Radare2 (also known as r2) is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together or independently from the command line. Built around a disassembler for computer software which generates assembly language source code from machine-executable code, it supports a variety of executable formats for different processors and operating systems. Apart from the static analysis feature it also supports debugging and emulation. The architecture of the framework is modular and allows to use existing or create new plugins for new file formats, architectures, analysis features.
This registry image is for the stable version is based on Ubuntu and the radare2 snap build. The Dockerfile used to build it can be found in this dedicated repository. Any issue found in this packaging can be opened there.
The resulting build includes the following projects:
- radare2
- r2ghidra
- r2frida (only in supported platforms)
- r2dec
- r2yara
- r2ai (only decai r2plugin)
- r2pipe (for Python)
- r2book (as info page)
To use this docker image you can use either:
docker run -ti radare/radare2
podman run -ti docker.io/radare/radare2
nerdctl run -ti radare/radare2
To use the docker image as one shot so it removes everything inside the container on exit just add --rm
as follows:
docker run --rm -ti radare/radare2
Another example to use for debugging inside the docker:
docker run --tty --interactive --privileged --cap-add=SYS_PTRACE --security-opt seccomp=unconfined --security-opt apparmor=unconfined radare/radare2
Also there is the option to open the r2book inside the container:
info r2book
The image can be verified that has been generated by GitHub Actions by runing the following command:
cosign verify docker.io/radare/radare2 --experimental-oci11=true --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity-regexp='https://github\.com/radareorg/radare2-snap/.*@refs/heads/main'
Alternatively there is a version with radare2 GIT aimed to be build locally.
This will build an image using Debian with radare2 from git with latest changes.
The Dockerfile to build can be found inside the dist/docker
directory in the radare2 source tree.
To build this other image run the following lines:
git clone https://github.com/radareorg/radare2.git
cd radare2
make -C dist/docker
This will build an image with the following plugins:
It is possible to specify more packages using the R2PM
make variable:
make -C dist/docker R2PM=radius2
Also, you can select the architecture (amd64 / arm64) to compile the image by using the ARCH
make variable.
By default both images are intended to be used in a interactive terminal.
But both can also be launched directly to use the radare2 web UI.
The do so it can be launched using the following command:
docker run -p 9090:9090 radare/radare2 r2 -c '=h' -
Or the following docker-compose structure:
version: "3.8"
services:
radare2:
image: radare/radare2
command: r2 -c '=h' -
network_mode: bridge
ports:
- "9090:9090"
Or if debugging functionality is required:
version: "3.8"
services:
radare2:
image: radare/radare2
command: r2 -c '=h' -
network_mode: bridge
ports:
- "9090:9090"
privileged: true
cap_add:
- SYS_PTRACE
security_opt:
- "seccomp=unconfined"
- "apparmor=unconfined"
You can read more about the project in the following links: