":"Sun, 11 Jan 2015 01:55:32 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/parsing-a-fileformat-with-radare2\/","description":"Thanks to Skia, one of our RSoC participants, radare2 is now able to show structures, like headers, in a meaningful way.\nUsage Lets see an example together (or watch the video):\n$ r2 -nn \/bin\/true The -nn option tells radare2 to load predefined binary structures.\n[0x00000000]> pf. pf.elf_header [16]z[2]E[2]Exqqqxwwwwww ident (elf_type)type (elf_machine)machine version entry phoff shoff flags ehsize phentsize phnum shentsize shnum shstrndx pf.elf_phdr qqqqqqqq type offset vaddr paddr filesz memsz flags align pf."},{"title":"The new web interface","link":"https:\/\/radareorg.github.io\/blog\/posts\/the-new-web-interface\/","pubDate":"Wed, 03 Dec 2014 10:40:18 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/the-new-web-interface\/","description":"Thanks to pwntester, we’ve got a new web-interface for radare2! You can either get it by using the latest git, or try it on our cloud.\nLets highlight the new features:\nGraphing The web-interface is now using viz.js to show interractive graphs, and the disassembly has now syntax highlighting, like the command line interface. When we say Interractive, we mean that you can not only move the graph, but also modify, edit and annotate it."},{"title":"Radare2 is documented","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-is-documented\/","pubDate":"Wed, 26 Nov 2014 00:29:31 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare2-is-documented\/","description":"Some miscreants are saying that radare2 is not documented, this is wrong.\nThe Book The “radare book” was released together with radare 1.0, several years ago, so some of the examples\/features may not be compatible with radare2.\nYou can read it online or download the PDF.\nRecently, our tester in chief, maijin, started a project to update the radare book to create the radare2 book; feel free to contribute.\nA book focused on practical case by monosource is also available : radare2-explorations"},{"title":"The RSoC is over","link":"https:\/\/radareorg.github.io\/blog\/posts\/the-rsoc-is-over\/","pubDate":"Mon, 17 Nov 2014 08:20:09 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/the-rsoc-is-over\/","description":"October is over and we delayed a bit the end of the RSoC in order to get everything done for the release, and it seems that little happened as planned:\nThe RSoC advertisement was a great opportunity to get new developers interested in contributing to the project, some of them even without joining the RSoC took some points that weren’t requested and delivered them! That’s pretty cool, because our two selected students disapeared during the summer."},{"title":"Radare 0.9.8","link":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-9-8\/","pubDate":"Wed, 12 Nov 2014 17:26:07 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/radare-0-9-8\/","description":"Eight months ago, radare2 0.9.7 was released; today, we’re happy to announce radare 0.9.8!\nIn details and numbers:\n More than 2500 commits More than 120 new users in #radare (+300%) About 60 contributors. 13 colorscheme themes. 8 months 1 great leader One homepage A version nubmer: 0.9.8 A soundtrack! Thanks to neuroflip!  Downloads:  Sources Bindings Valabind SDB Git repository  Since you surely can read the 2500 commits by yourself (or the detailed changelog), we’re just going to highlight some cool new features and improvements:"},{"title":"Extending r2 with new plugins","link":"https:\/\/radareorg.github.io\/blog\/posts\/extending-r2-with-new-plugins\/","pubDate":"Sun, 09 Nov 2014 12:00:00 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/extending-r2-with-new-plugins\/","description":"One of the key features behind r2 is how easily it can be extended with new libraries or plugins. In this blopost, we’ll see the steps to add a new plugin in radare2.\nLet’s say we want to add a new plugin for r_asm because we are working with binaries of an architecture not supported by r2. Of course, adding a new plugin for another lib would be mostly the same."