Rizin - UNIX-like reverse engineering framework and command-line toolset.

Overview

Rizin logo

Rizin

Rizin is a fork of the radare2 reverse engineering framework with a focus on usability, working features and code cleanliness.

Rizin is portable and it can be used to analyze binaries, disassemble code, debug programs, as a forensics tool, as a scriptable command-line hexadecimal editor able to open disk files, and much more!

To learn more on Rizin you may want to read the official Rizin book.

How to install

You can find the latest release binaries for Android, Debian, Ubuntu, MacOS, Windows here. If we don't provide a released binary for your system, you can still build Rizin yourself.

How to build

Use meson to compile and install Rizin. Please make sure to get an updated meson (e.g. get it with pip install meson if your system does not provide one that is at least version 0.55.0).

Clone this repository:

$ git clone https://github.com/rizinorg/rizin

Then compile and install with:

$ meson build
$ ninja -C build
$ sudo ninja -C build install

Now you can use rizin:

$ rizin
 -- Thank you for using rizin. Have a nice night!
[0x00000000]>

To uninstall rizin, execute sudo ninja -C build uninstall.

Please have a look at BUILDING.md for more information about building Rizin.

Contributing

We very much welcome any kind of contributions, from typos, to documentation, to refactoring, up to completely new features you may think of. Before contributing, we would like you to read the file CONTRIBUTING.md, so that we can all be on the same page.

Tests

Look at test/README.md.

Supported features

Supported Operating Systems

Windows (since XP), GNU/Linux, GNU/Darwin, GNU/Hurd, Apple's {Mac,i,iPad,watch}OS, [Dragonfly|Net|Free|Open]BSD, Android, QNX, Solaris, Haiku, FirefoxOS.

Supported Architectures

i386, x86-64, ARM, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, m680x, AVR, XAP, System Z, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, V850, CRIS, XAP, PIC, LM32, 8051, 6502, i4004, i8080, Propeller, Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, NIOS II, TMS320 (c54x, c55x, c55+, c66), Hexagon, DCPU16, LANAI, MCORE, mcs96, RSP, SuperH-4, VAX, AMD Am29000.

There is also support for the following bytecode formats:

Dalvik, EBC, Java, Lua, Python, WebAssembly, Brainfuck, Malbolge

Supported File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, QNX, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs.

Scripting

We provide a way to interact with Rizin from Python, Haskell, OCaml, Ruby, Rust, and Go languages through rzpipe. Other languages although not currently supported could be easily added.

Community

Our website and blog: https://www.rizin.re/

Join our Mattermost community to discuss Rizin, its development, and general topics related to the project.

We also provide the following partial bridges to other messaging platforms:

Comments
  • Change -, --, =  argument and = command meaning

    Change -, --, = argument and = command meaning

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [x] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    • Remove the = special flag from Rizin's startup flags to avoid possible confusion with the client/server = meaning in interactive mode
    • Move the = interactive client/server family command to R (new) interactive family command (short for "Remote")
    • -- is used to signal "end of flags" to be consistent with the standard command line utilities syntax. ...

    Test plan

    From https://github.com/rizinorg/rizin/issues/615:

    • rizin
    • rizin --
    • rizin -test
    • rizin -- -test
    • rizin -d -- -test

    From https://github.com/rizinorg/rizin/issues/616:

    • rizin =

    • rizin - < test/bins/elf/ls

    • for the test

    ➜  rizin_bak git:(startissue) rizin 
     -- The '?' command can be used to evaluate math expressions. Like this: '? (0x34+22)*4'
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) rizin --
     -- Seek at relative offsets with 's +<offset>' or 's -<offset>'
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin -- -test
     -- Review all the subcommands of aa to see better ways to analyze your targets.
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin -d -- -test
    Process with PID 1981196 started...
    = attach 1981196 1981196
    bin.baddr 0x555555554000
    Using 0x555555554000
    asm.bits 64
     -- Find wide-char strings with the '/w <string>' command
    [0x7ffff7fd3090]> 
    
    ➜  rizin_bak git:(startissue) rizin =
     -- Use scr.accel to browse the file faster!
    [0x00000000]> 
    
    ➜  rizin_bak git:(startissue) ✗ rizin - < test/bins/elf/ls
    ^D
     -- Get a free shell with 'rz_gg -i exec -x'
    [0x00000000]> 
    
    

    Closing issues

    Fix #616 Swap - (single dash) and = (equal sign) meaning Fix #615 -- (double dash) should be treated as "end of flags" | Allow launching Rizin without a

    ...

    command rizin rz-test RzIO RzCore GDB 
    opened by seanachao 40
  • Port `C` (metainformation) commands to the rzshell

    Port `C` (metainformation) commands to the rzshell

    SQUASH ME

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    • Port C (meta information, comments) commands to the newshell
    • Moved all subcommands of Cvr, Cvs, Cvb to the higher level as subcommands of Cv: - Cv [name] [text] to append the comment of any kind of variable - Cv- [name] to remove the comment of any kind of variable - Cve [name] to open cfg.editor to edit the comment of any kind of variable
    • Cvr, Cvs, and Cvb just list all comments of the variables/arguments of the corresponding kind
    • Cd previously allowed the second parameter (repeat) to be passed in two different ways: Cd 4[8] and Cd 4 8, where 4 is the size and 8 is the repeat. I removed the Cd 4[8] and left only Cd 4 8 for simplicity and consistency.
    • Csj, Cs*, Csl became Cslj, Csl*, Csll since pure Cs should not list strings and only add it, Csl was made to list strings in various modes.
    • Cd, Cf, CC, CS now require their arguments, previously called without arguments they were listing corresponding meta information.
    • The listing feature moved to Cdl, Cfl, CCl, CSl, etc, similar to Csl.
    • Cz command as an alias to Csa command was completely removed
    • CC, (filelink) command was renamed to CCF.
    • CCa (append command) was removed in favor of plain CC
    • Csg command to guess encoding was removed, Cs now tries to guess the encoding by default
    • Cs.. was renamed to Cs.l - as in LONG output type of the Cs. command (there is also JSON output with Cs.j)
    • Added new commands Csw and CsW to add UTF-16 and UTF-32 strings correspondingly

