UNIX-like reverse engineering framework and command-line toolset
Go to file
2023-09-26 23:37:20 +02:00
.github Add R2R_TIMEOUT env for r2r and use it from the CI ##r2r 2023-09-12 23:50:29 +02:00
binr Add R2R_TIMEOUT env for r2r and use it from the CI ##r2r 2023-09-12 23:50:29 +02:00
dist Remove libuv as dependency for the Debian package 2023-09-26 10:31:17 +02:00
doc Fix some typos 2023-09-18 14:41:40 +02:00
libr Show bools as bools and ints as ints in ej json output ##shell 2023-09-26 23:37:20 +02:00
man Implement R2_ARGS as it was done for rabin2 and rarun2 2023-08-18 14:14:36 +02:00
mk Apply fixes from the Termux package and update acr ##build 2023-05-25 12:08:55 +02:00
pkgcfg Use acr-2.1.0 new PKGCFG_DO to speedup pkg-config file generation ##build 2023-03-01 10:46:07 +01:00
shlr Update to the latest capstone v5 2023-09-07 19:06:30 +02:00
sys Fix another 0x%d and lint it 2023-09-19 21:50:31 +02:00
test Honor colors in graphviz output ##graph 2023-09-20 12:34:42 +02:00
.clang-format Some clang-format improvements ##indent 2021-01-25 00:34:58 +01:00
.gitignore Ignore meson/ninja build artifacts 2023-03-30 15:54:30 +02:00
autogen.sh The beginning of the abi breaking season (5.9.9 version bump) 2023-06-08 17:03:52 +02:00
COMMUNITY.md Improve wording of COMMUNITY.md 2022-05-30 19:35:37 +02:00
config-user.mk.acr Add support for cs5 and csnext ##build 2023-07-31 12:51:29 +02:00
configure Remove libuv as dependency for the Debian package 2023-09-26 10:31:17 +02:00
configure-plugins Initial implementation of the arch.any.as plugin ##arch 2022-11-30 15:43:54 +01:00
configure.acr Remove libuv as dependency for the Debian package 2023-09-26 10:31:17 +02:00
configure.bat Windows builds include debug information by default ##build 2022-06-22 00:56:29 +02:00
configure.hook Create dist/ to hold all the distribution build files ##build (#18131) 2020-12-31 18:57:05 +01:00
CONTRIBUTING.md Update merging style in CONTRIBUTING.md (#21467) 2023-03-12 18:40:28 +01:00
COPYING Referenced https:// instead of http:// everywhere as per requirement 2023-03-22 06:58:25 +01:00
COPYING.LESSER Referenced https:// instead of http:// everywhere as per requirement 2023-03-22 06:58:25 +01:00
DEVELOPERS.md Add IDE setting guide in DEVELOPERS.md 2023-07-19 11:03:33 +02:00
env.sh Add more R2_ prefix for some var 2018-08-07 22:14:54 +02:00
global.mk Improve output for make -s and fix magic install with symlinks issue (#18781) 2021-05-30 23:46:58 +02:00
INSTALL.md Add a line for fixing directory permissions in INSTALL.md 2023-03-21 12:37:08 +01:00
make.bat Simplify meson logic and use ole's PR to fix Windows ##build 2022-01-31 23:54:00 +01:00
Makefile Unify the visual_find() code with graph and visual ##visual 2023-09-09 10:51:01 +02:00
meson_options.txt Unify the visual_find() code with graph and visual ##visual 2023-09-09 10:51:01 +02:00
meson.build Unify the visual_find() code with graph and visual ##visual 2023-09-09 10:51:01 +02:00
preconfigure Support capstone from r2pm via sys/install.sh 2023-08-01 18:04:20 +02:00
preconfigure.bat Migrate arm.v35 ##arch 2023-03-17 08:23:37 +01:00
README.md Add r2ai, r2yara and keystone references in the readme 2023-09-26 13:56:12 +02:00
SECURITY.md Rewrite user-facing documentation (#19543) 2022-01-01 06:11:46 -06:00
USAGE.md Rewrite user-facing documentation (#19543) 2022-01-01 06:11:46 -06:00
vsfix.bat Update sdb to remove double include paths ##build 2022-11-19 01:05:18 +01:00

screenshot

Radare2: Libre Reversing Framework for Unix Geeks

Latest packaged version Tests Status build tcc CII Best Practices Build Status Discord

See the Releases page for downloads. The current git master branch is 5.8.9, next will be 5.9.0.

  • Since r2-5.6.0 all the patch releases are abi stable
  • Odd patch versions are used in git builds only, releases use even numbers
  • No need to recompile the plugins, bindings or tools if the major and minor version are the same

Description

r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. Distributed mostly under LGPLv3, each plugin can have different licenses (see r2 -L, rasm2 -L, ...).