},{"title":"We were at hack.lu 2014!","link":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-hack-lu-2014\/","pubDate":"Thu, 06 Nov 2014 14:55:11 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-hack-lu-2014\/","description":"Hack.lu was a really great 4 day long convention in Luxembourg, organised by the CIRCL, where we (jvoisin, maijin and xvilka) did two 6h-long workshops about radare2 wit in front of a crowed room. In total more than 60 people attended!\nAt first, we didn’t expected much people and planned only one workshop. But we ended up refusing people and doing a second one the day after!\nMaijin did the first part, dedicated to reversing and actually using radare2, jvosin the second one about exploitation, and xvilka did the last one; about reversing and analysing firmwares."},{"title":"Zignatures","link":"https:\/\/radareorg.github.io\/blog\/posts\/zignatures\/","pubDate":"Wed, 05 Nov 2014 22:16:46 +0100","guid":"https:\/\/radareorg.github.io\/blog\/posts\/zignatures\/","description":"by http:\/\/twitter.com\/j0sm1 modified by @Obaied\nIn this blog post, we are going to show a simple example of the radare2 \u201czignatures\u201d functionality. To manage \u201czignatures\u201d in radare2, the only thing you have to do is type \u2018z\u2019 in the radare console. Here you can get more info on this ‘z’ command:\nr2console> z? |Usage: z[abcp\/*-] [arg]Zignatures | z show status of zignatures | z* display all zignatures | z-prefix unload zignatures with corresponding prefix | z-* unload all zignatures | z\/[ini] [end] search zignatures between these regions | za ."},{"title":"Solving 'At gunpoint' from hack.lu 2014 with radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/solving-at-gunpoint-from-hack-lu-2014-with-radare2\/","pubDate":"Sat, 25 Oct 2014 15:23:58 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/solving-at-gunpoint-from-hack-lu-2014-with-radare2\/","description":"Many thanks to crowell for giving us the permission to publish his writeup on this blog. Feel also free to take a look at depierre’s one.\n“At Gunpoint” was a 200 point Reversing challenge in Hack.lu ctf 2014. The description is as follows\nYou 're the sheriff of a small town, investigating news about a gangster squad passing by. Rumor has it they' re easy to outsmart, so you have just followed one to their encampment by the river."},{"title":"Shellshock r2 fix","link":"https:\/\/radareorg.github.io\/blog\/posts\/shellshock-r2-fix\/","pubDate":"Tue, 30 Sep 2014 02:08:29 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/shellshock-r2-fix\/","description":"A lot have been discussed recently about this vulnerability in bash. The internet was totally shocked just like what happened with heartbleed.\nSeveral vulnerabilities have been discovered in bash, which caused the distros to release several updates on the same package and being a little chaotic to know which was the correct patch to take.\nThe vulnerability was not just affecting local users which have a little risk, but webservers running CGIs because http parameters are passed as environment variables to the script which was executing the functions defined in there."},{"title":"Adventures with Radare2 #1: A Simple Shellcode Analysis","link":"https:\/\/radareorg.github.io\/blog\/posts\/adventures-with-radare2-1-a-simple-shellcode-analysis\/","pubDate":"Fri, 26 Sep 2014 22:41:30 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/adventures-with-radare2-1-a-simple-shellcode-analysis\/","description":"Posted on July 17, 2011 by Edd, on canthack.org.\nRadare2 is an open-source reverse engineering toolkit, consisting of a disassembler, debugger and hex editor. In this article I will show you the basics by reversing some shellcode I found on Project Shellcode.\nTo put this into context let’s briefly discuss what we mean by the term “shellcode”, not to be confused with “shellscript”, which is something else entirely. “Shellcode” is a term colloquially used to refer to the payload of an exploit."},{"title":"Scripting r2 in Vala","link":"https:\/\/radareorg.github.io\/blog\/posts\/scripting-r2-in-vala\/","pubDate":"Thu, 18 Sep 2014 14:17:12 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/scripting-r2-in-vala\/","description":"Under some situations you need to automatize or extend the features of radare. There are so many scripting languages out there: python, ruby, perl, lua between others.\nAll of them are supported by the radare package and you can use them from inside r2 using r_lang plugins and the ‘#!’ command or externally with the r2-swig.\nThe main issue on scripting languages is performance. The code is interpreted and all the api bindings are wrapped, so linked list accesses and function calls are highly penalized."},{"title":"Solving crackmes with LDPRELOAD","link":"https:\/\/radareorg.github.io\/blog\/posts\/solving-crackmes-with-ldpreload\/","pubDate":"Tue, 16 Sep 2014 15:40:28 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/solving-crackmes-with-ldpreload\/","description":"This is a translation of this article.\nOne of the most common technics used in UNIX for analyzing and modifying a program consists in preloading a library to make the dynamic linker priorize the functions in there before the ones coming from external libraries.\nIn fact, in iOS, the whole MobileSubstrate thing and the Flex app are based on this concept to extend and modify the functionalities of the applications in a very simple way."},{"title":"Trainings and Translations","link":"https:\/\/radareorg.github.io\/blog\/posts\/trainings-and-translations\/","pubDate":"Fri, 05 Sep 2014 15:07:09 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/trainings-and-translations\/","description":"The summer is almost over and everyone is back to the main loop.\nSome of us will be in Oct 21-24 at hack.lu giving a talk and a workshop. See http:\/\/radare.today\/well-be-at-hack-lu-2014\/\nBut pancake (aka Sergi \u00c0lvarez), the author and main contributor to the project will be busy giving two trainings in spanish:\nNavajas Negras 2014 He’ll be there on October 2, 3, 4. Giving a free and libre 2h introductory workshop to r2 for reverse engineering."},{"title":"We'll be at hack.lu 2014","link":"https:\/\/radareorg.github.io\/blog\/posts\/well-be-at-hack-lu-2014\/","pubDate":"Sun, 31 Aug 2014 01:50:09 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/well-be-at-hack-lu-2014\/","description":"We are accepted at hack.lu, both for a talk and a workshop: three of our contributors (jvoisin, maijin and xvilka) will be in Luxembourg to spread to good word about radare2!\nTalk If you don’t know radare2 yet, make sure to attend the talk, since it will explain what it is, why a tool like this is needed, and some examples about what it’s possible to achieve with it: exploitation, firmwares, malwares analysis, …"},{"title":"Visual mode","link":"https:\/\/radareorg.github.io\/blog\/posts\/visual-mode\/","pubDate":"Thu, 28 Aug 2014 00:35:56 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/visual-mode\/","description":"One of the main complain we get about radare2 is that it has no GUI. Maybe we’ll get one someday, but for now, if you don’t like the CLI, you can use the visual mode, by entering V.\nLike with very command in r2, you can get help with the ?. Also, notice the fact that the CLI-command to get the same result it displayed on the top of your terminal."},{"title":"Binary diffing","link":"https:\/\/radareorg.github.io\/blog\/posts\/binary-diffing\/","pubDate":"Thu, 21 Aug 2014 16:28:49 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/binary-diffing\/","description":"Yesterday, a new feature was pushed to radare2: offset-based function diffing. We’d like to take this opportunity to write a bit about radare2’s diffing features before showing the shiny new one.\nLet’s take a copy of a cracked crackme as an example, and the true and false binaries.\nWithout parameter, radiff2 will by default show what bytes changed, and the corresponding offsets.\n$ radiff2 genuine cracked 0x000081e0 85c00f94c0 => 9090909090 0x000081e0 0x0007c805 85c00f84c0 => 9090909090 0x0007c805 $ rasm2 -d 85c00f94c0 test eax, eax sete al Notice how the two jumps are noped."},{"title":"Payloads in C","link":"https:\/\/radareorg.github.io\/blog\/posts\/payloads-in-c\/","pubDate":"Sun, 17 Aug 2014 16:15:17 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/payloads-in-c\/","description":"Writing exploits requires to perform several steps to achieve the final purpose of the attack.\n find a vulerability reverse engineer the bug achieve code execution write the payload profit  This post will focus on the later step: write the payload.\nThe payload can spawn a shell, reuse a socket or do a connect back. But sometimes we will need a more complex payload that will need to open a file, change some permissions, do some mmap, etc."