    Test plan

    CI is green

    Closes https://github.com/rizinorg/rizin/issues/792 Partially addresses #1342

    command rz-test RzBin API RzCore merge-when-green ELF 
    opened by XVilka 31
  • Update Hexagon asm and analysis plugins

    Update Hexagon asm and analysis plugins

    Replaces https://github.com/rizinorg/rizin/pull/1338

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    Updates Hexagon analysis and asm plugin.

    Supports

    • Add asm support for v5-v68 and HVX instructions
      • Recognize instruction packets.
    • Basic analysis support
      • set instruction type (return, call, jumps hardware loop etc.)
      • Enables search for immediate operands.
    • Patching of relocs

    Not yet implemented

    Test plan

    See test files.

    Closing issues

    closes https://github.com/rizinorg/rz-hexagon/issues/13 closes https://github.com/rizinorg/rz-hexagon/issues/15 closes https://github.com/rizinorg/rz-hexagon/issues/17 closes https://github.com/rizinorg/rz-hexagon/issues/18 closes https://github.com/rizinorg/rz-hexagon/issues/19 closes https://github.com/rizinorg/rz-hexagon/issues/21 closes https://github.com/rizinorg/rz-hexagon/issues/22 closes https://github.com/rizinorg/rz-hexagon/issues/24

    infrastructure rz-test RzBin RzAnalysis API ESIL RzCore ELF ARM RZIL 
    opened by Rot127 29
  • Refactor output modes to use enum (#489)

    Refactor output modes to use enum (#489)

    SQUASH ME

    Original PR: #929

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    Refactored output modes to use enum. int mode and char mode patterns in the code have been replaced with RzOutputMode enum type.

    Refactoring is still in progress.

    Test plan

    ...

    Closing issues

    closes #489

    command waiting-for-author 
    opened by valdaarhun 27
  • Hexagon update

    Hexagon update

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This is an update of the hexagon asm and analysis plugin. It used the LLVM source to generate the plugin code.

    This pull request only synchronizes the source code with the rz-hexagon repo. For more details please refer to the pull request over there: https://github.com/rizinorg/rz-hexagon/pull/4

    Test plan

    asm tests The tests for the asm plugin are updated as well, since some of the old ones where incorrect. The asm tests in this pull requests were written and disassembled with the Hexagon IDE tools.

    analysis tests Those tests got not updated (unfortunately my dev time is up for this month) and fail at the moment. I confirmed the correct working of the hardware loops, jumps and calls manually.

    Closing issues closes https://github.com/rizinorg/rz-hexagon/issues/13

    None

    RzBin RzAnalysis 
    opened by Rot127 26
  • UTF-16 be, UTF-32 be support

    UTF-16 be, UTF-32 be support

    Hi! I'm trying to become more comfortable with the code trying to solve some issues. I'm sorry if I'm doing something wrong!

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This PR:

    • refactor string_scan_range of librz/bin/bfile.c by moving the string searching logic to the file librz/util/str_search.c (as suggested in #1052).
    • adds support for the detection of UTF-16 BE and UTF-32 BE strings.

    The introduced public API due to refactoring is the following:

    RZ_API int rz_scan_strings(RzList *list, RzBuffer *buf_to_scan,
    	const ut64 from, const ut64 to, int min_str_length, int type);
    

    it looks for strings in the RzBuffer buf_to_scan, filling the RzList list. string_scan_range now uses this API. Unfortunately, it is possibly slower than the previous version, since it always allocates a list that is passed to rz_scan_strings. Ofc I can revert these modifications.


    UTF-16 BE and UTF-32 BE detection heuristic should be very similar to the one for UTF-16 LE and UTF-32 LE. It simply checks the following pattern for the first 6 bytes of the string: UTF-32 BE: 00 00 00 XX 00 00 UTF-16 BE: 00 XX 00 XX 00 XX

    where XX is a byte != 0


    I did not add (yet) big-endian strings here since I am not sure that rz_utf_block_list would work with big-endian UTF strings.

    Test plan

    I did not add any tests yet. I'm just using this file to perform some preliminary tests, running: rz-bin -zz /path/to/encodings

    output before this commit:

    [Strings]
    nth paddr      vaddr      len size section type    string
    ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――
    0   0x00000000 0x00000000 20  21           ascii   i am an ascii string
    1   0x00000020 0x00000020 19  21           utf8    i am a ÙTF-8 string blocks=Basic Latin,Latin-1 Supplement
    2   0x00000040 0x00000040 22  46           utf16le i am a UTF-16le string
    3   0x00000071 0x00000071 21  43           utf16le i am a UTF-16be strin
    4   0x000000a0 0x000000a0 22  92           utf32le i am a UTF-32le string
    5   0x00000103 0x00000103 21  88           utf32le i am a UTF-32be strin
    

    output after this commit:

