Rizin - UNIX-like reverse engineering framework and command-line toolset.

Overview

Rizin logo

Rizin

Rizin is a fork of the radare2 reverse engineering framework with a focus on usability, working features and code cleanliness.

Rizin is portable and it can be used to analyze binaries, disassemble code, debug programs, as a forensics tool, as a scriptable command-line hexadecimal editor able to open disk files, and much more!

To learn more on Rizin you may want to read the official Rizin book.

How to install

You can find the latest release binaries for Android, Debian, Ubuntu, MacOS, Windows here. If we don't provide a released binary for your system, you can still build Rizin yourself.

How to build

Use meson to compile and install Rizin. Please make sure to get an updated meson (e.g. get it with pip install meson if your system does not provide one that is at least version 0.55.0).

Clone this repository:

$ git clone https://github.com/rizinorg/rizin

Then compile and install with:

$ meson build
$ ninja -C build
$ sudo ninja -C build install

Now you can use rizin:

$ rizin
 -- Thank you for using rizin. Have a nice night!
[0x00000000]>

To uninstall rizin, execute sudo ninja -C build uninstall.

Please have a look at BUILDING.md for more information about building Rizin.

Contributing

We very much welcome any kind of contributions, from typos, to documentation, to refactoring, up to completely new features you may think of. Before contributing, we would like you to read the file CONTRIBUTING.md, so that we can all be on the same page.

Tests

Look at test/README.md.

Supported features

Supported Operating Systems

Windows (since XP), GNU/Linux, GNU/Darwin, GNU/Hurd, Apple's {Mac,i,iPad,watch}OS, [Dragonfly|Net|Free|Open]BSD, Android, QNX, Solaris, Haiku, FirefoxOS.

Supported Architectures

i386, x86-64, ARM, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, m680x, AVR, XAP, System Z, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, V850, CRIS, XAP, PIC, LM32, 8051, 6502, i4004, i8080, Propeller, Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, NIOS II, TMS320 (c54x, c55x, c55+, c66), Hexagon, DCPU16, LANAI, MCORE, mcs96, RSP, SuperH-4, VAX, AMD Am29000.

There is also support for the following bytecode formats:

Dalvik, EBC, Java, Lua, Python, WebAssembly, Brainfuck, Malbolge

Supported File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, QNX, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs.

Scripting

We provide a way to interact with Rizin from Python, Haskell, OCaml, Ruby, Rust, and Go languages through rzpipe. Other languages although not currently supported could be easily added.

Community

Our website and blog: https://www.rizin.re/

Join our Mattermost community to discuss Rizin, its development, and general topics related to the project.

We also provide the following partial bridges to other messaging platforms:

Issues
  • Change -, --, =  argument and = command meaning

    Change -, --, = argument and = command meaning

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [x] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    • Remove the = special flag from Rizin's startup flags to avoid possible confusion with the client/server = meaning in interactive mode
    • Move the = interactive client/server family command to R (new) interactive family command (short for "Remote")
    • -- is used to signal "end of flags" to be consistent with the standard command line utilities syntax. ...

    Test plan

    From https://github.com/rizinorg/rizin/issues/615:

    • rizin
    • rizin --
    • rizin -test
    • rizin -- -test
    • rizin -d -- -test

    From https://github.com/rizinorg/rizin/issues/616:

    • rizin =

    • rizin - < test/bins/elf/ls

    • for the test

    ➜  rizin_bak git:(startissue) rizin 
     -- The '?' command can be used to evaluate math expressions. Like this: '? (0x34+22)*4'
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) rizin --
     -- Seek at relative offsets with 's +<offset>' or 's -<offset>'
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin -- -test
     -- Review all the subcommands of aa to see better ways to analyze your targets.
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin -d -- -test
    Process with PID 1981196 started...
    = attach 1981196 1981196
    bin.baddr 0x555555554000
    Using 0x555555554000
    asm.bits 64
     -- Find wide-char strings with the '/w <string>' command
    [0x7ffff7fd3090]> 
    
    ➜  rizin_bak git:(startissue) rizin =
     -- Use scr.accel to browse the file faster!
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin - < test/bins/elf/ls
    ^D
     -- Get a free shell with 'rz_gg -i exec -x'
    [0x00000000]> 
    
    

    Closing issues

    Fix #616 Swap - (single dash) and = (equal sign) meaning Fix #615 -- (double dash) should be treated as "end of flags" | Allow launching Rizin without a

    ...

    command rizin rz-test RzIO RzCore GDB 
    opened by seanachao 40
  • Port `C` (metainformation) commands to the rzshell

    Port `C` (metainformation) commands to the rzshell

    SQUASH ME

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    • Port C (meta information, comments) commands to the newshell
    • Moved all subcommands of Cvr, Cvs, Cvb to the higher level as subcommands of Cv: - Cv [name] [text] to append the comment of any kind of variable - Cv- [name] to remove the comment of any kind of variable - Cve [name] to open cfg.editor to edit the comment of any kind of variable
    • Cvr, Cvs, and Cvb just list all comments of the variables/arguments of the corresponding kind
    • Cd previously allowed the second parameter (repeat) to be passed in two different ways: Cd 4[8] and Cd 4 8, where 4 is the size and 8 is the repeat. I removed the Cd 4[8] and left only Cd 4 8 for simplicity and consistency.
    • Csj, Cs*, Csl became Cslj, Csl*, Csll since pure Cs should not list strings and only add it, Csl was made to list strings in various modes.
    • Cd, Cf, CC, CS now require their arguments, previously called without arguments they were listing corresponding meta information.
    • The listing feature moved to Cdl, Cfl, CCl, CSl, etc, similar to Csl.
    • Cz command as an alias to Csa command was completely removed
    • CC, (filelink) command was renamed to CCF.
    • CCa (append command) was removed in favor of plain CC
    • Csg command to guess encoding was removed, Cs now tries to guess the encoding by default
    • Cs.. was renamed to Cs.l - as in LONG output type of the Cs. command (there is also JSON output with Cs.j)
    • Added new commands Csw and CsW to add UTF-16 and UTF-32 strings correspondingly

    Test plan

    CI is green

    Closes https://github.com/rizinorg/rizin/issues/792 Partially addresses #1342

    command rz-test RzBin API RzCore merge-when-green ELF 
    opened by XVilka 31
  • Update Hexagon asm and analysis plugins

    Update Hexagon asm and analysis plugins

    Replaces https://github.com/rizinorg/rizin/pull/1338

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    Updates Hexagon analysis and asm plugin.

    Supports

    • Add asm support for v5-v68 and HVX instructions
      • Recognize instruction packets.
    • Basic analysis support
      • set instruction type (return, call, jumps hardware loop etc.)
      • Enables search for immediate operands.
    • Patching of relocs

    Not yet implemented

    Test plan

    See test files.

