mirror of
https://github.com/radareorg/radare2.git
synced 2024-12-02 18:27:18 +00:00
194 lines
3.6 KiB
Groff
194 lines
3.6 KiB
Groff
.TH RADIFF2 1 "radiff2 tool" "Mar 16, 2024"
|
|
.SH NAME
|
|
radiff2 - binary diffing utility
|
|
.SH SYNOPSIS
|
|
.B radiff2
|
|
[-1abcCdeGhijnropqsSxuUvVzZ] [-A[A]] [-B #] [-g sym] [-m graph_mode][-t %] file file
|
|
|
|
.SH DESCRIPTION
|
|
radiff2 is a tool from the radare2 suite designed for binary diffing code and data.
|
|
.PP
|
|
It supports a wide range of formats and features, including architecture and
|
|
bits specification, delta diffing, graph diffing, and more.
|
|
.SH OPTIONS
|
|
.TP
|
|
.B -1
|
|
Output in Generic binary DIFF (0xd1ffd1ff magic header).
|
|
.TP
|
|
.B -a [arch]
|
|
Specify architecture plugin to use (x86, arm, etc.).
|
|
.TP
|
|
.B -A [-A]
|
|
Run aaa or aaaa after loading each binary (see -C).
|
|
.TP
|
|
.B -b [bits]
|
|
Specify register size for architecture (16 (thumb), 32, 64, etc.).
|
|
.TP
|
|
.B -B [baddr]
|
|
Define the base address to add the offsets when listing.
|
|
.TP
|
|
.B -c
|
|
Count of changes.
|
|
.TP
|
|
.B -C
|
|
Graphdiff code (columns: off-A, match-ratio, off-B) (see -A).
|
|
.TP
|
|
.B -d
|
|
Use delta diffing.
|
|
.TP
|
|
.B -D
|
|
Show disasm instead of hexpairs.
|
|
.TP
|
|
.B -e [k=v]
|
|
Set eval config var value for all RCore instances.
|
|
.TP
|
|
.B -g [arg]
|
|
Graph diff of [sym] or functions in [off1,off2].
|
|
.TP
|
|
.B -G [cmd]
|
|
Run an r2 command on every RCore instance created.
|
|
.TP
|
|
.B -i [ifscm]
|
|
Diff imports | fields | symbols | classes | methods.
|
|
.TP
|
|
.B -j
|
|
Output in JSON format.
|
|
.TP
|
|
.B -m [mode]
|
|
Choose the graph output mode (aditsjJ).
|
|
.TP
|
|
.B -n
|
|
Print bare addresses only (diff.bare=1).
|
|
.TP
|
|
.B -O
|
|
Code diffing with opcode bytes only.
|
|
.TP
|
|
.B -p
|
|
Use physical addressing (io.va=false) (only for radiff2 -AC).
|
|
.TP
|
|
.B -q
|
|
Quiet mode (disable colors, reduce output).
|
|
.TP
|
|
.B -r
|
|
Output in radare commands.
|
|
.TP
|
|
.B -s
|
|
Compute edit distance (no substitution, Eugene W. Myers' O(ND) diff algorithm).
|
|
.TP
|
|
.B -ss
|
|
Compute Levenshtein edit distance (substitution is allowed, O(N^2)).
|
|
.TP
|
|
.B -S [name]
|
|
Sort code diff (name, namelen, addr, size, type, dist) (only for -C or -g).
|
|
.TP
|
|
.B -t [0-100]
|
|
Set threshold for code diff (default is 70%).
|
|
.TP
|
|
.B -T
|
|
Analyze files in threads (EXPERIMENTAL, 30% faster and crashy).
|
|
.TP
|
|
.B -u
|
|
Unified output (---+++).
|
|
.TP
|
|
.B -U
|
|
Unified output using system 'diff'.
|
|
.TP
|
|
.B -v
|
|
Show version information.
|
|
.TP
|
|
.B -V
|
|
Be verbose (current only for -s).
|
|
.TP
|
|
.B -x
|
|
Show two-column hexdump diffing.
|
|
.TP
|
|
.B -X
|
|
Show two-column hexII diffing.
|
|
.TP
|
|
.B -z
|
|
Diff on extracted strings.
|
|
.TP
|
|
.B -Z
|
|
Diff code comparing zignatures.
|
|
|
|
.SH "GRAPH OUTPUT FORMATS (-m [mode])"
|
|
.TP
|
|
.B .
|
|
default is ASCII art.
|
|
.TP
|
|
.B s
|
|
r2 commands.
|
|
.TP
|
|
.B d
|
|
Graphviz dot.
|
|
.TP
|
|
.B g
|
|
Graph Modelling Language (gml).
|
|
.TP
|
|
.B j
|
|
JSON.
|
|
.TP
|
|
.B J
|
|
JSON with disarm.
|
|
.TP
|
|
.B k
|
|
sdb key-value.
|
|
.TP
|
|
.B t
|
|
Tiny ascii art.
|
|
.TP
|
|
.B i
|
|
Interactive ascii art.
|
|
|
|
.SH USAGE EXAMPLES
|
|
.TP
|
|
.B "Comparing two binaries"
|
|
radiff2 bin1 bin2
|
|
.TP
|
|
.B "Using graph diffing to compare functions by name"
|
|
radiff2 -g main bin1 bin2
|
|
.TP
|
|
.B "Counting the number of changes between two binaries"
|
|
radiff2 -c bin1 bin2
|
|
.TP
|
|
.B "Outputting the diff in a unified format"
|
|
radiff2 -u bin1 bin2
|
|
.TP
|
|
.B "Comparing the opcodes of two functions"
|
|
radiff2 -O bin1 bin2
|
|
|
|
.SH 'C' COMMAND IN R2
|
|
The 'c' command in r2 is used for various comparison operations within data inside the same file. Here are some examples of its usage:
|
|
|
|
.TP
|
|
.B Compare a plain string with escaped chars
|
|
c "string to compare"
|
|
|
|
.TP
|
|
.B Compare byte at a specific address with current offset
|
|
c1 0x100
|
|
|
|
.TP
|
|
.B Compare block size bytes from current offset and the 0x100 offset
|
|
cc 0x100
|
|
|
|
.TP
|
|
.B Unified diff of disassembly from current seek and given address
|
|
cud 0x200 @ 0x100
|
|
|
|
.TP
|
|
.B Compare memory hexdumps in unified diff format
|
|
cu 0x100 @ 0x200
|
|
|
|
For more detailed usage of the 'c' command, refer to the `c[?dfx] [argument]` help section.
|
|
|
|
|
|
.SH SEE ALSO
|
|
radare2(1)
|
|
|
|
.Sh WWW
|
|
.Pp
|
|
https://www.radare.org/
|
|
.SH AUTHOR
|
|
pancake <pancake@nopcode.org>
|