    [Strings]
    nth paddr      vaddr      len size section type    string                                                    
    ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――
    0   0x00000000 0x00000000 20  21           ascii   i am an ascii string
    1   0x00000020 0x00000020 19  21           utf8    i am a ÙTF-8 string blocks=Basic Latin,Latin-1 Supplement
    2   0x00000040 0x00000040 22  46           utf16le i am a UTF-16le string
    3   0x00000070 0x00000070 22  46           utf16be i am a UTF-16be string
    4   0x000000a0 0x000000a0 22  92           utf32le i am a UTF-32le string
    5   0x00000100 0x00000100 22  92           utf32be i am a UTF-32be string
    

    Closing issues

    closes #1052

    rz-test API test-required high-priority refactor RzUtil 
    opened by borzacchiello 25
  • Print the Rizin plugin information in JSON

    Print the Rizin plugin information in JSON

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [X] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This PR enables the user to print the rizin plugin info in JSON. It is related to another issue from Cutter. link

    Test plan

    This works for all L commands, except dLj and oLj (not implemented in this PR). I believe the fault lies in PrintfCallback cb_printf, considering that both of the previous commands use it for printing the output in the shell. Note that only a part of the result is printed when using oLj, while dLj prints almost the entire result.

    Here follows an example listing the hash plugins in JSON:

    [0x00000000]> Lhj
    [{"Name":"md5"},{"Name":"sha1"},{"Name":"sha256"},{"Name":"sha384"},{"Name":"sha512"},{"Name":"md4"},{"Name":"xor"},{"Name":"xorpair"},{"Name":"parity"},{"Name":"entropy"},{"Name":"hamdist"},{"Name":"pcprint"},{"Name":"mod255"},{"Name":"xxhash"},{"Name":"adler32"},{"Name":"luhn"},{"Name":"crc8smbus"},{"Name":"crc15can"},{"Name":"crc16"},{"Name":"crc16hdlc"},{"Name":"crc16usb"},{"Name":"crc16citt"},{"Name":"crc24"},{"Name":"crc32"},{"Name":"crc32c"},{"Name":"crc32ecma267"},{"Name":"crc32bzip2"},{"Name":"crc32d"},{"Name":"crc32mpeg2"},{"Name":"crc32posix"},{"Name":"crc32q"},{"Name":"crc32jamcrc"},{"Name":"crc32xfer"},{"Name":"crc64"},{"Name":"crc64ecma"},{"Name":"crc64we"},{"Name":"crc64xz"},{"Name":"crc64iso"},{"Name":"fletcher8"},{"Name":"fletcher16"},{"Name":"fletcher32"},{"Name":"fletcher64"}]
    

    I have also added tests, though I refrained from adding a test for dLj.

    Closing issues

    ...

    command RzCore merge-when-green 
    opened by theopechli 24
  • Commands that are both groups and have multi-mode cannot be listed

    Commands that are both groups and have multi-mode cannot be listed

    Work environment

    | Questions | Answers |------------------------------------------------------|-------------------- | OS/arch/bits (mandatory) | any | File format of the file you reverse (mandatory) | any | Architecture/bits of the file (mandatory) | any | rizin -v full output, not truncated (mandatory) | rizin 0.2.0-git @ linux-x86-64 commit: b409ed1149315509dccae7b7e07c93c19bf7a478, build: 2021-02-19__12:14:03

    Expected behavior

    There should be a way to list the sub-modes of all commands, even the ones that are already the parent of a group, like z. Initially we were just appending ?, but that means that to get the longer help of a command you may have a lot of ? (e.g. z? gives the list of sub-commands of z, z?? gives the list of sub-modes of the command z, z??? gives the short description of the command z with standard output, z???? gives the longer description of the command z with standard output... It seems a bit too confusing).

    Ideas?

    Steps to reproduce the behavior

    > z?
    # it returns the list of sub-commands of `z`
    Usage: z[?]   # Zignatures management
    | z[j*qk]        # Show zignatures
    | z.[*]          # Find matching zignatures
    | zb[r]          # Search for best match
    | z- <zigname|*> # Delete zignature
    | za[fF]         # Add zignature
    | zg             # Generate zignatures (alias for zaF)
    | zo[sz]         # Manage zignature files
    | zf<ds>         # Manage FLIRT signatures
    | z/[*f]         # Search zignatures
    | zc[n]          # Compare zignatures in current zignspace with another one
    | zs[j*-+r]      # Manage zignspaces
    | zi[j*qi]       # Show zignatures matching information
    > z??
    # it returns the longer description of `z`
    Usage: z[j*qk]   # Show zignatures
    > z.?
    # z. is not the name of a group, so z.? shows the sub-modes
    Usage: z.[*]   # Find matching zignatures
    | z.     # Find matching zignatures
    | z.*    # Find matching zignatures (rizin mode)
    

    Additional context

    By "sub-command" of z I mean commands like zi, zc, zg, zb, etc. By "sub-mode" of z I mean all those things that behave exactly the same as z but provide an output in a different format, like zj, z*, zq, etc. These things actually are commands to the user, but they are handled by the same command handler and provide the same information just in different formats.

    signatures shell 
    opened by ret2libc 24
  • rz-asm show a detailed description for a single opcode

    rz-asm show a detailed description for a single opcode

    Is your feature request related to a problem? Please describe. Is it possible to get a short text description associated to every instruction decoded?

    Describe the solution you'd like e.g.

    $ rz-asm -t -a x86  nop
    90
    No Operation
    Performs no operation. This instruction is a one-byte instruction that takes up space in the instruction stream but does not affect the machine context, except the EIP register.
    

