Linux command
radare2 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Open binary for analysis
r2 [binary]
Open and run full analysis
r2 -A [binary]
Open in write mode
r2 -w [binary]
Seek to a specific address
r2 -s [0x1000] [binary]
Debug a binary
r2 -d [binary]
Attach to a running process
r2 -d [pid]
Open without any analysis
r2 -n [binary]
Run a command and quit
r2 -qc "[pdf]" [binary]
Set architecture and bit size
r2 -a [x86] -b [64] [binary]
说明
radare2 (r2) is an open-source reverse engineering framework for binary analysis, debugging, and exploitation. It disassembles, analyzes, and patches binaries across many architectures and formats. The tool operates through a command-line interface with hundreds of commands. Commands are typically short mnemonics: 'p' for print, 'a' for analyze, 's' for seek. Help is available by appending '?' to any command prefix. Analysis identifies functions, strings, cross-references, and control flow. The 'aaa' command performs comprehensive analysis. Results populate databases queryable through commands. Visual modes provide cursor-based navigation and graph views. Function graphs show control flow with block connections. Hex editing mode enables direct binary modification. Debugging integrates natively, attaching to processes or launching programs. Breakpoints, stepping, register manipulation, and memory inspection work across supported platforms. Scripting uses r2pipe for external automation (Python, JavaScript, etc.) or internal radare2 scripts. Extensive plugin API enables custom analysis.
参数
- -A
- Run 'aaa' command to analyze all referenced code before prompt.
- -a _arch_
- Force asm.arch (x86, ppc, arm, mips, bf, java, ...).
- -b _bits_
- Force asm.bits (16, 32, 64).
- -B _baddr_
- Specify the base address for loading a new binary.
- -c _cmd_
- Execute the given command before giving prompt.
- -d
- Start in debugger mode.
- -D _backend_
- Enable debug mode with a specific debug backend.
- -e _k=v_
- Set configuration eval variable key=value.
- -f
- Set blocksize to file size.
- -i _file_
- Run script file after the file is loaded.
- -I _file_
- Run script file before the file is loaded.
- -k _kernel_
- Select kernel (asm.os) for syscall resolution.
- -l _plugfile_
- Load a given plugin file.
- -L
- List loaded IO plugins.
- -m _addr_
- Map file at given address.
- -M
- Disable demangling.
- -n
- Do not perform any analysis. Just load the raw file.
- -nn
- Only load the rbin structures (elf, mach0, ...).
- -N
- Do not load user settings or projects from ~/.radare2rc.
- -p _project_
- Set project file.
- -P _file_
- Apply rapatch file and quit.
- -q
- Quiet mode. Exit after running -c commands.
- Like -q but also quits after running all commands (exit after -c, -i scripts).
- -r _rarun2_
- Specify dbg.profile rarun2 profile for spawning programs.
FAQ
What is the radare2 command used for?
radare2 (r2) is an open-source reverse engineering framework for binary analysis, debugging, and exploitation. It disassembles, analyzes, and patches binaries across many architectures and formats. The tool operates through a command-line interface with hundreds of commands. Commands are typically short mnemonics: 'p' for print, 'a' for analyze, 's' for seek. Help is available by appending '?' to any command prefix. Analysis identifies functions, strings, cross-references, and control flow. The 'aaa' command performs comprehensive analysis. Results populate databases queryable through commands. Visual modes provide cursor-based navigation and graph views. Function graphs show control flow with block connections. Hex editing mode enables direct binary modification. Debugging integrates natively, attaching to processes or launching programs. Breakpoints, stepping, register manipulation, and memory inspection work across supported platforms. Scripting uses r2pipe for external automation (Python, JavaScript, etc.) or internal radare2 scripts. Extensive plugin API enables custom analysis.
How do I run a basic radare2 example?
Run `r2 [binary]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -A do in radare2?
Run 'aaa' command to analyze all referenced code before prompt.