0

radare2

unix-like逆向工程框架和命令行工具。(unix-like reverse engineering framework and commandline tools.)

Official Site
Github repo
Main metrics

Github stars Tracking Chart

简介

r2 是radare从零开始的重写, 以便提供一组库和工具来处理二进制文件。

Radare项目最初是一个取证工具,一个可编写脚本的命令行十六进制编辑器,能够打开磁盘文件,但后来增加了对分析二进制文件、反汇编代码、调试程序、附加到远程gdb服务器的支持......

radare2是便携式的。

体系结构:

i386, x86-64, ARM, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, AVR, XAP, System Z, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, V850, CRIS, XAP, PIC, LM32, 8051, 6502, i4004, i8080, Propeller, Tricore, Chip8 LH5801, T8200, GameBoy, SNES, MSP430, Xtensa, NIOS II, Dalvik, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x, c55+, c66), Hexagon, Brainfuck, Malbolge, DCPU16.

文件格式:

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems.

操作系统:

Windows (since XP), GNU/Linux, OS X, [Net|Free|Open]BSD, Android, iOS, OSX, QNX, Solaris, Haiku, FirefoxOS.

绑定:

Vala/Genie, Python (2, 3), NodeJS, Lua, Go, Perl, Guile, PHP, Newlisp, Ruby, Java, OCaml...

依赖关系

radare2可以在没有任何特殊依赖的情况下构建,只是 使用make并获得工作工具链(gcc,clang,tcc,..)

或者,您可以使用libewf加载EnCase磁盘映像。

要构建绑定,您需要最新的valabind,g ++和swig2。

安装

从git安装radare2最简单的方法是运行以下命令: 

$ sys/install.sh

如果你想在没有的情况下在主目录中安装radare2 使用root权限和sudo,只需运行: 

$ sys/user.sh

用 meson + ninja 构建

如果您还没有meson和ninja,可以使用分发包管理器或r2pm安装它们: 

$ r2pm -i meson

如果您已安装它们,则可以运行此行来编译radare2: 

$ python ./sys/meson.py --prefix=/usr --shared --install

此方法在Windows上最有用,因为使用Makefile的初始构建不适合。 如果您以任何方式迷失,只需输入: 

$ python ./sys/meson.py --help

更新

要更新Radare2系统,您不需要卸载或拉出, 只需重新运行: 

$ sys/install.sh

如果您在主目录中安装了Radare2, 只需重新运行: 

$ sys/user.sh

卸载

如果是污染的文件系统,您可以卸载当前版本或删除所有以前的安装: 

$ make uninstall
$ make purge

程序包管理器

Radare2拥有自己的软件包管理器 -- r2pm。它的包 存储库也在 GitHub 上。 要开始首次使用它,您需要初始化软件包: 

$ r2pm init

在安装任何软件包之前刷新软件包数据库: 

$ r2pm update

要安装软件包,请使用以下命令: 

$ r2pm install [package name]

绑定

所有的语言绑定都在r2-bindings目录下。 您需要安装swig和valabind才能为Python,Lua等构建绑定。

API在vapi文件中定义,然后进行翻译 swig接口,nodejs-ffi或其他,然后编译。

安装python绑定的最简单方法是运行: 

$ r2pm install lang-python2 #lang-python3 for python3 bindings
$ r2pm install r2api-python
$ r2pm install r2pipe-py

另外还有 r2pipe 绑定,它们是一个API 界面与提示交互,传递命令 并以字符串的形式接收输出,许多命令都支持 JSON输出,所以它很容易与多种语言集成 以便将其反序列化为本地对象。 

$ npm install r2pipe   # NodeJS
$ gem install r2pipe   # Ruby
$ pip install r2pipe   # Python
$ opam install radare2 # OCaml

同样适用于Go,Rust,Swift,D,.NET,Java,NewLisp,Perl,Haskell, Vala,OCaml,还有更多!