    Closing issues

    closes https://github.com/rizinorg/rz-hexagon/issues/13 closes https://github.com/rizinorg/rz-hexagon/issues/15 closes https://github.com/rizinorg/rz-hexagon/issues/17 closes https://github.com/rizinorg/rz-hexagon/issues/18 closes https://github.com/rizinorg/rz-hexagon/issues/19 closes https://github.com/rizinorg/rz-hexagon/issues/21 closes https://github.com/rizinorg/rz-hexagon/issues/22 closes https://github.com/rizinorg/rz-hexagon/issues/24

    infrastructure rz-test RzBin RzAnalysis API ESIL RzCore ELF ARM RZIL 
    opened by Rot127 29
  • Refactor output modes to use enum (#489)

    Refactor output modes to use enum (#489)

    SQUASH ME

    Original PR: #929

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    Refactored output modes to use enum. int mode and char mode patterns in the code have been replaced with RzOutputMode enum type.

    Refactoring is still in progress.

    Test plan

    ...

    Closing issues

    closes #489

    command waiting-for-author 
    opened by valdaarhun 27
  • Hexagon update

    Hexagon update

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This is an update of the hexagon asm and analysis plugin. It used the LLVM source to generate the plugin code.

    This pull request only synchronizes the source code with the rz-hexagon repo. For more details please refer to the pull request over there: https://github.com/rizinorg/rz-hexagon/pull/4

    Test plan

    asm tests The tests for the asm plugin are updated as well, since some of the old ones where incorrect. The asm tests in this pull requests were written and disassembled with the Hexagon IDE tools.

    analysis tests Those tests got not updated (unfortunately my dev time is up for this month) and fail at the moment. I confirmed the correct working of the hardware loops, jumps and calls manually.

    Closing issues closes https://github.com/rizinorg/rz-hexagon/issues/13

    None

    RzBin RzAnalysis 
    opened by Rot127 26
  • UTF-16 be, UTF-32 be support

    UTF-16 be, UTF-32 be support

    Hi! I'm trying to become more comfortable with the code trying to solve some issues. I'm sorry if I'm doing something wrong!

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This PR:

    • refactor string_scan_range of librz/bin/bfile.c by moving the string searching logic to the file librz/util/str_search.c (as suggested in #1052).
    • adds support for the detection of UTF-16 BE and UTF-32 BE strings.

    The introduced public API due to refactoring is the following:

    RZ_API int rz_scan_strings(RzList *list, RzBuffer *buf_to_scan,
    	const ut64 from, const ut64 to, int min_str_length, int type);
    

    it looks for strings in the RzBuffer buf_to_scan, filling the RzList list. string_scan_range now uses this API. Unfortunately, it is possibly slower than the previous version, since it always allocates a list that is passed to rz_scan_strings. Ofc I can revert these modifications.


    UTF-16 BE and UTF-32 BE detection heuristic should be very similar to the one for UTF-16 LE and UTF-32 LE. It simply checks the following pattern for the first 6 bytes of the string: UTF-32 BE: 00 00 00 XX 00 00 UTF-16 BE: 00 XX 00 XX 00 XX

    where XX is a byte != 0


    I did not add (yet) big-endian strings here since I am not sure that rz_utf_block_list would work with big-endian UTF strings.

    Test plan

    I did not add any tests yet. I'm just using this file to perform some preliminary tests, running: rz-bin -zz /path/to/encodings

    output before this commit:

    [Strings]
    nth paddr      vaddr      len size section type    string
    ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――
    0   0x00000000 0x00000000 20  21           ascii   i am an ascii string
    1   0x00000020 0x00000020 19  21           utf8    i am a ÙTF-8 string blocks=Basic Latin,Latin-1 Supplement
    2   0x00000040 0x00000040 22  46           utf16le i am a UTF-16le string
    3   0x00000071 0x00000071 21  43           utf16le i am a UTF-16be strin
    4   0x000000a0 0x000000a0 22  92           utf32le i am a UTF-32le string
    5   0x00000103 0x00000103 21  88           utf32le i am a UTF-32be strin
    

    output after this commit:

    [Strings]
    nth paddr      vaddr      len size section type    string                                                    
    ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
    0   0x00000000 0x00000000 20  21           ascii   i am an ascii string
    1   0x00000020 0x00000020 19  21           utf8    i am a ÙTF-8 string blocks=Basic Latin,Latin-1 Supplement
    2   0x00000040 0x00000040 22  46           utf16le i am a UTF-16le string
    3   0x00000070 0x00000070 22  46           utf16be i am a UTF-16be string
    4   0x000000a0 0x000000a0 22  92           utf32le i am a UTF-32le string
    5   0x00000100 0x00000100 22  92           utf32be i am a UTF-32be string
    

    Closing issues

    closes #1052

    rz-test API test-required high-priority refactor RzUtil 
    opened by borzacchiello 25
  • Print the Rizin plugin information in JSON

    Print the Rizin plugin information in JSON

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [X] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This PR enables the user to print the rizin plugin info in JSON. It is related to another issue from Cutter. link

    Test plan

    This works for all L commands, except dLj and oLj (not implemented in this PR). I believe the fault lies in PrintfCallback cb_printf, considering that both of the previous commands use it for printing the output in the shell. Note that only a part of the result is printed when using oLj, while dLj prints almost the entire result.

    Here follows an example listing the hash plugins in JSON:

    [0x00000000]> Lhj
    [{"Name":"md5"},{"Name":"sha1"},{"Name":"sha256"},{"Name":"sha384"},{"Name":"sha512"},{"Name":"md4"},{"Name":"xor"},{"Name":"xorpair"},{"Name":"parity"},{"Name":"entropy"},{"Name":"hamdist"},{"Name":"pcprint"},{"Name":"mod255"},{"Name":"xxhash"},{"Name":"adler32"},{"Name":"luhn"},{"Name":"crc8smbus"},{"Name":"crc15can"},{"Name":"crc16"},{"Name":"crc16hdlc"},{"Name":"crc16usb"},{"Name":"crc16citt"},{"Name":"crc24"},{"Name":"crc32"},{"Name":"crc32c"},{"Name":"crc32ecma267"},{"Name":"crc32bzip2"},{"Name":"crc32d"},{"Name":"crc32mpeg2"},{"Name":"crc32posix"},{"Name":"crc32q"},{"Name":"crc32jamcrc"},{"Name":"crc32xfer"},{"Name":"crc64"},{"Name":"crc64ecma"},{"Name":"crc64we"},{"Name":"crc64xz"},{"Name":"crc64iso"},{"Name":"fletcher8"},{"Name":"fletcher16"},{"Name":"fletcher32"},{"Name":"fletcher64"}]
    

    I have also added tests, though I refrained from adding a test for dLj.

    Closing issues

    ...

    command RzCore merge-when-green 
    opened by theopechli 24
  • Commands that are both groups and have multi-mode cannot be listed

    Commands that are both groups and have multi-mode cannot be listed

    Work environment

    | Questions | Answers |------------------------------------------------------|-------------------- | OS/arch/bits (mandatory) | any | File format of the file you reverse (mandatory) | any | Architecture/bits of the file (mandatory) | any | rizin -v full output, not truncated (mandatory) | rizin 0.2.0-git @ linux-x86-64 commit: b409ed1149315509dccae7b7e07c93c19bf7a478, build: 2021-02-19__12:14:03

    Expected behavior

    There should be a way to list the sub-modes of all commands, even the ones that are already the parent of a group, like z. Initially we were just appending ?, but that means that to get the longer help of a command you may have a lot of ? (e.g. z? gives the list of sub-commands of z, z?? gives the list of sub-modes of the command z, z??? gives the short description of the command z with standard output, z???? gives the longer description of the command z with standard output... It seems a bit too confusing).