},{"title":"How goes the RSoC by the way?","link":"https:\/\/radareorg.github.io\/blog\/posts\/how-goes-the-rsoc-by-the-way\/","pubDate":"Mon, 28 Jul 2014 18:33:47 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/how-goes-the-rsoc-by-the-way\/","description":"Apart moving a bit slowly, it’s going fine.\nSkia is working on extending ‘pf’ command to improve display of nested structures, then will start to implement conditional structures, to lay the foundations of 010-templates-like support.\njfrankowski is improving the YARA support, and will likely greatly enhance the zignature feature.\nfr33tux is working on sdb, but it seems that he has lost his internet connection.\nThings are moving slowly, but students seems to be interested by their tasks, and we’re doing the best to mentor them."},{"title":"Types","link":"https:\/\/radareorg.github.io\/blog\/posts\/types\/","pubDate":"Wed, 02 Jul 2014 02:27:59 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/types\/","description":"One of the most wanted features for the RSoC was the support for 010-like templates. This is still planned, but there have been no recent movement on the topic.\nBut some of the basic cparse support has been implemented and I think it’s time to get in touch with it in order to get ready for the integration with the rest of the analysis engine.\nCurrent cparse is able to handle cpp and C syntax with support for enums, structs and nested structs."},{"title":"We were at PSES!","link":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-pses\/","pubDate":"Tue, 01 Jul 2014 18:06:58 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-pses\/","description":"One of our resident contributor (jvoisin) was at PSES to do a talk in French, entitled R\u00e9tro-ing\u00e9nierie avec radare2 - Parce que l’assembleur, c’est sympathique, aka Reversing with radare2 - Because assembly is sympathetic.\nIf you’re interested in french terms (some of them are funny), you can watch the whole talk on youtube, and download the slides here\nSince the audience was non-technical, the first part is a gentle introduction to reverse engineering, and the second one is composed of two (messies) demos of radare2 in action for a WAP54G pwnage, and also a quick and dirty crack for an old game."},{"title":"Carving bins","link":"https:\/\/radareorg.github.io\/blog\/posts\/carving-bins\/","pubDate":"Fri, 20 Jun 2014 17:36:23 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/carving-bins\/","description":"Radare was initially developed as a forensic tool. Nowadays most people use it for static code analysis or binary patching, but the framework and the tools still provide functionalities for analyzing disk partitions or filesystems..\nIn this post I’m going to explain how to use r2 to extract some ELFs files from a raw memory dump or unknown format firmware image.\nThis kind of search is called ‘carving’ and there are already several tools that can do this automatically for free."},{"title":"The RSoC is starting!","link":"https:\/\/radareorg.github.io\/blog\/posts\/the-rsoc-is-starting\/","pubDate":"Tue, 17 Jun 2014 12:00:00 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/the-rsoc-is-starting\/","description":"As announced, the Radare Summer of Code is starting today!\n If you’re an applicant, please keep us up to date about what you’re working on. If you’re a mentor, please help applicants you’re in charge of. If you’re curious about what the RSoC is, please check this page. If you want to help, please feel free to crash into our irc chan If you want to have news about the RSoC, please add this blog to your RSS reader."},{"title":"Who uses r2 ?","link":"https:\/\/radareorg.github.io\/blog\/posts\/who-uses-r2\/","pubDate":"Wed, 11 Jun 2014 12:59:21 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/who-uses-r2\/","description":"Everyone knows IDA and Ollydbg, but not everyone has 2700\u20ac to spend on a software, nor wants to trust\/use closed-source applications.\nBut who uses radare2 as a replacement ?\nCool projects Some reverse-engineering\/security-oriented projects are using radare2, thanks to its convenient license (GPL\/LGPL).\n some coreboot developers are using radare2, since it supports not only x86 but also 8051, H8, CR16, ARM, used as embedded controllers. Droid Developers \/ MILEDROPEDIA using radare2 for the reversing baseband DSP firmware\/RTOS (TMS320C55x+ architecture, unsupported in IDA Pro)."