Regression Testsuite(回归测试套件)

运行 make tests 它将获取radare2-regression 存储库并运行所有测试以验证没有 更改会破坏功能。

我们在每次提交时都运行这些测试,而且它们也是 用ASAN和valgrind在不同的平台上执行 捕捉其他不需要的“特征”。

文档

目前还没有r2的正式文件。并非所有的命令 与radare1兼容,所以学习如何最好的方法 在r2中做的东西是通过阅读网络上的例子和 追加'?'到你感兴趣的每一个命令。

命令是几个字符的小助记符,有一些额外的语法糖,使贝壳更愉快 用于编写脚本并与apis进行交互。

您也可以检出 radare2书

编码风格

查看 CONTRIBUTING.md

网络服务器

radare2带有一个嵌入式网络服务器,可以提供纯粹的服务 向内核发送ajax查询的html/js接口 旨在为手机,平板电脑和台式机实施可用的用户界面。 

$ r2 -c=H /bin/ls

要在Windows上使用网络服务器,您需要一个cmd实例 拥有管理员权限。启动webserver use命令 在项目根目录下。 

> radare2.exe -c=H rax2.exe

指针

网站: http://www.radare.org/

IRC:irc.freenode.net #radare

Telegram: https://t.me/radare

Matrix:@radare2:matrix.org

Twitter:@radareorg

Overview

Name With Ownerradareorg/radare2
Primary LanguageC
Program languageMakefile (Language Count: 22)
PlatformAndroid, BSD, iOS, Linux, Mac, Solaris, Windows, Firefox OS, Haiku, QNX
License:GNU Lesser General Public License v3.0
Release Count114
Last Release Name5.9.0 (Posted on )
First Release Name0.8.6 (Posted on )
Created At2012-07-03 07:42:26
Pushed At2024-04-20 07:19:35
Last Commit At2024-04-20 11:32:07
Stargazers Count19.6k
Watchers Count486
Fork Count2.9k
Commits Count31.9k
Has Issues Enabled
Issues Count8394
Issue Open Count829
Pull Requests Count11094
Pull Requests Open Count25
Pull Requests Close Count2880
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private
 
 ____  ___  ___  ___ ____  ___   ____, _ \/   \, \/   \  _ \/ _ \ (__  \, (  -, ) -, (   _/ /  __/, __\__, _, __, ___/__, __, _\__, ___, ____, https://www.radare.org

                             --pancake
```, Service, Badge, ----------, ---------------------------------------------------------------------, **TravisCI**, [![Build Status](https://travis-ci.com/radareorg/radare2.svg?branch=master)](https://travis-ci.com/radareorg/radare2), **AppVeyor**, [![Build status](https://ci.appveyor.com/api/projects/status/9cgkgxkc3203fm1o/branch/master?svg=true)](https://ci.appveyor.com/project/radareorg/radare2/branch/master), **FreeBSD (sr.ht)**, [![builds.sr.ht status](https://builds.sr.ht/~xvilka/radare2/freebsd.yml.svg)](https://builds.sr.ht/~xvilka/radare2/freebsd.yml?), **OpenBSD (sr.ht)**, [![builds.sr.ht status](https://builds.sr.ht/~xvilka/radare2/openbsd.yml.svg)](https://builds.sr.ht/~xvilka/radare2/openbsd.yml?), **Coverity**, [![Build Status](https://scan.coverity.com/projects/416/badge.svg)](https://scan.coverity.com/projects/416), **LGTM**, [![Total alerts](https://img.shields.io/lgtm/alerts/g/radareorg/radare2.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/radareorg/radare2/alerts/), **Infrastructure**, [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/741/badge)](https://bestpractices.coreinfrastructure.org/projects/741), **Codecov**, [![codecov](https://codecov.io/gh/radareorg/radare2/branch/master/graph/badge.svg)](https://codecov.io/gh/radareorg/radare2), **Fuzzit**, [![fuzzit](https://app.fuzzit.dev/badge?org_id=2zv5qI33roZkRm0oO2Mi&target_id=YVkkS6RPVpKhSixyFWcT&branch=master)](https://app.fuzzit.dev/admin/2zv5qI33roZkRm0oO2Mi/target)
<a href="https://repology.org/metapackage/radare2">
<img src="https://repology.org/badge/vertical-allrepos/radare2.svg" alt="Packaging status" align="right" width="150px">
</a>

# Introduction

r2 is a rewrite from scratch of radare in order to provide
a set of libraries and tools to work with binary files.

Radare project started as a forensics tool, a scriptable
command-line hexadecimal editor able to open disk files,
but later added support for analyzing binaries, disassembling
code, debugging programs, attaching to remote gdb servers...

radare2 is portable.

To learn more on radare2 you may want to read the [official radare2 book](https://radare.gitbooks.io/radare2book/content/).

You can also use [r2lrn](https://github.com/0ki/r2lrn) or r2golf for a hands-on learning experience.

## Operating Systems

Windows (since XP), GNU/Linux, OS X, [Net, Free, Open]BSD,
Android, iOS, OSX, QNX, Solaris, Haiku, FirefoxOS.

## Architectures

i386, x86-64, ARM, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, m680x, AVR,
XAP, System Z, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810,
V850, CRIS, XAP, PIC, LM32, 8051, 6502, i4004, i8080, Propeller,
Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa,
NIOS II, Java, Dalvik, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x,
c55+, c66), Hexagon, Brainfuck, Malbolge, whitespace, DCPU16, LANAI,
MCORE, mcs96, RSP, SuperH-4, VAX.

## File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI,
Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable,
ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump),
WASM (WebAssembly binary), Commodore VICE emulator, QNX,
Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems.

## Scripting

Native bindings are supported but the recommended way to interact with r2
from other languages is by using [r2pipe](https://github.com/radareorg/radare2-r2pipe)

Python, Ruby, JavaScript, Lua, Perl, PHP, Go, Rust, Swift, C#, Java,
Shell, OCaml, Haskell, Scheme (Guile), CommonLisp, Clojure, Erlang, D,
Vala/Genie, Prolog, Nim, Newlisp...

# Install / Update

The recommended way to install or update radare2 from git for single-user systems:

	$ sys/install.sh

If you don't have root, or just want to install it in your home use:

	$ sys/user.sh

Note that those scripts will install using configure+make using symlinks, so you
don't need to reinstall every time you change something in the builddir.

* If you don't like symlinks use `sys/install.sh --install`
* To use capstone5 use the `--with-capstone5` flag.

Alternatively you can also build with meson + ninja:

	$ ./sys/meson.py --prefix=/usr --shared --install

## Uninstall

In case of a polluted filesystem, you can uninstall the current
version or remove all previous installations:

	$ make uninstall
	$ make purge

To remove all stuff including libraries, use

	$ make system-purge

## Package Manager

Radare2 has its own package manager - r2pm. Its packages
repository is on [GitHub too](https://github.com/radareorg/radare2-pm).
To start to using it for the first time, you need to initialize packages:

	$ r2pm init

Refresh the packages database before installing any package:

	$ r2pm update

To install a package, use the following command:

	$ r2pm install [package name]

# Development

## Coding Style

Look at [CONTRIBUTING.md](https://github.com/radareorg/radare2/blob/master/CONTRIBUTING.md).

## Tests

Running `make tests` will fetch the test binaries 
repository and run all the tests in order to verify that no changes break any functionality.

We run those tests on every commit, and they are also executed with ASAN
and valgrind on different platforms to catch other unwanted 'features'.


# Community

Website: [https://www.radare.org/](https://www.radare.org/)

Telegram: [https://t.me/radare](https://t.me/radare)

Twitter: [@radareorg](https://twitter.com/radareorg)

IRC: irc.freenode.net #radare

Matrix: @radare2:matrix.org
To the top