    Ideas?

    Steps to reproduce the behavior

    > z?
    # it returns the list of sub-commands of `z`
    Usage: z[?]   # Zignatures management
    | z[j*qk]        # Show zignatures
    | z.[*]          # Find matching zignatures
    | zb[r]          # Search for best match
    | z- <zigname|*> # Delete zignature
    | za[fF]         # Add zignature
    | zg             # Generate zignatures (alias for zaF)
    | zo[sz]         # Manage zignature files
    | zf<ds>         # Manage FLIRT signatures
    | z/[*f]         # Search zignatures
    | zc[n]          # Compare zignatures in current zignspace with another one
    | zs[j*-+r]      # Manage zignspaces
    | zi[j*qi]       # Show zignatures matching information
    > z??
    # it returns the longer description of `z`
    Usage: z[j*qk]   # Show zignatures
    > z.?
    # z. is not the name of a group, so z.? shows the sub-modes
    Usage: z.[*]   # Find matching zignatures
    | z.     # Find matching zignatures
    | z.*    # Find matching zignatures (rizin mode)
    

    Additional context

    By "sub-command" of z I mean commands like zi, zc, zg, zb, etc. By "sub-mode" of z I mean all those things that behave exactly the same as z but provide an output in a different format, like zj, z*, zq, etc. These things actually are commands to the user, but they are handled by the same command handler and provide the same information just in different formats.

    signatures shell 
    opened by ret2libc 24
  • rz-asm show a detailed description for a single opcode

    rz-asm show a detailed description for a single opcode

    Is your feature request related to a problem? Please describe. Is it possible to get a short text description associated to every instruction decoded?

    Describe the solution you'd like e.g.

    $ rz-asm -t -a x86  nop
    90
    No Operation
    Performs no operation. This instruction is a one-byte instruction that takes up space in the instruction stream but does not affect the machine context, except the EIP register.
    

    A json output would be nice as well:

    $ rz-asm -json -a x86  nop
    {
    "opcode": 90,
    "size": 1,
    "name": "No Operation",
    "description": "Performs no operation. This instruction is a one-byte instruction that takes up space in the instruction stream but does not affect the machine context, except the EIP register."
    }
    

    Describe alternatives you've considered

    • Consult online docs (not always available, slower to search).
    • Looked for a downloadable db in some common plaintext format (json, csv, xml, etc.), but still found none. If you know some alternative please post here.

    Additional context

    rz-asm 
    opened by eadmaster 23
  • Some method references in Dex are missing

    Some method references in Dex are missing

    Work environment

    | Questions | Answers | | ----------------------------------------------------- | ------------------------------------------------------------ | | OS/arch/bits (mandatory) | Ubuntu 20.04 | | File format of the file you reverse (mandatory) | APK | | Architecture/bits of the file (mandatory) | Dalvik | | rizin -v full output, not truncated (mandatory) | rizin 0.4.0-git @ linux-x86-64
    commit: 7b16c102654932cfae7f1d0ea3d2b909754ae9f9, build: 2022-03-16__08:32:49 |

    Expected behavior

    Detect all the method references in Dex.

    Actual behavior

    Some method references were missing.

    In the following scenario, I looked into a method's instruction at address 0x496f6. According to the disassembled result, it holds a reference to method sendTextMessage. However, commands axl and axf both missed that reference.

    ➜ rizin apk://13667fe3b0ad496a0cd157f34b7e0c991d72a4db.apk 
     -- Use 'e asm.offset=true' to show offsets in 16bit segment addressing mode.
    [0x00028498]> aaa
    [x] Analyze all flags starting with sym. and entry0 (aa)
    [x] Analyze function calls (aac)
    [x] Analyze len bytes of instructions for references (aar)
    [x] Check for classes
    [x] Finding xrefs in noncode section with analysis.in=io.maps
    [x] Analyze value pointers (aav)
    [x] Value from 0x00000000 to 0x000af474 (aav)
    [x] 0x00000000-0x000af474 in 0x0-0xaf474 (aav)
    [x] Emulate functions to find computed references (aaef)
    [x] Propagate noreturn information
    [x] Use -AA or aaaa to perform additional experimental analysis.
    [ERROR: sigdb path is unknown or invalid (path: /usr/local/share/rizin/sigdb)
    [x] Applied 0 FLIRT signatures via sigdb
    [0x00028498]> pd 1 @ 0x496f6
    │           0x000496f6      invoke-virtual/range {v2..v7}, Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Landroid/app/PendingIntent;Landroid/app/PendingIntent;)V
    [0x00028498]> axl~496f6
    [0x00028498]> axl~sendTextMessage
    [0x00028498]> axf @ 0x496f6
    [0x00028498]> 
    
    

    Steps to reproduce the behavior

    • Open the APK with Rizin
    • Type in the following commands.
    aaa
    pd 1 @ 0x496f6
    axl~496f6
    axl~sendTextMessage
    axf @ 0x496f6
    
    test-required DEX 
    opened by haeter525 22
  • Set CI buildtypes to highest opt level possible and set default buildtype to debugoptimized

    Set CI buildtypes to highest opt level possible and set default buildtype to debugoptimized

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This pr:

    1. Sets the buildtype for CI builds to release (-O3) except the asan and Codecov builds. This is done because compiler optimizers increase performance but can also change code behavior (especially if the code invokes UB) so this needs to be tested. 1.1 The asan buildtype is set to debugoptimized (-O2 -g) for hopefully sane stack traces. 1.2 The Codecov buildtype is set to debug because debugoptimized (as seen in https://github.com/rizinorg/rizin/pull/260#issuecomment-751470698) produces wonky Codecov reports.

    2. Set the default buildtype to debugoptimized due to reasons given in #256 i.e. users might leave performance on the table otherwise.

    Test plan

    All meson builds are green, including Windows and asan builds.

    Closing issues

    Closes #256.

    infrastructure command rizin rz-test RzLang RzAnalysis RzDebug rz-find rz-diff API panel rz-hash rz-run 
    opened by kazarmy 22
  • Golang string recovery on mips32/64, ppc64, riscv64 and sysz

    Golang string recovery on mips32/64, ppc64, riscv64 and sysz

    DO NOT SQUASH

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    I do have binaries that can be tested, but they are too big to be analyzed and some CIs might exceeds the max timeout (i.e. 1h) If i can find some other examples, i will add the test in another PR

    rz-test RzAnalysis RzCore PPC 
    opened by wargio 0
  • Split RzBin PE parser into pieces and refactor to be endianness-indepentent

    Split RzBin PE parser into pieces and refactor to be endianness-indepentent

    Currently the PE parser is located in librz/bin/format/pe/pe.c - just one huge C file. Idea is to split the parser into multiple files like it was done with ELF and make sure we don't read data directly into the C structures. We should use rz_buf_*_bleXX* functions to handle the endianess properly.

