100 lines
1.3 KiB
Markdown
100 lines
1.3 KiB
Markdown
# Radare2
|
|
|
|
## Usage
|
|
### Debug
|
|
```sh
|
|
r2 -d <binary>
|
|
```
|
|
* Analyze
|
|
```sh
|
|
aaa
|
|
```
|
|
* Show all info
|
|
```sh
|
|
ia
|
|
```
|
|
* Search for strings
|
|
```sh
|
|
izz
|
|
```
|
|
* Main address
|
|
```sh
|
|
iM
|
|
```
|
|
* Entrypoint
|
|
```sh
|
|
ie
|
|
```
|
|
* Current memory address
|
|
```sh
|
|
s
|
|
```
|
|
* Show address of function or register, respectively
|
|
```sh
|
|
s <func>
|
|
sr <reg>
|
|
```
|
|
* Show main
|
|
```sh
|
|
pdf @main
|
|
```
|
|
* Show main and follwing functions
|
|
```sh
|
|
pd @main
|
|
```
|
|
* Breakpoint
|
|
```sh
|
|
db 0xdeadbeef
|
|
```
|
|
* Show all breakpoints
|
|
```sh
|
|
dbi
|
|
```
|
|
* Show rbp-0x4
|
|
```sh
|
|
px @rbp-0x4
|
|
```
|
|
* Continue
|
|
```sh
|
|
dc
|
|
```
|
|
* Step
|
|
```sh
|
|
ds
|
|
```
|
|
* Show registers
|
|
```sh
|
|
dr
|
|
```
|
|
* Restart
|
|
```sh
|
|
ood
|
|
```
|
|
### Visual Mode
|
|
* Enter visual mode via `VV`
|
|
* Enter normal mode inside visual mode via `:`
|
|
* Add comment via `;`
|
|
|
|
### Write Mode
|
|
* Enter write mode via `w`
|
|
* Write cache list via `wc`
|
|
* Alter/modify opcode at current seek via `wA`
|
|
* Use as follows
|
|
```sh
|
|
s <memoryaddress>
|
|
wx <newOpcode>
|
|
dc
|
|
```
|
|
|
|
## AT&T Instructions
|
|
* leaq src, dst: this instruction sets dst to the address denoted by the expression in src
|
|
* addq src, dst: dst = dst + src
|
|
* subq src, dst: dst = dst - src
|
|
* imulq src, dst: dst = dst * src
|
|
* salq src, dst: dst = dst << src
|
|
* sarq src, dst: dst = dst >> src
|
|
* xorq src, dst: dst = dst XOR src
|
|
* andq src, dst: dst = dst & src
|
|
* orq src, dst: dst = dst | src
|
|
|