},{"title":"Technical Analysis Of The GnuTLS Hello Vulnerability","link":"https:\/\/radareorg.github.io\/blog\/posts\/technical-analysis-of-the-gnutls-hello-vulnerability\/","pubDate":"Sun, 01 Jun 2014 22:38:43 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/technical-analysis-of-the-gnutls-hello-vulnerability\/","description":"This past friday I checked out the gnutls repository and noticed a commit done two weeks ago:\n2014-05-23 19:50 Nikos Mavrogiannopoulos <nmav@gnutls.org> Prevent memory corruption due to server hello parsing.  The patch adds a second check to verify the boundary of the session id size.\n- if (len < session_id_len) { + if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) {  The memory corruption keywords triggered my attention, and just 6 days later there’s another funny commit:"},{"title":"We were at PHDays!","link":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-phdays\/","pubDate":"Sun, 25 May 2014 12:55:41 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/we-were-at-phdays\/","description":"One of our resident developers (xvilka) was at PHDays to do a talk (A fast-track one):\n Application of Radare2 Illustrated by Shylock and Snakso.A Analysis\n  The speaker will present his experience of applying Radare2 \u2014 an open-source reverse engineering tool, and illustrate it by the examples of the Windows trojan Shylock and 64-bit Linux malware Snakso.A. The techniques of analysis include both statistical disassembling of the code and its debugging with Radare2."},{"title":"Loading iOS binaries","link":"https:\/\/radareorg.github.io\/blog\/posts\/loading-ios-binaries\/","pubDate":"Mon, 19 May 2014 02:02:01 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/loading-ios-binaries\/","description":"There are several posts explaining the process to decrypt an iOS app, this is not new, but no one explained the instruction to do it with r2.\nWe have no aim in promoting piracy or cracking, but that’s the only way to analyze applications from the AppleStore.\nRetrieving information First of all you need a jailbroken device, in Cydia add the cydia.radare.org repository, in order to get the latest radare2 package from there."},{"title":"Javascript in r2","link":"https:\/\/radareorg.github.io\/blog\/posts\/javascript-in-r2\/","pubDate":"Tue, 13 May 2014 00:56:19 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/javascript-in-r2\/","description":"One of the most prominent scripting languages right now is Javascript. Browsers rule the Internet and they all can execute code in this language, in addition, several other programming languages like C, C++, Go, Wisp, CoffeeScript, TypeScript, LUA, Python, Perl, Dart, Java, … can be transpiled into JS.\nFor those reasons r2 implements several ways to run Javascript and interact with the core APIs and commands.\n Embedded WebServer (using AJAX from client side) Duktape RLang plugin (#!"},{"title":"Mitigations detection","link":"https:\/\/radareorg.github.io\/blog\/posts\/mitigations-detection\/","pubDate":"Sat, 10 May 2014 20:40:10 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/mitigations-detection\/","description":"Since the Smashing The Stack For Fun And Profit article from Aleph1, a lot has been done on mitigation side: canaries, DEP\/W^X, PIC (to allow ASLR), RELRO, SafeSEH, …\nBecause radare2 is also designed to be a present in the exploit writer arsenal, jvoisin implemented detection for some of those mitigations.\nGNU\/Linux  GCC’s canary implementation can be detected by the presence of the __stack_chk_fail function. It is used to terminate a function, in case of stack overflow."},{"title":"Getting the latest radare2","link":"https:\/\/radareorg.github.io\/blog\/posts\/getting-the-latest-radare2\/","pubDate":"Fri, 09 May 2014 23:31:43 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/getting-the-latest-radare2\/","description":"Since radare2’s developement is pretty quick, the recommended version is the current git, and not the stable one. At least if you want to play with it in a comfortable way.\nYou can always install it from your favorite packet manager if you are lazy: we are packaged in a lot of distributions.\nSimple way $ git clone https:\/\/github.com\/radare\/radare2.git $ cd radare2 $ .