    See:

    • librz/bin/format/pe/
    • librz/bin/format/elf/

    Related to https://github.com/rizinorg/rizin/issues/297

    help wanted PE refactor 
    opened by XVilka 0
  • radare2 backports

    radare2 backports

    Your checklist for this pull request

    • [ ] I've read the guidelines for contributing to this repository
    • [ ] I made sure to follow the project's coding style
    • [ ] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    ...

    Test plan

    ...

    Closing issues

    ...

    rz-test RzBin API RzCore RzUtil 
    opened by ret2libc 0
  • Windows dynamic releases

    Windows dynamic releases

    I would like to link my code to rizin dynamically on the Windows platform. (Eg.: Just like how cutter links to rizin)

    Right now, my best options are either:

    • Build my own
    • Rip Cutter's rizin build

    It would be really helpful to also release a dynamic build, where I have all the required DLLs and LIBs needed.

    buildsystem Windows 
    opened by Unc3nZureD 0
  • Missing methods in multidex APK

    Missing methods in multidex APK

    Hi, I recently found when opening a multidex APK with apk://app.apk, Rizin didn't get all methods in the sample. Instead, command icm showed that methods in some Dex files were missing.

    Work environment

    | Questions | Answers | | ----------------------------------------------------- | ------------------------------------------------------------ | | OS/arch/bits (mandatory) | Ubuntu 22.04 | | File format of the file you reverse (mandatory) | APK | | Architecture/bits of the file (mandatory) | Dalvik | | rizin -v full output, not truncated (mandatory) | rizin 0.4.0 @ linux-x86-64
    commit: 423617930c938c31b7f197d9cd01e7416e1e4492, build: 2022-05-12__13:08:16 |

    Expected behavior

    Command icm lists all methods in the sample.

    Actual behavior

    Some methods were missing. Most of them are from the classes.dex, so I think the Dex file might not be correctly parsed.

    For example, when unzipping the APK and opening the classes.dex, we can find method Lcom/bumptech/glide/load/DataSource; <clinit>()V and its opcodes in this sample.

    $ unzip c02bd4289acacf65d9cb70ce42d0ff27.apk -d unzipped
    $ rizin unzipped/classes.dex
    [0x10016c4fc]> aaa
    [x] Analyze all flags starting with sym. and entry0 (aa)
    [x] Analyze function calls (aac)
    ...
    [0x10016c4fc]> icm~Lcom/bumptech/glide/load/DataSource\;~clinit
    0x1002c95a8  11741 Lcom/bumptech/glide/load/DataSource;    sC    <clinit>()V
    [0x10016c4fc]> pdf @ 0x1002c95a8
                ;-- entry231:
                ;-- sym.Lcom_bumptech_glide_load_DataSource_._clinit___V:   
    ┌ method.static.constructor.Lcom_bumptech_glide_load_DataSource_._clinit___V ();
    │           0x1002c95a8      new-instance v0, Lcom/bumptech/glide/load/DataSource; ; 0x1006bcf1f ; "$Lcom/bumptech/glide/load/DataSource;" ; void <clinit>()```
    │           0x1002c95ac      const/4 v1, 0
    │           0x1002c95ae      const-string v2, str.LOCAL                ; 0x10068ecb3
    │           0x1002c95b2      invoke-direct {v0, v2, v1}, Lcom/bumptech/glide/load/DataSource;-><init>(Ljava/lang/String;I)V ; method.private.constructor.Lcom_bumptech_glide_load_DataSource_._init__Ljava_lang_String_I_V
    ...
    

    However, when opening the APK with apk://app.apk, command icm shows that the method does not exist.

    $ rizin apk://c02bd4289acacf65d9cb70ce42d0ff27.apk
    [0x100966804]> aaa
    [x] Analyze all flags starting with sym. and entry0 (aa)
    [x] Analyze function calls (aac)
    ...
    [0x100966804]> icm~Lcom/bumptech/glide/load/DataSource\;~clinit
    [0x100966804]> 
    

    While this sample consists of two Dex files, classes.dex and classes2.dex, most of the missing methods are from the first Dex. I tried all possible commands to get the complete method list, but they all didn't work. Thus, I think it might be an issue.

    But if I have missed something, please let me know and I will close this issue. Many Thanks!

    Steps to reproduce the behavior

    • Open the APK with Rizin. (Password: infected)
    • Run the following commands.
    aaa
    icm~Lcom/bumptech/glide/load/DataSource\;~clinit
    
    test-required Android DEX 
    opened by haeter525 1
Releases(v0.3.4)
  • v0.3.3(Jan 7, 2022)

    • Add dist script to remove .git folders from subprojects
    • Add -e option to rz-diff to set configuration variables
    • Fix #2089 by checking the kind of DWARF attribute before demangling
    • Fix #469 by checking the value of analysis.jmp.cref
    • Fix #1710 by changing rflags register using dr
    • Fix #2013 for dependencies names which are called libmagic and libxxhash
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.3.pkg(7.28 MB)
    rizin-src-v0.3.3.tar.xz(9.92 MB)
    rizin-v0.3.3-android-aarch64.tar.gz(8.85 MB)
    rizin-v0.3.3-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.3-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.3-static-x86_64.tar.xz(47.80 MB)
    rizin-windows-static-v0.3.3.zip(63.28 MB)
    rizin_installer-v0.3.3-x86.exe(6.07 MB)
    rizin_installer-v0.3.3-x86_64.exe(6.54 MB)
  • v0.3.2(Dec 30, 2021)

    • Fix: UAF caused by parse_type_abstract_declarator_node()
    • Fix wrong buffer size reporting with shm://
    • Initialize retctx,ctx before freeing the inner elements
    • Init all fields in rz_cmd_state_output_init()
    • Fix #726 - Fix building for x86 Windows with clang-cl
    • Fix -Wunused-function warning on Mac
    • Fix OOB write for DWARF with abbrev with count 0
    • Fix crash due to NULL pointer dereference in rz_analysis_block_recurse()
    • Fix +/- in visual cursor mode
    • Fix self-referential typedef format
    • Make rz_strbuf_slice() truncate on excessive len
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.2.pkg(7.28 MB)
    rizin-src-v0.3.2.tar.xz(61.19 MB)
    rizin-v0.3.2-android-aarch64.tar.gz(8.84 MB)
    rizin-v0.3.2-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.2-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.2-static-x86_64.tar.xz(47.80 MB)
    rizin-windows-static-v0.3.2.zip(63.27 MB)
    rizin_installer-v0.3.2-x86.exe(6.06 MB)
    rizin_installer-v0.3.2-x86_64.exe(6.54 MB)
  • v0.3.1(Nov 17, 2021)

