advanced unix-like hexadecimal editor and debugger
C C++ Perl Vala Python Shell Other
Switch branches/tags
Nothing to show
Latest commit be4a3b6 Sep 28, 2016 @Hi-Angel Hi-Angel committed with Deprecation message. (#2)
* Existence of two projects may confuse new peoples

* Update README
Permalink
Failed to load latest commit information.
api * Apply patch from @schrotthaufen that adds support for python 2.7 (t… Jan 12, 2011
dist * Initial dummy code for variable support Dec 11, 2008
doc * Apply zlowram's book typos patch Nov 4, 2011
gui Fix gui build Aug 13, 2012
java * Remove more stupid ${E} and ${Q} Jun 12, 2009
libusbsniff * Dewarnification for mingw32 Dec 9, 2009
magic * Initial import of radare 0.9.3 into teh HG Jan 14, 2008
man * Fix manpage and Debugger/Breakpoint grsc script (thanks Debian) Jun 29, 2010
raweb * Initial import of radare 0.9.3 into teh HG Jan 14, 2008
scripts * Initial implementation of 'file.dbg_arg' eval variable Jul 22, 2009
sql * Initial import of radare 0.9.3 into teh HG Jan 14, 2008
src Some more fixes for aasm.c Jul 1, 2014
tests * data_prev now works with >= and <= May 20, 2009
vala * Huge dewarnification on x86-64 archlinux Dec 8, 2009
w32 * Initial import of radare 0.9.3 into teh HG Jan 14, 2008
.hgignore * New print mode: pm (print memory format string) Feb 1, 2008
.hgtags Added tag 1.5 for changeset 93efad3495a1 Dec 15, 2009
AUTHORS * Fix race condition in gui/ build with make -j>1 (thanks graz!) Mar 4, 2009
COPYING * Initial import of radare 0.9.3 into teh HG Jan 14, 2008
ChangeLog * Release 1.5.2 May 21, 2010
HISTORY * Fix endian bug in yesno() function Jun 14, 2009
INSTALL * Remove message about 'waf will replace acr'.. Jan 25, 2010
Makefile.acr * Added 'distfree' target in Makefile to allow debian redistribute th… Jun 29, 2010
README Deprecation message. (#2) Sep 28, 2016
TODO * Fix winedbg plugin Jan 6, 2010
autogen.sh * Upgrade to acr 0.8 Dec 9, 2009
config.mk.acr * Huge dewarnification on x86-64 archlinux Dec 8, 2009
configure * Release 1.5.2 May 21, 2010
configure.acr * Apply patch from @schrotthaufen that adds support for python 2.7 (t… Jan 12, 2011
configure.hook * Fix build for opensolaris-x86 Jun 10, 2009
global.h.acr * Huge dewarnification.. some segfaults fixed Dec 8, 2009
waf * Revert waf...stupid devels Oct 25, 2008
wscript * Release 1.5 Dec 13, 2009

README

**Note**: this version is deprecated in favor of radare2: https://github.com/radare/radare2

                  __--~.
               .-'_ ,' |
            .'     \   |
           / | |>   ) /
           \ |     /." _   _   _   _   _
         .-^_| |\  \  |_| | \ |_| |_/ /_
         \/   -| '. ' | | |_/ | | | \ \_

                            pwn them all

SHORT

  radare is a commandline hexadecimal editor.


DESCRIPTION

  Radare is a toolkit framework for working with binary files having the
  unix philosphy in mind.

  It was born with simplicity in mind. The core of it remains on the
  command line hexadecimal editor that it aims to provide a helper
  tool for reverse engineering, exploiting, fuzzing, binary and data analysis.

  hasher is a hashing utility that allows to hash pieces of files and
  generate reports of changes. This is useful for hard disk analysis,
  reversing, binary diffs, system programs integrity, etc.

  radare comes with a set of IO plugins that wraps all open/read/write
  /seek/close/system calls. This way several plugins has been implemented:

    $ radare -L
    haret       Read WCE memory ( haret://host:port )
    debug       Debugs or attach to a process ( dbg://file or pid://PID )
    gdb         Debugs/attach with gdb (gdb://file, gdb://PID, gdb://host:port)
    gdbx        GDB shell interface 'gdbx://program.exe args' )
    shm         shared memory ( shm://key )
    mmap        memory mapped device ( mmap://file )
    malloc      memory allocation ( malloc://size )
    remote      TCP IO ( listen://:port or connect://host:port and rap:// )
    winedbg     Wine Debugger interface ( winedbg://program.exe )
    socket      socket stream access ( socket://host:port )
    serial      serial port access ( serial:///path/to/dev:speed )
    gxemul      GxEmul Debugger interface ( gxemul://program.arm )
    ewf         EnCase EWF file support ( ewf:// )
    posix       plain posix file access

  Currently I'm working on a Vala frontend to provide an object oriented
  api for directly interfacing with the core of radare and provide a
  complete graphical frontend.