    A json output would be nice as well:

    $ rz-asm -json -a x86  nop
    {
    "opcode": 90,
    "size": 1,
    "name": "No Operation",
    "description": "Performs no operation. This instruction is a one-byte instruction that takes up space in the instruction stream but does not affect the machine context, except the EIP register."
    }
    

    Describe alternatives you've considered

    • Consult online docs (not always available, slower to search).
    • Looked for a downloadable db in some common plaintext format (json, csv, xml, etc.), but still found none. If you know some alternative please post here.

    Additional context

    rz-asm 
    opened by eadmaster 23
  • Some method references in Dex are missing

    Some method references in Dex are missing

    Work environment

    | Questions | Answers | | ----------------------------------------------------- | ------------------------------------------------------------ | | OS/arch/bits (mandatory) | Ubuntu 20.04 | | File format of the file you reverse (mandatory) | APK | | Architecture/bits of the file (mandatory) | Dalvik | | rizin -v full output, not truncated (mandatory) | rizin 0.4.0-git @ linux-x86-64
    commit: 7b16c102654932cfae7f1d0ea3d2b909754ae9f9, build: 2022-03-16__08:32:49 |

    Expected behavior

    Detect all the method references in Dex.

    Actual behavior

    Some method references were missing.

    In the following scenario, I looked into a method's instruction at address 0x496f6. According to the disassembled result, it holds a reference to method sendTextMessage. However, commands axl and axf both missed that reference.

    ➜ rizin apk://13667fe3b0ad496a0cd157f34b7e0c991d72a4db.apk 
     -- Use 'e asm.offset=true' to show offsets in 16bit segment addressing mode.
    [0x00028498]> aaa
    [x] Analyze all flags starting with sym. and entry0 (aa)
    [x] Analyze function calls (aac)
    [x] Analyze len bytes of instructions for references (aar)
    [x] Check for classes
    [x] Finding xrefs in noncode section with analysis.in=io.maps
    [x] Analyze value pointers (aav)
    [x] Value from 0x00000000 to 0x000af474 (aav)
    [x] 0x00000000-0x000af474 in 0x0-0xaf474 (aav)
    [x] Emulate functions to find computed references (aaef)
    [x] Propagate noreturn information
    [x] Use -AA or aaaa to perform additional experimental analysis.
    [ERROR: sigdb path is unknown or invalid (path: /usr/local/share/rizin/sigdb)
    [x] Applied 0 FLIRT signatures via sigdb
    [0x00028498]> pd 1 @ 0x496f6
    │           0x000496f6      invoke-virtual/range {v2..v7}, Landroid/telephony/SmsManager;->sendTextMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Landroid/app/PendingIntent;Landroid/app/PendingIntent;)V
    [0x00028498]> axl~496f6
    [0x00028498]> axl~sendTextMessage
    [0x00028498]> axf @ 0x496f6
    [0x00028498]> 
    
    

    Steps to reproduce the behavior

    • Open the APK with Rizin
    • Type in the following commands.
    aaa
    pd 1 @ 0x496f6
    axl~496f6
    axl~sendTextMessage
    axf @ 0x496f6
    
    test-required DEX 
    opened by haeter525 22
  • Set CI buildtypes to highest opt level possible and set default buildtype to debugoptimized

    Set CI buildtypes to highest opt level possible and set default buildtype to debugoptimized

    Your checklist for this pull request

    • [X] I've read the guidelines for contributing to this repository
    • [X] I made sure to follow the project's coding style
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the documentation and the rizin book with the relevant information (if needed)

    Detailed description

    This pr:

    1. Sets the buildtype for CI builds to release (-O3) except the asan and Codecov builds. This is done because compiler optimizers increase performance but can also change code behavior (especially if the code invokes UB) so this needs to be tested. 1.1 The asan buildtype is set to debugoptimized (-O2 -g) for hopefully sane stack traces. 1.2 The Codecov buildtype is set to debug because debugoptimized (as seen in https://github.com/rizinorg/rizin/pull/260#issuecomment-751470698) produces wonky Codecov reports.

    2. Set the default buildtype to debugoptimized due to reasons given in #256 i.e. users might leave performance on the table otherwise.

    Test plan

    All meson builds are green, including Windows and asan builds.

    Closing issues

    Closes #256.

    infrastructure command rizin rz-test RzLang RzAnalysis RzDebug rz-find rz-diff API panel rz-hash rz-run 
    opened by kazarmy 22
  • Add `*pty` API

    Add `*pty` API

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [ ] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    Add API to access *pty functions (openpty, login_tty and forkpty)

    Test plan

    Add unit tests, green CI

    Closing issues

    Closes #3212

    API RzUtil 
    opened by DMaroo 2
  • Convert `pC` commands to rzshell

    Convert `pC` commands to rzshell

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    • Converted pC commands to rzshell
    • Removed pCc command because there is no use for printing C-style array in columns

    Test plan

    CI is green

    Closing issues

    Partially addresses https://github.com/rizinorg/rizin/issues/1590

    RzCore 
    opened by XVilka 0
  • Add support for `forkpty` in RzSubprocess

    Add support for `forkpty` in RzSubprocess

    RzSubprocess API does not have a way to use forkpty or any of the *pty APIs at all, making it hard to use in scenarios where a new TTY/PTY may be needed.

    opened by ret2libc 0
  • Drop Capstone 3 support

    Drop Capstone 3 support

    Capstone 4.0 was out in 2018, most platforms already migrated:

    • https://github.com/capstone-engine/capstone/releases/tag/4.0
    • https://repology.org/project/capstone/versions

    We could announce deprecation in 0.5.0 and remove it in 0.6.0

    Biggest platform that still has no CS4 is Ubuntu 18.04.6 LTS which is EOL on April 2023, it is roughly the possible time for 0.6.0, so it would be safe to remove it: https://wiki.ubuntu.com/Releases

    capstone 
    opened by XVilka 0
  • Rewrite stack pointer tracking and storage

    Rewrite stack pointer tracking and storage

    This is still a draft to keep the possibility for changes open until the variable part is finished. But do not hesitate to review!