    • Add pid/pidfile on man/rz-run and make a pid option a boolean
    • Fix rax -t not considering GMT argument
    • Fixed 'Ctrl+Arrow' and 'Alt+Arrow' in rizin shell
    • Fix integer overflow and excessive memory usage in jump table analysis
    • Fix infinite loop if first case of switch table points to same block
    • Fix some NULL derefs in Windows Debugger
    • Removed junk on screen in visual mode with two columns
    • Detect shm_open() function with Meson
    • Haiku OS and DragonflyBSD build fixes
    • PE header parsing fixes when opened through shm:// IO plugin
    • Added CRC32 and entropy values in it output
    • Fix NULL pointer dereference due missing small_block method when OpenSSL is used.
    • Fix potential buffer overflow in RC2 hash
    • Move TSLanguage initialization into new rz_core_cmd_new() API
    • [DEX] remove bottleneck on rz_list_get_n()
    • Fix invalid v command resulting in black screen
    • Add few missing Windows types
    • Fix rotating colors with C in visual mode
    • Fix #1864: Find main() of Fedora 35 x86_64 /bin/ls
    • Use empty dependencies to avoid comparing different types (Meson 0.60 compatibility)
    • [Debug] Let gdb attach regularly and reset reason after attach
    • Enable flushing for oldinput_get_help()
    • Provide API for calculating sections digests
    • Move files to generate windows installer under dist/windows
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.1.pkg(7.28 MB)
    rizin-src-v0.3.1.tar.xz(61.12 MB)
    rizin-v0.3.1-android-aarch64.tar.gz(8.85 MB)
    rizin-v0.3.1-android-arm.tar.gz(9.35 MB)
    rizin-v0.3.1-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.1-static-x86_64.tar.xz(47.62 MB)
    rizin-windows-static-v0.3.1.zip(63.27 MB)
    rizin_installer-v0.3.1-x86.exe(6.06 MB)
    rizin_installer-v0.3.1-x86_64.exe(6.54 MB)
  • v0.3.0(Sep 25, 2021)

    Rizin v0.3.0

    A new release of Rizin is here, v0.3.0! This release has taken a bit longer than expected, but a lot of things have been done since the last release, including our first GSoC in the Rizin project. Look at our blogpost to know more about GSoC 2021.

    Below we would like to give you a glimpse at what we did, but be aware this is only a small fraction of the changes. You should look at our git history to see everything. Some of our work directly improves our users' experience, while others is more under the hood work, though we are sure it ultimately improves the experience of using and developing Rizin as well.

    Keep reading for some highlights of this new release.

    New

    • New RzType module: We moved all the types related functions from the RzAnalysis module to a new separate module: RzType. Instead of using a custom stripped-down version of the TinyCC, RzType parses C code by using a grammar defined with Tree-Sitter. RzType parser and loader now better validates types, which allowed us to fix several mistakes in the shipped type libraries for Linux, MacOS, and Windows. When a type is unknown or it is a typedef/atomic type without an underlying specification you may also find the special new type unknown_t which is an integer of the current file/platform word size. This new module allows us to better use types in several places of Rizin, Cutter and rz-ghidra!
    • SPDX headers: All files have been marked with SPDX headers that will help you and us check what kind of code we ship, which licenses, copyrights, etc.. Checks are in place in CI to ensure that all files will have SPDX headers going forward. image4
    • rz-diff hexadecimal view: We rewrote big parts of rz-diff tool to remove the dependency on the diff/git diff binary, optimize diffing functions and provide a new hexadecimal diffing view through the new -H option. image2
    • Shell new behavior: Rizin can now be started without any argument and it won't open any file, allowing you to later open a binary with o command as usual. We switched the behavior of - and = when starting Rizin, to better match what Linux users expect from a tool: - now reads the binary from stdin, while = now opens a malloc-ed file in memory. Try things with rizin and rizin =.
    • Global variables: So far you could only define variables local to a function (see afv commands), but we are now introducing global variables that can be defined at any fixed address with a given type. See avg? to see how to handle them. This is still a very early concept, but we plan to use them more and more for disassembly printing, analysis, in Cutter, and in rz-ghidra. They are going to replace the “type link” function you may know under the tl commands.

    Improvements

    • ELF parsing: Code for ELF parsing has been heavily refactored and adjusted to make better use of dynamic info provided in segments instead of relying on untrusted sections. Few new variables have been introduced to alter how ELF files should be parsed and validated, see elf vars with el elf. Support for DT_HASH and DT_GNU_HASH allows to determine more accurately the number of symbols in the dynamic symbol table. As one of the results of this work, a known anti-analysis technique that tries to hide used symbols is now defeated by Rizin. image5 image1
    • No more io.cache required to apply relocations: It was common in Rizin to get warning messages telling you to enable io.cache to fix binary relocations. We think that was unnecessary and wrong in concept as well. With this new release, the most relevant binary plugins were refactored to provide a list of mappings together with changes that should be applied on top, making relocations patching very easy and transparent for the end user. You will not have to set any particular variable nor will you see changes applied by Rizin itself mixed with changes you, as a user, did to the binary. image3
    • Commands ported to Rizin shell: Several commands were ported to Rizin unified shell, making them more consistent and easy to use. These commands have an automatically generated help, their arguments can be wrapped in quotes like you do in bash and they integrate better with Rizin. Some of those commands are: afvxa, afvxv, dts, L, pg, dmh, dm, pt, dc, H, av, ph, avg, i, !.
    • Project migration: With the first release of Rizin we mentioned our new project implementation which would allow our users to keep using older projects as they update their Rizin tools. Even though we are not at release 1.0.0 we already implemented project migrations that automatically update your old projects as you load them! Please report any issue you find with this, so that by the release 1.0.0 we can deliver something as stable as possible!
    • Support for multidex APK files: Initial work to support multidex APK
    • rz-hash: Code related to rz-hash was heavily refactored and it now supports loading of large files as well as HMAC combined with any hash algorithm.

    Fixes

    • Fix debugger in static build: The statically compiled rizin binary provided with last release was not able to debug other binaries, due to it being compiled on Alpine and the code using the ptrace API with the wrong types of arguments.

    • FLIRT decompression: Did you know you could load IDA FLIRT signatures files in Rizin with the zf commands? Now we support z-lib compressed FLIRT signatures as well, so try to load your FLIRT database with Rizin.

    • DEX parsing: Several bug fixes ranging from correctly listing symbols in a dex file, to better printing of methods and fields names, to resolution of invoke-virtual methods. image6

    • Ports: Added CI jobs for NetBSD and Linux PowerPC - all tests pass, various fixes for HaikuOS, DragonFlyBSD.

    There is more in this release and even more to come in the upcoming ones, like a new Intermediate Language, RzIL, that will replace ESIL, improved usage of PDB files, global variables refinement and yet other improvements on ELF parsing. If you wish to help us develop, test, document Rizin or you are just curious about it, look at our website https://rizin.re/community/ to know how to reach out to us!

