radare2 personal cheatsheet

https://radare.gitbooks.io/radare2book/

r2 -w ./file # open file for patching

Main Commands

  • aaa - analyze everything

  • pdf function / pd 20 @function - print disassembly at function

  • s 0x4000 - seek address /s+ s- for relative seek

  • VV @function - Enter Graph View at function

  • iz - print strings

  • @ - use for temporary seek

  • ~ - like grep

  • px - print hexdump

  • ia - info all

  • wa - write assembly

  • afl - list functions

  • axt [offset] - find xrefs

  • / [string] - search strings

  • o - work with file descriptors

  • afta - analyze local variable types

Visual Modes

  • V - Enter Normal Visual mode

  • VV - Enter Graph View

  • V! - Enter Panel View

  • A - patch at current address

  • p - rotate print mode

  • : - open command line

Tricks

  • append j to a command for json output

  • append ~{} to command for json pretty print

  • use pipe | with shell commands

  • use > to pipe outputs to file

  • wx 9090 - write nop at current address

  • use initialization scripts to do the basic startup tasks

Customization

  • eco - colorschemes, e.g. eco darkda

  • e scr.utf8 = true

  • e scr.utf8.curvy=true

Debugger

  • r2 -d ./file

  • db 0x0000 - breakpoint at 0x0000

  • dc - run

  • ds - step

  • dcs - continue until syscall

  • dd - manipulate file descriptors

  • dr eax=5 - manipulate reg value

  • s - step (visual)

  • S - step, not into calls (visual)

https://radare.gitbooks.io/radare2book/debugger/migration.html

PreviousCTFNextgdb personal cheatsheet

Last updated