    Your checklist for this pull request

    • [x] I've read the guidelines for contributing to this repository
    • [x] I made sure to follow the project's coding style
    • [x] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [x] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    The stack pointer was previously already tracked during analysis for variables and their accesses, but not stored in any sensible form for further use. RzAnalysisBlock.stackptr and parent_stackptr were used in some places, but they had no evident meaning. Now we store the sp at the entry of a basic block and the difference from that for every instruction inside the block to allow for efficient querying of the sp value at arbeitrary analyzed addresses. RzAnalysisFunction.stackptr is now deprecated as its previous use was primarily as a temporary accumulator, which is now handled locally, and full removal of it would go beyond the scope here.

    asm.stackptr visualizes both the absolute sp value and the delta of each instruction in disassembly.

    Changes in librz/analysis/p fix some test cases with the new tracking.

    Introduces project version v10 with sp_entry/sp_delta instead of stackptr/parent_stackptr.

    Test plan

    Saved stack pointer values after analysis can be examined with asm.stackptr. Depending on the code, some instructions might not show their real delta, like the lea esp, [ecx - 4] in the following example, since we are essentially just doing pattern matching at the moment. With for example RzIL-based constant propagation, this could be drastically improved in the future.

    Bildschirm­foto 2022-11-27 um 14 29 42

    rz-test RzAnalysis API RzCore ARM X86 
    opened by thestr4ng3r 4
  • Fix endianness for win pagedump

    Fix endianness for win pagedump

    Your checklist for this pull request

    • [ ] I've read the guidelines for contributing to this repository
    • [ ] I made sure to follow the project's coding style
    • [ ] I've documented or updated the documentation of every function and struct this PR changes. If not so I've explained why.
    • [ ] I've added tests that prove my fix is effective or that my feature works (if possible)
    • [ ] I've updated the rizin book with the relevant information (if needed)

    Detailed description

    ...

    Test plan

    ...

    Closing issues

    ...

    rz-test RzBin RzDebug API PE WinDbg RzUtil RzReg 
    opened by wargio 0
Releases(v0.4.1)
  • v0.4.1(Sep 10, 2022)

    This release contains a few important security fixes:

    Apart from those, were fixed:

    • Various minor packaging and installation issues and improvements
    • Various minor fixes on big-endian platforms
    • GCC 12 compilation warnings.
    • Update libzip to v1.9.2
    • Update rz-libdemangle
    • Fix #2851 - wrong AVR analysis jump value for rjmp/rcall
    • Fix the crash of command fg
    • Fix pg with fewer than 5 arguments
    • Fix afx command JSON output
    • Print graph when dmhg is executed
    • Fix the heap overflow in TUI
    • Fix for file sharing permission on Windows
    • Fix #2957 - oob read in pe_section.c
    • Fix #2970 - oob read in pe/pe.c and bin/golang.c
    • Fix #2970 - oob read in coresymbolication.c and in bin_dyldcache.c
    • Fix #2972 - oob read in ne.c
    • Fix #2971 - null deref dwarf_process.c
    • Fix #2968 - null deref in mdmp.c
    • Fix #2965 - null deref and div by zero in mach0_rebase.c
    • Fix #2962 - oob read in bin.c
    • Fix #2961 - oob read in coresymbolication.c
    • Fix #2958 #2960 #2973 - oob read in dwarf.c
    • Fix #2955 - oob read in dex.c
    • Fix #2954 - oob read in dex.c
    • Fix #2953 - oob read in magic/funcs.c
    • Fix #2952 - null deref in dyldcache.c
    • Fix #2993 - Check rz_buf_read_le32_offset return status parsing LE bins
    • Fix integer overflow in mach0
    • Fix oob read on luac
    • Fix RzBitmap length type and added ownership and checks.
    • Fix strdup on nullptr in rz_core_bin_apply_strings
    • Fix oob read on _luac_build_info and luac memleaks
    • Fix oob read on rz_pkcs7_parse_spcdata
    • Fix oob read on rz_x509_parse_tbscertificate
    • Fix oob read and endian dependency in asm_ebc
    • Fix OOB read in 6502 analysis plugin.
    • Fix reset followed by color change in rz_cons_html_filter
    • Fix always true if due wrong check in search
    • Fix the failure of switching panel command
    • Fix double free of enum member name
    • core_search_for_xrefs_in_boundaries omits the negative return value
    • Fix the crash caused by get_long_object()

    Full Changelog: https://github.com/rizinorg/rizin/compare/v0.4.0...v0.4.1

    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.4.1.pkg(7.26 MB)
    rizin-src-v0.4.1.tar.xz(10.92 MB)
    rizin-v0.4.1-android-aarch64.tar.gz(9.70 MB)
    rizin-v0.4.1-android-arm.tar.gz(9.71 MB)
    rizin-v0.4.1-android-x86_64.tar.gz(9.94 MB)
    rizin-v0.4.1-static-x86_64.tar.xz(91.69 MB)
    rizin-windows-shared64-v0.4.1.zip(7.82 MB)
    rizin-windows-static-v0.4.1.zip(63.70 MB)
    rizin_installer-v0.4.1-x86.exe(6.11 MB)
    rizin_installer-v0.4.1-x86_64.exe(6.36 MB)
  • v0.4.0(Jun 25, 2022)

    Here we are again with a new release of Rizin, v0.4.0. We are still in the v0.y.z realm, but we are getting closer and closer to what we can consider our first stable release v1.0.0, with fully working projects and a uniform shell experience. In the meantime, we are moving forward with several side projects that we hope you will enjoy and that will help your reverse engineering experience, like automatic signature detection, FLIRT signatures creation, firmware base address computation, a new Intermediate Language (RzIL) and more.