    Enjoy Rizin v0.3.0,

    The Rizin team

    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.0.pkg(7.28 MB)
    rizin-src-v0.3.0.tar.xz(61.12 MB)
    rizin-v0.3.0-android-aarch64.tar.gz(8.84 MB)
    rizin-v0.3.0-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.0-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.0-static-x86_64.tar.xz(47.63 MB)
    rizin-windows-static-v0.3.0.zip(63.21 MB)
    rizin_installer-v0.3.0-x86.exe(6.06 MB)
    rizin_installer-v0.3.0-x86_64.exe(6.53 MB)
  • v0.2.1(Apr 22, 2021)

    • Remove unnecessary exit() calls from librz/
    • Fix wrong demangling of __TIFFSwab16BitData
    • Prevent infinite recursion in DWARF parsing
    • Detect presence of extern char **environ (fixes old MacOS build)
    • Fix SDB and SPP linking with RzUtil
    • Fix RzDiff/RzTest to use subprocess API
    • Fetching all references with rz-pm to support release tags
    • Fix FreeBSD 13 build
    • Fix Gentoo SDB build to use proper Python environment
    • Fix the wrong use of wcstombs()
    • Various UAF, OOB, NULL DEREF fixes
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.2.1.pkg(7.01 MB)
    rizin-src-v0.2.1.tar.xz(49.05 MB)
    rizin-v0.2.1-android-aarch64.tar.gz(8.65 MB)
    rizin-v0.2.1-android-arm.tar.gz(9.13 MB)
    rizin-v0.2.1-android-x86_64.tar.gz(9.07 MB)
    rizin-v0.2.1-static-x86_64.tar.xz(46.76 MB)
    rizin-windows-static-v0.2.1.zip(61.79 MB)
    rizin_installer-v0.2.1-x86.exe(5.91 MB)
    rizin_installer-v0.2.1-x86_64.exe(6.37 MB)
  • v0.2.0(Apr 8, 2021)

    Command changes

    • Add exit command to exit Rizin
    • Add dmhv as verbose version of dmh
    • Add afb-* command to delete all basic blocks of a function
    • Support in newshell for <cmd>?*[j] and ?*[j] <command>
    • Extend output of iS to show more information about sections
    • Fix =!= in newshell to support "fd" argument
    • Merge CL and iX into ix
    • Remove ?: because it does not exist and contains :
    • Rename o: to oC to avoid :
    • Rename s: to spad to avoid :
    • Rename =: and =&: to =r and =&r to avoid :
    • Rename sH commands to sh
    • Remove "comment" argument from zi* and f*
    • Remove the command tail
    • Remove tfc, move to tf, add tfk
    • Remove tna and tnn commands
    • Remove join command
    • Remove head command
    • Remove less and directly list ls command
    • Remove touch command
    • Remove axF command
    • Remove afb. and change how afbi commands work to be more consistent with afb
    • Port q commands to newshell
    • Port afb commands to newshell
    • Port afB command to newshell
    • Port afs commands to newshell
    • Port afx command to newshell
    • Port afS command to newshell
    • Port afo command to newshell
    • Port afu command to newshell
    • Port afv commands to newshell
    • Port t commands to newshell
    • Port dsu commands to newshell
    • Port wf commands to newshell

    Analysis improvements

    • Complete acvf command to better lookup function address on vtable offset
    • Better type analysis

    Updates

    • Update rizin-shell-parser to tree-sitter 0.19.4
    • Update embedded SDB

    Architecture changes

    • Java bytecode disassembly/analysis/assembly/binary plugins are rewritten from scratch and covered by tests
    • Implemented Lua 5.4 bytecode disassembly/analysis/binary plugins (luac)
    • Enabled Python bytecode (pyc) support and covered by tests
    • Remove Whitespace Asm+Analysis Plugins (ws) because the Results are wrong

    Debugging

    • Various heap parsing improvements (dmh command)

    Various

    • Performance improvements on loading big files with DWARF information
    • Improve developer and contributor documentation
    • Add tests for different compilers and ABI
    • Better SPDX/REUSE conformance of the source code
    • Cleanup of the code to remove unnecessary parts e.g. some of JSON duplicated code
    • Refactored all dependencies into Meson subprojects (lz4, zip, zlib, yxml, etc)
    • Removed old ACR/Makefile files
    • Refactored to use API calls instead of calling commands (rz_core_cmd*()) inside Rizin codebase
    • Improved static "portable" builds to use relative paths for supplementary files
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.2.0.pkg(6.99 MB)
    rizin-src-v0.2.0.tar.xz(49.05 MB)
    rizin-v0.2.0-android-aarch64.tar.gz(8.65 MB)
    rizin-v0.2.0-android-arm.tar.gz(9.13 MB)
    rizin-v0.2.0-android-x86_64.tar.gz(9.08 MB)
    rizin-v0.2.0-static-x86_64.tar.xz(46.76 MB)
    rizin-windows-static-v0.2.0.zip(61.80 MB)
    rizin_installer-v0.2.0-x86.exe(5.91 MB)
    rizin_installer-v0.2.0-x86_64.exe(6.36 MB)
  • v0.1.1(Mar 27, 2021)

    This is an intermediate bugfix release before the larger 0.2.0.

    Changes

    • Add more config vars to the projects load wxclusions (#911)
    • Rename esil.7 to rz-esil.7 manpage to avoid collisions with r2
    • Fix UAF in rz_bin_reset_strings() (#772)
    • Check if core plugin implements call before calling (#670)
    • Use GZip when compressing android release archives (#575)
    • Provide both x86/x64 windows installers (#548)
    • core/agraph: reintroduce Shift-Tab to move to prev node (#553)
    • Fix io.va being set to true after aaft (#459)
    • Fix "‘%s directive argument is null" warnings (#464)
    • Consider all functions in afl. and print error if no function is there
    • Fix signature in JSON mode in Mach-O and check for NULL signature (#463)
    • #include <errno.h> explicitly in rz_types.h (#452)
    • COFF: set zero size for label-symbols (#448)
    • COFF: handle empty sections (#447)
    • Meson: Escape paths on Windows (#444)
    • Fix memleaks in ESIL op handlers (#438)
    • Prevent FD_ZERO formatting from mangling by clang-format (#437)
    • Fix crash with es without args (#436)
    • Fix crash with el without args (#434)
    • Extend warning when debug on macOS fails
    Source code(tar.gz)
    Source code(zip)
    rizin-0.1.1-android-aarch64.tar.gz(8.56 MB)
    rizin-0.1.1-android-arm.tar.gz(9.05 MB)
    rizin-0.1.1-android-x86_64.tar.gz(8.99 MB)
    rizin-0.1.1-static-x86_64.tar.xz(45.48 MB)
    rizin-macos-0.1.1.pkg(8.54 MB)
    rizin-src-0.1.1.tar.xz(5.22 MB)
    rizin-windows-static-0.1.1.zip(65.58 MB)
    rizin_installer-0.1.1-x86.exe(6.10 MB)
    rizin_installer-0.1.1-x86_64.exe(6.62 MB)
  • v0.1.0(Jan 22, 2021)

    v0.1.0

    Today, we're shipping our first release, Rizin 0.1.0 :rocket:.

    It has been a long ride and we're thankful to all the developers who contributed to Rizin and decided to stick with us. We couldn't have done it without you all.

    We're so excited to bring you the first release of Rizin, which is the opening shot of the project and only the beginning. The release is packed with new and robust features. We now have Projects and a plethora of commands switched to our new unified command parser. Below, you'll find a complete and comprehensive list of what's new and what has changed.

    On this first release of Rizin, we put our efforts in refactoring and discarding parts of the code that are not the focus of Rizin as a reverse engineering framework, and those which were unpurposed, outdated or left as proof of concepts. Along with this refactoring, we improved the building and packaging process (see more in our "Why Meson" blog post). Apart from that, the two biggest changes are new, actually working Projects (see more in our "Introducing new Projects" blog post) and migration of many commands and auto-completion feature to the "newshell" (a tree-sitter-based commands parser) which is now set to default. Some of the unnecessary commands were removed, some commands and configuration variables were changed to pursue a better user experience and to smooth the learning curve.

    See the more detailed list of the changes below:

    • New features

    • Command changes

      • Commands converted to newshell:
        • uniq
        • uname
        • ls
        • *
        • _
        • sleep
        • . subcommands
        • P subcommands
        • = subcommands
        • s subcommands
        • & subcommands
        • w subcommands (not complete)
        • z subcommands
        • e subcommands
      • Relevant changes to commands
        • @@ and @@@ commands were unified under @@ . See @@? for more info.
        • seek history commands were all moved under sH. In particular: s- (seek undo) becomes sHu; s+ (seek redo) becomes sHr; s*, s, s! are grouped under sH; s= is removed
        • sl (seek line) and prl were removed
        • s accepts only an absolute value. Instead of having different behaviour on s +10+3 vs s 10+3, now s behaves the same. If you want to move relative to the current offset, use sd (seek delta).
        • ss (seek silent) subcommands were removed in favour of the new eval var cfg.seek.silent, that is accepted by all seek commands.
        • e? was removed in favour of el (eval list). Other commands that listed evals in different formats (e*, ej, etc.) were moved under el.
        • e, was removed because e can now accept multiple sets/gets in one shot
        • ev and evj were removed in favour of ell and elJ.
        • ed was removed since there can be multiple configuration files
        • e won't accept spaces when assigning a value to a variable. e asm.bytes = true is not valid anymore, while e asm.bytes=true is. This allows the command to support multiple arguments easily, like e asm.bytes=true asm.arch=x86.
        • The commands converted to newshell do not accept the syntax without a space between the command name and the argument anymore, in favor of a more rigid approach that splits them, similar to what's done by other shells (e.g. s+3 , z-zigname won't work anymore)
      • Misc
        • Commands that provide different output modes are grouped together
        • Commands are defined through a YAML file that describe the command, its arguments, a summary and a longer description.
        • The help tree structure is automatically computed based on the YAML definition. For each command, arguments and sub-options in the help are automatically printed most of the times.
    • New commands

      • opr , opn to open next file and opp to open previous file
      • Lp to list parser plugins
      • om.j for JSON output of om. to show the map for the current offset
      • aecb to continue backwards in ESIL emulation mode
      • Add rz-ax -I option to convert from/to LONG and IP address
    • Configuration variables' changes

      • cfg.newshell.autocompletion to enable/disable autocompletion based on newshell data. This uses the information provided in cmd_descs.yaml to know the type of each argument. Those info are the same used by the shell to know how many arguments a command accepts. It supports autocompletion of all the arguments of a command, not just the first. However it works only for commands converted to newshell and it is currently disabled by default
      • cfg.seek.silent when true, seek commands do not save seek movements in the seek history
      • cfg.seek.histsize maximum size of the seek history
      • asm.bytes set to false by default
      • Set asm.tabs to 6 and enable asm.tabs.once by default
      • Rename asm.filter to asm.sub.names
      • Add analysis.cc and analysis.syscc to set the current calling convention and syscall convention, remove hardcoded conventions
      • zign.{graph,bytes,offset,refs,hash,types} moved to zign.match.
      • dbg.create_new_console added, to create a new console window for the debugee on debug start
      • Added cfg.json.* variables for JSON encoding settings
      • Added asm.hint.call.indirect to make indirect calls follow the target address
      • Removed http.sync, http.ui, http.sandbox scr.tts , scr.demo, file.desc, file.md5, file.location, dbg.libc.dbglib, cmd.xterm, lines.*, cmd.pdc, cmd.log
    • Code cleanup

      • Removed WebUI and HTTP server implementation (except pieces required for the RzPipe http:// to work.
      • Removed the sandbox feature, donut printing, stiv (image preview), 2048 game
      • Removed scr.demo mode
      • Removed cfg.r2wars mode
      • Removed snow from Visual Panels mode
      • Removed function folding feature from Visual mode
      • Removed pdc pseudo decompiler in favor of RzGhidra and JSDec (URL)
      • Removed rz-patch tool (former rapatch2)
      • Removed citem (i. command)
      • Removed incomplete TTS support (cfg.fortunes.tts and scr.tts, also |T command)
      • Removed various outdated and unused scripts from sys/
      • Removed MinGW and Cygwin support from ACR/Makefiles
      • Removed Emscripten support
      • Removed (some of them moved to the book (URL)) various outdated documentation files from doc/
      • Removed the REIL support (aetr command)
      • Removed a2f analysis mode (analysis.a2f configuration variable)
      • Removed io.mmap plugin and rely on io.default implementation instead
      • Removed afc= command (use analysis.cc instead)
      • Removed afil command
      • Removed obsolete Windows debugging files (w32.[ch])
      • Removed unused callback.c
      • Removed filesystems mount support (m commands) and outdated GRUB code
      • Removed T commands (logging feature)
      • Removed u commands and Q alias
      • Removed ' and \ (both are an alias for =!) commands
      • Removed : commands
      • Removed p3 command (3D stereogram)
      • Removed /me command (IRC-like feature)
      • Removed support for the multiline comments (/* */)
      • Removed join, head, and less commands in favor of the ~ subcommands
      • Removed afc=, arS
    • Refactoring

      • SDB switched to use submodule instead of embedding into the repository
      • Tree-sitter runtime switched to use submodule instead of embedding into the repository
      • Most of the JSON printing migrated to the PJ API
      • Extract subprocess API used in rz-test to RzUtil, as a preliminary step in re-using those API for all code paths that interact with a child process
      • Reduce coupling between RzCore and Tasks
      • Move seek history processing from RzIO to RzCore
      • Refactoring to reduce code duplication of all binutils-based disassembly and assembly plugins (CRIS, HPPA, Lanai, MIPS, PPC, SPARC plugins)
      • Remove global variables from rz-find tool
      • Set C99 as the minimum required C standard supported. C99 standard has been used to compile SDB for many years, so we are now just taking full advantage of the standard in the whole project.
      • Code style is unified and automated with clang-format tool, see sys/clang-format.py script.
      • License headers updated to use SPDX machine-friendly format
      • Use meson dist to create the source tarball and refactor building release artifacts and corresponding CI logic
    • Assembly improvements

      • New PowerPC assembly plugin (asm.ppc)
    • Analysis improvements

      The basic blocks module was completely rewritten resulting in speed and analysis quality improvements for all supported architectures.