The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a featureful low-level command-line tool with support for scripting with the embedded Javascript interpreter or via r2pipe.

r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb server. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary.

screenshot

Installation

The recommended way to install radare2 is via Git using acr/make or meson:

git clone https://github.com/radareorg/radare2
radare2/sys/install.sh

On Windows you may want to use the precompiled builds or the .bat files to compile if you have msvc:

preconfigure.bat       REM setup python, meson, ninja
configure.bat          REM run meson b + vs project
make.bat               REM run ninja -C b
prefix\bin\radare2.exe
  • r2 can be installed from git or via pip using r2env.
  • Run sys/install.sh for the default acr+make+symlink installation
  • meson/ninja (muon/samu also works) and make builds are supported.
  • Windows builds require meson and msvc or mingw as compilers
  • To uninstall the current build of r2 run make uninstall
  • To uninstall ALL the system installations of r2 do: sudo make purge

Using the r2pm tool you can browse and install many plugins and tools that use radare2.

  • esilsolve: The symbolic execution plugin, based on esil and z3
  • iaito: The official Qt graphical interface
  • keystone Assembler instructions using the Keystone library
  • r2ai Run a Language Model in localhost with Llama inside r2!
  • r2dec: A decompiler based on r2 written in JS, accessed with the pdd command
  • r2diaphora: Diaphora's diffing engine working on top of radare2
  • r2frida: The frida io plugin. Start r2 with r2 frida://0 to use it
  • r2ghidra: The native ghidra decompiler plugin, accessed with the pdg command
  • r2papi High level api on top of r2pipe
  • r2pipe Script radare2 from any programming language
  • r2poke Integration with GNU/Poke for extended binary parsing capabilities
  • r2yara Run Yara from r2 or use r2 primitives from Yara
  • radius2: A fast symbolic execution engine based on boolector and esil

Usage

These are the first steps to use r2, read the book or find tutorials for more details

$ r2 /bin/ls   # open file in read-only
> aaa          # analyse the program (r2 -A)
> afl          # list all functions (try aflt, aflm)
> px 32        # print 32 byte hexdump current block
> s sym.main   # seek to main (using flag name)
> f~foo        # filter flags matching 'foo' (internal |grep)
> iS;is        # list sections and symbols (rabin2 -Ss)
> pdf; agf     # disassembly and ascii-art function graph
> oo+;w hello  # reopen in read-write and write a string
> ?*~...       # interactive filter in all command help
> q            # quit

Many plugins are included in r2 by default. But you can extend its capabilities by using the r2pm package manager.

r2pm -s <word>  # search packages matching a word
r2pm -Uci <pkg> # update database and clean install a package
r2pm -u <pkg>   # uninstall the given package
r2pm -l <pkg>   # list installed packages

Alternatively you can use r2env to switch between different versions.

pip install -U r2env
r2env init
r2env add radare2@git

Resources

Contributing

There are many ways to contribute to the project. Contact the community, check out the github issues, or grep for TODO/FIXME/XXX comments in the source.

To contribute code, push your changes to a branch on your fork of the repository. Please ensure that you follow the coding and style guidelines and that your changes pass the testing suite, which you can run with the r2r tool. If you are adding significant code, it may be necessary to modify or add additional tests in the test/ directory.

For more details, see CONTRIBUTING.md and DEVELOPERS.md.

Documentation

To learn more about r2 we encourage you to watch youtube talks from r2con. In addition to reading blogposts, slides or the official radare2 book, here are some methods to contact us:

Community

Supported Platforms

Operating Systems

Windows (since XP), Linux, Darwin, GNU/Hurd, Apple's {Mac,i,iPad,watch}OS, Android, [Dragonfly, Net, Free, Open] BSD, Z/OS, QNX, SerenityOS, Solaris, Haiku, Vinix, FirefoxOS.

Architectures

i386, x86-64, Alpha, ARM, AVR, BPF, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, S390, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, PDP11, m680x, V850, CRIS, XAP (CSR), PIC, LM32, 8051, 6502, i4004, i8080, Propeller, EVM, OR1K Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, xcore, NIOS II, Java, Dalvik, Pickle, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x, c55+, c64x), Hexagon, Brainfuck, Malbolge, whitespace, DCPU16, LANAI, lm32, MCORE, mcs96, RSP, SuperH-4, VAX, KVX, Am29000, LOONGARCH, JDH8, s390x.

File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, XCOFF, OMF, TE, XBE, SEP64, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executables, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), PDP11, XTAC, WASM (WebAssembly binary), Commodore VICE emulator, QNX, WAD, OFF, TIC-80, GB/GBA, NDS and N3DS, and mount several filesystems like NTFS, FAT, HFS+, EXT,...

Packaging Status

  • Snap package
  • Termux package
  • Alpine Linux Edge package Alpine Linux 3.13 package Alpine Linux 3.12 package
  • Arch package AUR package
  • EPEL 7 package
  • EPEL 8 package
  • EPEL 9 package
  • Fedora Dev Fedora 36 Fedora 34
  • FreeBSD port OpenBSD port pkgsrc current package
  • Homebrew package MacPorts package
  • Haiku Ports Void Linux
  • Ubuntu 20.04 package Ubuntu 18.04 package
  • Debian Unstable package Raspbian Stable package Kali Linux Rolling package