    As usual, keep reading for more insights and let us know of any bugs you find or improvements you would like to see in future versions.

    New

    • FLIRT files can be used to apply analysis information gathered from one binary to another one, allowing the reverse engineer to more easily recognize library functions or standard functions that are usually not binary specific. Rizin can now create such FLIRT files (both in .pat and .sig extensions), which can be later applied to other Rizin sessions or even opened directly by IDA.
    $ rizin -A -qc "zfc /tmp/curl.sig" curl-example-dbg
    704 FLIRT signatures were written in '/tmp/curl.sig'
    $ rz-sign -aa -o /tmp/curl.pat curl-example-dbg
    rz-sign: written 704 signatures to /tmp/curl.pat.
    
    • Signature files (e.g. .sig) can be placed in the installation prefix to form a library that Rizin automatically uses while analyzing a binary, in order to find known functions and ease the reversing process.
    $ rizin -A curl-example
    [x] Applied 5 FLIRT signatures via sigdb
    
    • Automatic golang function and string recovery for x86/x64/PowerPC/MIPS/ARM/RISC-V.
    $ rizin -A example-go-1.18-stripped
    [x] Found go 1.18 pclntab data.
    [x] Recovered 4794 symbols and saved them at sym.go.*
    [x] Analyze all flags starting with sym.go. (aF @@f:sym.go.*)
    [x] Analyze all instructions to recover all strings used in sym.go.*
    [x] Recovered 3448 strings from the sym.go.* functions.
    
    • A new Intermediate Language RzIL has been introduced in Rizin, primarily intended for representing the semantics of machine code and designed as a clone of BAP's Core Theory. It is going to replace ESIL in the future, even though they will both live within Rizin for the time being. ARM32, ARM64, AVR, and 6502 assemblies can already be lifted to RzIL, allowing you to emulate code without running it. Some of the reasons that moved us away from ESIL are: its lack of typing, for example it was hard to discern accesses of different signs, sizes, and bool from integer; its hard to read string representation; being all string-based without a real structure.

      As many reverse engineers are familiar with the concept of SMT (Satisfiability Modulo Theories), RzIL should be familiar as well. In essence, it's a superset of SMT Bitvectors theory plus SMT Arrays (Bitvector-indexed arrays of Bitvectors to represent memory), and Effects (to represent side effects, like jump or branch). Thus, main core concept that was added in Rizin is the algebra of bitvectors, with corresponding functions in RzUtil. Moreover, the readable representation of RzIL was added, in a form of S-expressions:

    $ rz-asm -a arm -b 32 -d 1233a0e1
    lsl r3, r2, r3
    $ rz-asm -a arm -b 32 -I 1233a0e1
    (set r3 (<< (var r2) (cast 8 false (var r3)) false))
    
    • Sometimes when reverse engineering a firmware you get just a raw binary, without any structured file format (e.g. ELF). Finding the base address where the raw data is supposed to be run from is often a tedius process. We now try to automate the identification of few possible candidates addresses through the new B command.
    $ rizin -e log.level=3 -qc B stm32f103-dapboot-v1.20-bluepill.bin
    INFO: basefind: located 7 strings
    INFO: basefind: located 1459 pointers
    score candidate  
    -----------------
    4     0x08000000
    1     0x79ca6000
    

    Improvements

    • Improved analysis on DEX files, especially on cross-references to imports.
    • GPL code can be now disabled via -Duse_gpl=false
    • rz-diff -H option now supports infinite scrolling when binary diffing.
    • Improved accuracy of the strings search and EBCDIC encoding support.
    • Significant improvement of the Hexagon disassembly and analysis.

    Extras

    • FLIRT signature database is the database generated from rizinorg/sigdb-source, used as a library of signatures that can be automatically recognized in the binaries you analyze. It can be installed via the meson option -Dinstall_sigdb=true while installing Rizin from source or added later via e flirt.sigdb.path=path/to/sigdb.
    • rz-libyara is now available as RzCore plugin for parsing and creating yara rules.
    • rz-libdemangle is our extracted library providing APIs to demangle symbols for various languages. It currently supports C++, Rust, Swift, Java, MSVC and ObjC. C++ and Rust are under GPL license and they can be compiled out if necessary. As a standalone library it can be used by any other project, so try it out if you need it!
    • Official Apple swift demangler is now available as RzDemangler plugin.
    • rz-retdec Retdec decompiler plugin for Rizin
    • rz-libmc7 Siemens Simatic S7 bytecode dissassembler
    • rz-tracetest a testing tool for the correctness of RzIL lifters, which compares executions of instructions from a real trace against the result of executing the same instructions in the RzIL VM. This is a very important piece to ensure that our RzIL lifters produce good results.