      Detection of the changes upon write and and refreshing the function graph.

      Improved UTF-16 strings autodetection

      Added ESIL sign extension operator ~=

      The analysis of the following architectures was improved significantly:

      • AVR
      • SPC700
      • V850
      • RISC-V (including new asm.pseudo plugin)
      • ARM32 (mostly pseudocode and ESIL improvements, update arm.winedbg)
      • ARM64 (including the major fix for the variable access analysis and syscall support)
      • SystemZ (added calling convention support)
      • Tricore (added instruction descriptions, see asm.describe)
      • PowerPC (libvle updates)
      • x86 (ESIL updates)
    • File formats

      • COFF: add ARMNT and ARM64 support
      • COFF: various small parsing fixes
      • Rewritten *.ar parsing to support multifile archives
      • PE and Windows minidump parsing fixes and performance optimizations
      • PE fixes for delayed imports
      • PE support for the RISC-V target
      • Print additional ELF headers with rz-bin -H option
      • Improvements for DWARF and PDB parsing and information import
    • Debugger

      • WinDbg/KD fixes
      • FreeBSD and DragonFlyBSD fixes
      • dts (debug trace session and reversible debugging feature) improvements
      • Add support and autodetection of the RISC-V targets for the GDB remote server connection
    • IO

      • Cache performance optimizations
    • Tests

      • Add an option to store logs with rz-test (-o option)
    • Misc:

      • Static builds are switched to use Alpine/Musl-based builds to not depend on the GLIBC version
      • Show all possible config variable values in the Ve menu
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.1.0.pkg(8.54 MB)
    rizin-src-v0.1.0.tar.xz(5.21 MB)
    rizin-v0.1.0-android-aarch64.tar.gz(29.09 MB)
    rizin-v0.1.0-android-arm.tar.gz(27.78 MB)
    rizin-v0.1.0-android-x86_64.tar.gz(30.33 MB)
    rizin-v0.1.0-static-x86_64.tar.xz(45.47 MB)
    rizin-windows-static-v0.1.0.zip(65.54 MB)
    rizin_installer-v0.1.0.exe(6.63 MB)
Owner
Rizin Organization
Rizin is a free and open-source Reverse Engineering framework
Rizin Organization
led is a line-oriented text editor in command line

led is a line-oriented text editor in command line. This editor is similar to the standard program on unix systems - GNU ed. But i'm not going to make an exact clone of that program, it's just a pet project.

Artem Mironov 9 Mar 4, 2022
Simple Unix Terminal Football Manager-like game.

Superleage 2020/2021 It is a "work in progress" simple game based on some mechanics of Football Manager. The game is in a very early stage of Developm

sewe2000 2 Oct 14, 2021
CLI11 is a command line parser for C++11 and beyond that provides a rich feature set with a simple and intuitive interface.

CLI11: Command line parser for C++11 What's new • Documentation • API Reference CLI11 is a command line parser for C++11 and beyond that provides a ri

null 2.1k May 10, 2022
A simple to use, composable, command line parser for C++ 11 and beyond

Clara v1.1.5 !! This repository is unmaintained. Go here for a fork that is somewhat maintained. !! A simple to use, composable, command line parser f

Catch Org 651 Apr 30, 2022
A simple to use, composable, command line parser for C++ 11 and beyond

Lyra A simple to use, composing, header only, command line arguments parser for C++ 11 and beyond. Obtain License Standards Stats Tests License Distri

Build Frameworks Group 337 May 8, 2022
A single header C++ library for parsing command line arguments and options with minimal amount of code

Quick Arg Parser Tired of unwieldy tools like getopt or argp? Quick Arg Parser is a single header C++ library for parsing command line arguments

null 44 Feb 21, 2022
null 76 Apr 18, 2022
Simple command line utilities for extracting data from Fallout 4 and 76 files

fo76utils Simple command line utilities for extracting data from Fallout 4 and 76 files. baunpack - list the contents of, or extract from .BA2 archive

null 6 Apr 10, 2022
A command line tool for numerically computing Out-of-time-ordered correlations for N=4 supersymmetric Yang-Mills theory and Beta deformed N=4 SYM.

A command line tool to compute OTOC for N=4 supersymmetric Yang–Mills theory This is a command line tool to numerically compute Out-of-time-ordered co

Gaoli Chen 1 Oct 16, 2021
C++ Library for pulling system and hardware information, without hitting the command line.

infoware C++ Library for pulling system and hardware information, without hitting the command line. Requirements No non-built-in ones by default. Some

The Phantom Derpstorm 278 May 13, 2022
EAMain provides a multi-platform entry point used for platforms that don't support console output, return codes and command-line arguments.

EAMain provides a multi-platform entry point used for platforms that don't support console output, return codes and command-line arguments.

Electronic Arts 29 Dec 27, 2021
A library for interactive command line interfaces in modern C++

cli A cross-platform header only C++14 library for interactive command line interfaces (Cisco style) Features Header only Cross-platform (linux and wi

Daniele Pallastrelli 782 May 9, 2022
Lightweight C++ command line option parser

Release versions Note that master is generally a work in progress, and you probably want to use a tagged release version. Version 3 breaking changes I

null 3.1k May 12, 2022
CLIp is a clipboard emulator for a command line interface written in 100% standard C only. Pipe to it to copy, pipe from it to paste.

CLIp v2 About CLIp is a powerful yet easy to use and minimal clipboard manager for a command line environment, with no dependencies or bloat. Usage Sy

A.P. Jo. 12 Sep 18, 2021
pbr2gltf2 is a command line tool for converting PBR images to a glTF 2.0 material.

pbr2gltf2 is a command line tool for converting PBR images to a glTF 2.0 material. The tool is detecting depending on the filename, which PBR information is stored. It swizzles the images and does reassign the channels to a glTF 2.0 image. The tool stores the images plus a minimal, valid glTF 2.0 file containing the required material, textures and images.

UX3D GmbH 22 Jan 11, 2022
A command-line tool to display colorful distro information.

sjfetch A command-line tool to display colorful distro information.

Fikret Musk 6 Apr 6, 2022
LwSHELL is lightweight, platform independent, command line shell for embedded systems.

LwSHELL is lightweight, platform independent, command line shell for embedded systems. It targets communication with embedded systems from remote terminal to quickly send commands and the retrieve data from the device.

Tilen Majerle 47 May 6, 2022
Toybox: all-in-one Linux command line.

Toybox: all-in-one Linux command line.

Rob Landley 1.7k May 16, 2022
Simple command line tool that processes image files using the FidelityFX Super Resolution (FSR) or Contrast Adaptive Sharpening (CAS) shader systems.

Simple command line tool that processes image files using the FidelityFX Super Resolution (FSR) or Contrast Adaptive Sharpening (CAS) shader systems.

GPUOpen Effects 164 May 3, 2022