Radare2 – Reverse Engineering Tools

For those who have experience in with Reverse Engineering Method, they should be familiar with Radare2 Tools where it will provide a set of libraries and also work with binary files.

Radare2 or also known as r2 is a reverse engineering tool where it has supported for any project that related to analyzing, disassembling, debug any program’s code which written in binaries. However, the tools were started as a forensic tool which it was coded for open the disk files to read the hexadecimal machine language.

Let said with the installation of the Radare2 tools into the machine. A lot of ways to install the tools depending on the machine’s Operating System.

Linux Users

As for Linux User, you can download and install the tools by using the command line git clone

The exact command to install Radare2 would be something like follows:

git clone https://github.com/radareorg/radare2.git

Once the download finish, the user can see if the tools are installed properly with the command radare2 where it will show radare2 manual.

Unix User

Unix User has an additional way of the installation by using brew command-line where it would be easy to use for some Unix users.

The command line that can be used in brew are such as

brew install radare2

The manual of the radare2 look like the screenshot below:

Radare2 Walkthrough

Perhaps some people out there are already curious on how to use Radare2.

So let’s get started!

What we can do first by analyze all the flag including symbol and entry.

Based on the screenshot above, normally they will test on all the flags on the program to look into function call and some object reference.

For more visual approach of the program, the user can use the command vvv and it will appears like follows:

Reference: Github

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *