发布于 2016-08-18 00:18:28 | 173 次阅读 | 评论: 0 | 来源: 网友投递
radare2 逆向工程平台
radare2是一款开放源代码的逆向工程平台,它可以反汇编、调试、分析和操作二进制文件。
radare2 codename 0.10.5 发布了。radare2是一款开放源代码的逆向工程平台,它可以反汇编、调试、分析和操作二进制文件。radare2@带来了5212项新功能,bug修复和增强功能。这里是最重要的一些亮点:
dmh to show memory heap
Implement pxd8 to show data in st64
Add $Fb and $Fs to handle basicblock address and size
q[y/n][y/n] options added
Fix #5524 - Add 'F' and '_' in graph
Add bit level visual editor
Fix #5447 - Implement aO command
add io command !=mod to list system modules
Fix #4841 - Restricted r2 shell thing
Fix dmp command for OSX and make it work with 1 parm instead of 3
Fix dmi on OSX and minor cydia tweak
Fixes #5389 - Add aflqj
Fix #5427 - ao[n] shows same bytes on all instructions
waitfor:// - wait to attach for a process matching that name
pidof:// - attach to a process with this name
nocache:// - open with O_NOCACHE, useful for iOS's dyldcache (@oleavr)
self:// - Add dlsym, call, alarm and other goodies
r2k:// - connect to the r2 kernel driver (windows only atm) (@skuater)
Implement Arithmetic Pattern matching for ROP classification:
rop gadgets found are saved in rop.db
/R can now classify nop gadgets
MovRegs and LoadConst pattern classification for /R
Moved classification logic in separate file
Adding Arithmetic Pattern classification for /R (work in progress)
Variable and argument analysis (@oddcoder)
Refactor RBin.Xtr to speedup dyldcache extraction (fat task)
Refactoring RBinXtr API.
Cache sub-fat bins in sdb to save memory.
Fix the error while loading sub-bins of different archs.
more work into xtr to fix the remaining tests
Material webui changes
Reimplemented hexdump
Same for disasm with infinite scroll
Better statusbar
All this stuff is pretty wip and not yet finished
Add support to analyze local variable types and function parameters
Add aad to analyze data references
Add av to analyze vtables
Fix #5334 - add support to analyze interrupt handler functions
Fix some more arm-rel-pc issues (by CalArcher)
First approach to afCl/cdecl for AVR
Increase rafind2 -ZS wide and do not run aad in aaa
Fix r2 -d mame on OSX asm.bits=16 problem
fixed breakpoint size based on arch
Fix #5392 display values of args and locals in debugger (#5417)
Fixed several memleaks in cmd_debug.c
Fix flag regs being seen as 'gpr' instead of 'flg'
Added new dmh command to analyze the heap on Linux-GlibC
The visual hud performs better!
Speed up the radiff2 statistical diff
Fix huge load times for fuzzed versioninfo bins
rabin2 -x dyldcache is much faster and eats less mem
Fix #4928 - Show string context in /z and /
Fix floating pointer computations in ?
Update C++ demangler from the latest GNU binutils
Much better big endian support
wopO/wopD now support longer buffers and honor endianness
ELF vaddr fixes
Remove some dupped helper functions like hex2int()
Added realtime hexview edit mode
More commands support JSON output
Better heap analysis support dmh
Better thumb/arm/arm64 pseudo, analysis and disasm
Optimized to work with the latest capstone-next from git
Connect timeout is now working on Windows
Fix #5341 - rap:// with no file works now
Fix #5338 - Add ability to start RAP server in background. (#5416)
Fix WRITE operation in the rap protocol
Fix #5339 - Projects now work with r2pipe
Support Python3
Added MIT license to r2pipe.cs and publish it in Nuget
Initial implementation of the Async Python r2pipe api (chr0hn)
Raise meaningful exception if radare2 is not installed
Adding R2PM_GITDIR for easy packages local testing (#5475):
Added r2pm -r to run commands in path
Added 7 new packages
Show r2pm clone directory in r2pm init
Only use ~/.config/radare2/prefix/bin
Improvements in DEX: avoiding name glitches and parse fields and statics
Detect local variables in Dalvik code analysis
Improve arm/thumb detection building ranges based on anal hints.
Updated material webui (WIP)
Builds fine on Termux
Add experimental CPS2 crypto plugin
Fix #5007 - Clarify the difference of hash/encoder/crypto
Fix #4965. Add support for luhn searching and hashing.
core/bin.c -> core/cbin.c
r_util.h splitted into multiple files libr/include/r_util/*.h
r_flags no longer depends on r_cons
Rename CSR disasm/anal into XAP4 Fix #5355
Remove x86.tab from r2 master moved to extras
Calling Conventions are now defined in SDB at runtime
Move all test programs into the r2r/unit
Updated type database
Add spr32d70 and gsprop32 sdb for issue 5486 (#5491)
few enhancements for afv FIX #5459 (#5461)
replacing afv[bsr]n with afvn
replacing negative sign n with _
being consistent across the documentations (args + locals = vars)
Several null derefs and memleaks has been fixed
Fixed a buffer overflow in base64 decoder
Fix infinite loop issue in ESIL ,,
Fixes a crash in capstone
详情及下载地址:https://github.com/radare/radare2/releases/tag/0.10.5