FEATURES

   rasc

   - shellcode helper tool
     - generates paddings with A's, nops, CCs and enumerations (00, 01, 02, ..)
     - most common use shellcodes hardcoded inside
       - x86 32/64, arm, powerpc
       - linux, bsd, solaris, darwin, w32
     - HOST, PORT, CMD shellcode alteration
     - syscall proxy server
   - output in
     - raw
     - hexpairs
     - C unsigned char array
     - execute shellcode (for local testing)


   rasm

   - commandline assembler/disassembler
     - supports x86, olly, java, powerpc...
     - can support any other arch supported by GAS using 'rsc asm'
     - assembling from text file to raw object
     - you can specify the offset and endian manually
   - can disassemble from an hexpair string


   rabin

    - show information about ELF/PE/MZ/CLASS files
      - entrypoint
      - imports
      - exports
      - symbols
      - libraries
      - sections
      - checksums
    - integration with radare core

   rahash

    - generates and checks block checksums of a file
    - can hash from stdin
    - supports multiple hashing algorithms
      - md4, md5
      - crc16, crc32
      - sha1
      - par, xor, xorpair
      - hamdist
      - entropy


   radiff 

    - integrates bdiff, bindiff, bytediff and rdbdiff into a single program
    - generates a raw binary difference between two files
    - recommended to use together with bdcolor
      $ bindiff a b | bdcolor 3


   rsc

    - contains helper scripts for working with binary files
    - asm/dasm - asm->hexpairs / hexpairs->asm
    - bdcolor  - colorizes and filters the bindiff output
    - bytediff - byte per byte binary diff (faster than bindiff, less accurate)
    - spcc     - structure parser c compiler
    - rfile-foreach - find magic signatures on a raw file
    - adict    - assembly dictionary
    - bin2txt  - generates a template text file with info and disasembly of a binary
    - bin2tab | tab2gml - generate a graphml with the program reference calls
    - syms-xrefs - find crossed references to each symbol of a binary
    ... and much more ...


   radare

   - cli and visual modes
   - yank and paste
   - perl/python scripting support
   - virtual base address for on-disk patching
   - vi-like environment and command repetition (3x)
   - debugger for x86-linux/bsd and arm-linux
   - data bookmarking (flags)
   - scripting (no branches or conditionals yet)
   - own magic database (rfile)
   - little/big endian conversions
   - data search
     - multiple keywords at the same time
     - binary masks
     - input format: ascii/binary/widechar
     - ranged searches ( /r 0-2 )
   - show xrefs on arm, x86 and ppc binaries
   - data type views:
     - integer/long/longlong/float/double
     - binary dos/unix timestamps
     - octal
     - hexadecimal (byte, word, dword, qword)
   - data block views:
     - hexadecimal
     - octal
     - binary
     - ascii string
     - widechar strings
     - url encoding
     - shellcode (gas format)
     - c char* array
     - analysis (pA 30 @ esp)
     - disassembly
       - native x86/arm
       - allows to use objdump or any other external command
       - pseudocode syntax
       - colorization
       - inline comments and labels
   - visual mode commands
     - gotoxy command to create your own composed views
     - screen fit
     - colorization of almost everything
     - on the fly disassembly
     - apply magic on current block
     - hjkl-style scrolling
     - print format cycling
     - cursor mode and yank/paste feature


  debugger

  - support for x86-linux/bsd and arm-linux
  - next planed ports: x86.64-linux, w32 and x86.solaris
  - tracing with multiple verbose levels
  - dump/restore of the process
  - full filedescriptor control
  - backtrace viewer
  - attach/detach
  - code injection
  - breakpoints (software, hardware)
  - watchpoints (software, hardware)
    - raw drx control
  - full gpregs and fpregs control
  - continue until user code
  - step into, step over
  - continue until syscall (strace like)
  - supports ktrace on openbsd and netbsd
  - raw memory management of the target process
  - common hacks can be automatized with keybindings
  - full signalling control of the target process
  - /proc/pid/maps info support
  - ollydbg-like keybindings (F7 step , F9 continue, ...)



                       -- Dedicated to the girl I have loved, hated and loved.

AUTHOR

  pancake <@youterm.com>