\/sys\/install.sh And that’s it, radare2 will be"},{"title":"RSoC selections results","link":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-selections-results\/","pubDate":"Fri, 09 May 2014 00:13:06 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/rsoc-selections-results\/","description":"We’re the 8th of May, and as planned, this is the day we announce the selected applicants\/tasks.\nMoney Thanks to the crowfunding, we managed to get a fair amount of money, less than we hoped, but it’s still nice.\n Euros: 1347 EUR Bitcoin: 0.45 BTC Dogecoins: 123935 XDG  We didn’t managed to get corporate sponsors. Hopefully, since the project is gaining momentum, we’ll be able to get some for next year!"},{"title":"Countries","link":"https:\/\/radareorg.github.io\/blog\/posts\/countries\/","pubDate":"Thu, 08 May 2014 10:33:18 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/countries\/","description":"A couple of weeks ago, we did some aggressive advertisement for the RSoC. Time to take a look at the results.\nIt seems that xvilka’s post on habrahabr attracted many peoples, then comes reddit and twitter. The lobbying on stackexchange is starting to pay.\nMost people are landing on the main page, and the second most viewed is the crowfunding one. Unsurprisingly, our main visitor base is from Russia and USA."},{"title":"Cleaning up","link":"https:\/\/radareorg.github.io\/blog\/posts\/cleaning-up\/","pubDate":"Wed, 07 May 2014 00:36:29 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/cleaning-up\/","description":"By default sys\/install.sh puts everything under \/usr. Just to make things easier There are several reasons for this, but it may polute your system if you install multiple versions of r2 or use the one contained in the package system of your distro.\nIf you want to remove previous installations of r2 from a specific directory type the following commands:\n$ .\/configure --prefix=\/usr\/local $ make purge The purge will remove all r2 files from current and previous installations (older versions of it) from the \/usr\/local directory."},{"title":"x86 Capstone tests","link":"https:\/\/radareorg.github.io\/blog\/posts\/testing-coverity\/","pubDate":"Tue, 06 May 2014 15:14:16 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/testing-coverity\/","description":"As you may know, we are using the capstone as a disassembling engine for several architectures. We are even planning to use it as main engine and to ditch udis86. Since the x86 is one of the most common architecture, we want to be sure that the transition does’t break anything.\nThis is why our resident test writer maijin did the following things:\n He added one thousand x86-related tests! Every test is now a one-liner, thanks to l0gic’s refactoring."},{"title":"Making Coverity happy","link":"https:\/\/radareorg.github.io\/blog\/posts\/making-coverity-happy\/","pubDate":"Mon, 05 May 2014 20:06:37 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/making-coverity-happy\/","description":"We are currently using Coverity to spot bugs and issues. During the last week, jvoisin and xvilka went full berzerk and killed more than a hundret of bugs, also helped by the usual contributors.\nFeel free to help us and enter our one-fix-a-day contest!"},{"title":"Initial ascii-art graph layout","link":"https:\/\/radareorg.github.io\/blog\/posts\/initial-ascii-art-graph-layout\/","pubDate":"Mon, 05 May 2014 04:15:37 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/initial-ascii-art-graph-layout\/","description":"Lately, a lot of buzz has been going on with the new graph viewer implemented on top of RConsCanvas, which renders the basic blocks graph of a function using ascii art.\nToday we get an initial layout implemented by pancake which is just a PoC. It’s an initial work to implement the proper layouting algorithm to make the graph look more natural and readable by humans.