radare2

install

git clone https://github.com/radare/radare2.git
cd radare2/
./sys/install.sh

menjalankan program

r2 (elf)
r2 -d (elf)
radare2 (elf)

beberapa instruksi :

• analisis blablabla : aaa
• seek to main : s sys.main
• print disassambly : pdf
• break : db break_point
• run/continue : dc
• visual : VV
• step into : s
• next into : caps + s
• info register : dr

mengubah nilai : (misal ke memori 0x000)

dr rip=0x000

rename var-name :

afvn prev_name name

Praktik

source code didapat dari https://exploit.education/protostar/
ada banyak contoh, tinggal copas

Stack Zero

#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>

int main(int argc, char **argv)
{
  volatile int modified;
  char buffer[64];

  modified = 0;
  gets(buffer);

  if(modified != 0) {
      printf("you have changed the 'modified' variable\n");
  } else {
      printf("Try again?\n");
  }
}

gcc stack-zero.c -o stack-zero
radare2 ./stack-zero

Dibawah ini adalah cheat sheet, dibilang urut jg tidak, tp dibilang berantakan jg tidak

V
V
V

q

p
p
P
p
P

`shift+:`

analyse :

aaa

afl
afll

seek to the main func :

s main

`enter`
u

?

xref

axt -> where is it being called
axf
ax?

enter : step into u : undo

ii
iE
iS
is
iz -> string
izz
...

menarik

https://radare.gitbooks.io/radare2book/content/

user interface mode :

r2 -c=H <file_elf>