\nAdditionally the ? key in VV (visual graph) view now shows the help message explaining how to:"},{"title":"End of RSoC participants application","link":"https:\/\/radareorg.github.io\/blog\/posts\/end-of-rsoc-participants-application\/","pubDate":"Sun, 04 May 2014 16:54:26 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/end-of-rsoc-participants-application\/","description":"As announced, the applications are now closed. We currently have a little bit less than 25 applicants, this is incredible. They are all encouraged to join the #radare channel, and to submit (at least) one (non-trivial) patch to the radare2 codebase and one test case to radare2-regressions (any github issue, including closed is ok for writing test) to allow us to check that they know some code :)\nWe can not afford to accept everyone, and we apologize for this: we should only be able to pay two people."},{"title":"Jumping around in visual mode","link":"https:\/\/radareorg.github.io\/blog\/posts\/jumping-around-in-visual-mode\/","pubDate":"Sun, 04 May 2014 01:33:41 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/jumping-around-in-visual-mode\/","description":"Yesterday, someone asked on IRC how to jump around in visual mode (V key to activate it, and ? for help, as usual). This is a perfect pretext for another blogpost.\nTo move in visual mode, you can use:\n g to seek to the begining of the file G to seek to the end of the file hjkl to move, \u00e0 la vim. mK to set the mark K at the current offset 'K to seek to the previously set K mark."},{"title":"Playing with rasm2","link":"https:\/\/radareorg.github.io\/blog\/posts\/playing-with-rasm2\/","pubDate":"Fri, 02 May 2014 12:43:49 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/playing-with-rasm2\/","description":"Radare2’s assembler\/disassembler is rasm2, and albeit being used internally, it is also a standalone binary that you can use.\nIt can of course disassemble\n$ rasm2 -d 89d85d90 mov eax, ebx;pop ebp;nop but also assemble\n$ rasm2 'mov eax, ebx;pop ebp;nop' 89d85d90 Not only x86, but also mips\n$ rasm2 -a mips 'addiu a1, a2, 8' 0800c524 $ rasm2 -a mips -d 0800c524 addiu a1, a2, 8 and many more. You can have the full list with rasm2 -L."},{"title":"Exploring the database","link":"https:\/\/radareorg.github.io\/blog\/posts\/exploring-the-database\/","pubDate":"Thu, 01 May 2014 17:48:58 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/exploring-the-database\/","description":"We’re currently trying to integrate sdb into radare2. This will greatly reduce code complexity, improve portability, and open the way to collaborative reversing.\nWhat is sdb ?  sdb is a simple string key\/value database based on djb’s cdb disk storage and supports JSON and arrays introspection.\n  There’s also the sdbtypes: a vala library that implements several data structures on top of an sdb or a memcache instance."},{"title":"YARA support","link":"https:\/\/radareorg.github.io\/blog\/posts\/yara-support\/","pubDate":"Wed, 30 Apr 2014 23:30:45 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/yara-support\/","description":"We now have (experimental) YARA support inside radare2.\nIf you are building from the latest git, you just have to install libyara, no need to recompile anything.\n[0x00000000]> yara Yara plugin | add [path] : add yara rules | clear : clear all rules | help : show this help | list : list all rules | scan : scan the current file [0x00000000]> Since you may not already have some rules, we bundled some defaults ones, for packers and crypto primitives."},{"title":"ASCII graphs!","link":"https:\/\/radareorg.github.io\/blog\/posts\/ascii-graphs\/","pubDate":"Wed, 30 Apr 2014 12:47:13 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/ascii-graphs\/","description":"We may not have a GUI like IDA, but we still have some graphs. This is a small (200 lines of code) proof of concept, but there is more to come\n colors utf-8 layouts resizing animations …  You can try this new feature with VV if you are using radare2 from git.\nAnd by the way, this is documented, and has some tests to avoid regressions. Feel free to take a look at the \/libr\/cons folder if you want to contribute."},{"title":"?e Hello World","link":"https:\/\/radareorg.github.io\/blog\/posts\/e-hello-world\/","pubDate":"Wed, 30 Apr 2014 01:12:50 +0200","guid":"https:\/\/radareorg.github.io\/blog\/posts\/e-hello-world\/","description":"Today we are announcing the official blog of the Radare project in order to explain new features and changes, share tips and tricks, tutorials and more.\nThe community of radare has grown a lot recently, and we need more tools to provide users a source for updated information without having to read every commit or IRC log."}]}}