    Build

    • fix versions of the Rizin libraries so that patch releases do not require a recompilation of dependent programs
    • completely switch to Meson subprojects and removal of shlr directory
    • add -Wimplicit-fallthrough=3 compiler flag by default when supported
    • add option to download and install sigdb together with Rizin

    RzUtil

    • Fixes the portable build so that themes and other resources are loaded when the whole portable installation directory is moved
    • Several fixes, cleaning API, adding documentation to existing API
    • Removal of various unused functions and general cleanup of the library.
    • Add RzBitVector API, extensively used in RzIL
    • Add new type of RzBuffer based on RzIO
    • String types, structures and search has been refactored to unify its usages across RzUtil, RzAnalysis and RzCore.

    RzType

    • Fix printing of several types
    • Add API for pretty printing of types and reuse it whenever possible
    • Parse comments in types definitions
    • Fix self-referential typedefs parsing
    • Separate variadic argument in a different grammar token
    • Improve error message when types are redefined

    RzSignature

    • FLIRT .pat files are now parsed and applied via zfs
    • FLIRT .sig and .pat files can now be created via zfc.
    • rz-sign has been rewritten to create, dump and convert (in both ways).pat and .sig FLIRT files.
    • Fixed endianness issues on FLIRT .sig files.
    • Support for FLIRT signature database which is now applied in the analysis step or manually via aaF (use aaFl to list the database signatures)
    • rz_sign is now a standalone library.

    RzIO

    • Add shm:// support on Android and Windows
    • Partial support for loading all files included in .a/.lib archive files
    • Fix opening of multi-dex files with proper base address
    • Several improvements and fixes to WinKD, WinDBG and DMP plugins

    RzHash

    • RSA-MD licensed code has been replaced with LGPL implementation.
    • Small refactoring to fix some null dereference bugs when openssl is used.

    RzDemangler

    • New library to demangle symbol names in various languages, extensible by plugins
    • By default uses libdemangle for C++, Rust, Swift, Java, MSVC, Obj-C

    RzDebug

    • Add support for coredump generation on NetBSD and FreeBSD
    • Add support for file descriptors listing on NetBSD
    • Add serialization functionality for breakpoints, so they can be saved/restored to/from projects
    • Fix signal handling on NetBSD
    • Several fixes and improvements for WinDBG, WinKD, DMP plugins
    • Add support for Windows on ARM
    • Add support for debugging DMP files
    • Add unit tests for software breakpoints
    • Add support for getting backtraces from a Windows Kernel Dump for x64

    RzCrypto

    • Replaced MS-PL AES code with LGPL implementation from Nettle.
    • Fixed various endianness issues on some algorithms.
    • Rewrite of ESIL implementation of DES <k> opcode for AVR arch.

    RzCons

    • Fix bug on Windows when e scr.vtmode=1
    • Fix visual panels mode on Windows, which was not restoring terminal mode correctly
    • Fixes 'ctrl+arrow and 'alt+arrow key' in the shell
    • Fix console settings after rizin - on Linux
    • Add durian color theme based on summerfruit.vim
    • Remove editor features
    • Remove global variables
    • Retain prompt when exiting using ^D

    RzBreakpoint

    • Add serialization of breakpoints
    • Add unit tests for software breakpoints
    • Make dcu fail on failed bp instead of blindly continuing
    • Make breakpoint size respect address-specific bits

    RzBin

    DEX

    • Implement vfiles to support relocations on dex binaries
    • Resolved big bottleneck which improved parsing performances
    • Added support for imports resolved by direct_methods via super calls

    PE/PDB/DMP

    • Rewrite PDB parser
    • Small fixes and improvements to PE parser
    • Add Triage Dump (Minidump) parsing support for dmp64 bin plugin

    ELF/DWARF

    • Still refactoring of the ELF plugin
    • Fix some relocations in ARM, Hexagon, PowerPC (including big endian) and related patching.
    • Fix main() retrieval of /bin/ls binary on Fedora 35/36
    • Several bug fixes in DWARF

    Mach-O

    • Refactor Mach-O relocations patching and convert to RzBinVirtualFile
    • Refactor bin_xnu_kernelcache to use RzBinVirtualFile
    • Add Support For dyld4 Atlas-style Shared Library Caches
    • Add support for DYLD_CHAINED_PTR_64_OFFSET (#1996)
    • Add support for DYLD_CHAINED_PTR_ARM64E_USERLAND24 (#2197)
    • Fix CVE-2022-1240 and CVE-2022-1244

    Others

    • Rewrite bFLT plugin
    • Identify .bf extension as brainfuck if the content is not recognized otherwise
    • Add support for SH, MIPS and ARM to the COFF format
    • Fix several format parsing on big endian platforms
    • Fix memory leaks in the way SDB was used within RzBin
    • Fix vaddr/paddr when doing string scanning
    • Add API to convert paddr/vaddr based on binary info only
    • Recover Golang symbols for 1.2/1.16/1.18+ when the right sections are found in the binary

    RzAsm/RzAnalysis

    • Fixed RzAnalysisOp info returned on PowerPC and RISC-V archs.
    • Improved dalvik analysis when move-exception appears after a gotos or return or mid-opcode jump.
    • Improved dalvik analysis by resolving jumps via invoke-xxx/range
    • Added missing Python magic values for new python versions.
    • Improved Hexagon to support compact struct conversion.
    • Implemented golang string recovery for x86/x64/PowerPC/MIPS/ARM/RISC-V.
    • Refactoring RzAnalysis (like removal of cb_printf() from RzAnalysis, usage of -Wimplicit-fallthrough, etc..)
    • Refactor ARM analysis to handle 4-byte IT-opcodes
    • Reduced registers shown in the output of dr and Vpp when analysing an ARM64 bin
    • Remove analysis.endsize config variable, improving the analysis results of several binaries, where functions were not properly analyzed due to conditional jumps only having one following basic block instead of two.
    • Separation of fpu and gpr in arm64 reg profile
    • Fix infinite loop if first case of switch table points to same block
    • Fix integer overflow and excessive memory usage in jump table analysis

    RzShell

    • aa, af, ar, av, ax, ah, ac, a8, aO, ao, an, ab, as, b, c, db, do, ds, dt, dl, dr, g, o, y, ec, f, i, C, pc, pd, pm, psW, r, w commands and subcommands were converted to RzShell
    • several ae subcommands were converted to RzShell
    • B commands for base-address computation were added
    • ..( command was added to call a macro multiple times with arguments taken n at a time.
    • zfc has been added to create FLIRT signature files
    • dex<se> has been added to visualize dex class information, like you can do with java<cfimpsr> command for java classes.
    • 0x command was removed in favour of s 0x....
    • shell commands were grouped under shell? (e.g. echo, cat, ls, rm, etc.)

    Full Changelog: https://github.com/rizinorg/rizin/compare/v0.3.4...v0.4.0

    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.4.0.pkg(7.26 MB)
    rizin-src-v0.4.0.tar.xz(10.90 MB)
    rizin-v0.4.0-android-aarch64.tar.gz(9.56 MB)
    rizin-v0.4.0-android-arm.tar.gz(9.65 MB)
    rizin-v0.4.0-android-x86_64.tar.gz(9.84 MB)
    rizin-v0.4.0-static-x86_64.tar.xz(91.50 MB)
    rizin-windows-shared64-v0.4.0.zip(7.81 MB)
    rizin-windows-static-v0.4.0.zip(63.63 MB)
    rizin_installer-v0.4.0-x86.exe(6.10 MB)
    rizin_installer-v0.4.0-x86_64.exe(6.36 MB)
  • v0.3.3(Jan 7, 2022)

    • Add dist script to remove .git folders from subprojects
    • Add -e option to rz-diff to set configuration variables
    • Fix #2089 by checking the kind of DWARF attribute before demangling
    • Fix #469 by checking the value of analysis.jmp.cref
    • Fix #1710 by changing rflags register using dr
    • Fix #2013 for dependencies names which are called libmagic and libxxhash
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.3.pkg(7.28 MB)
    rizin-src-v0.3.3.tar.xz(9.92 MB)
    rizin-v0.3.3-android-aarch64.tar.gz(8.85 MB)
    rizin-v0.3.3-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.3-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.3-static-x86_64.tar.xz(47.80 MB)
    rizin-windows-static-v0.3.3.zip(63.28 MB)
    rizin_installer-v0.3.3-x86.exe(6.07 MB)
    rizin_installer-v0.3.3-x86_64.exe(6.54 MB)
  • v0.3.2(Dec 30, 2021)

    • Fix: UAF caused by parse_type_abstract_declarator_node()
    • Fix wrong buffer size reporting with shm://
    • Initialize retctx,ctx before freeing the inner elements
    • Init all fields in rz_cmd_state_output_init()
    • Fix #726 - Fix building for x86 Windows with clang-cl
    • Fix -Wunused-function warning on Mac
    • Fix OOB write for DWARF with abbrev with count 0
    • Fix crash due to NULL pointer dereference in rz_analysis_block_recurse()
    • Fix +/- in visual cursor mode
    • Fix self-referential typedef format
    • Make rz_strbuf_slice() truncate on excessive len
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.2.pkg(7.28 MB)
    rizin-src-v0.3.2.tar.xz(61.19 MB)
    rizin-v0.3.2-android-aarch64.tar.gz(8.84 MB)
    rizin-v0.3.2-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.2-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.2-static-x86_64.tar.xz(47.80 MB)
    rizin-windows-static-v0.3.2.zip(63.27 MB)
    rizin_installer-v0.3.2-x86.exe(6.06 MB)
    rizin_installer-v0.3.2-x86_64.exe(6.54 MB)
  • v0.3.1(Nov 17, 2021)

    • Add pid/pidfile on man/rz-run and make a pid option a boolean
    • Fix rax -t not considering GMT argument
    • Fixed 'Ctrl+Arrow' and 'Alt+Arrow' in rizin shell
    • Fix integer overflow and excessive memory usage in jump table analysis
    • Fix infinite loop if first case of switch table points to same block
    • Fix some NULL derefs in Windows Debugger
    • Removed junk on screen in visual mode with two columns
    • Detect shm_open() function with Meson
    • Haiku OS and DragonflyBSD build fixes
    • PE header parsing fixes when opened through shm:// IO plugin
    • Added CRC32 and entropy values in it output
    • Fix NULL pointer dereference due missing small_block method when OpenSSL is used.
    • Fix potential buffer overflow in RC2 hash
    • Move TSLanguage initialization into new rz_core_cmd_new() API
    • [DEX] remove bottleneck on rz_list_get_n()
    • Fix invalid v command resulting in black screen
    • Add few missing Windows types
    • Fix rotating colors with C in visual mode
    • Fix #1864: Find main() of Fedora 35 x86_64 /bin/ls
    • Use empty dependencies to avoid comparing different types (Meson 0.60 compatibility)
    • [Debug] Let gdb attach regularly and reset reason after attach
    • Enable flushing for oldinput_get_help()
    • Provide API for calculating sections digests
    • Move files to generate windows installer under dist/windows
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.1.pkg(7.28 MB)
    rizin-src-v0.3.1.tar.xz(61.12 MB)
    rizin-v0.3.1-android-aarch64.tar.gz(8.85 MB)
    rizin-v0.3.1-android-arm.tar.gz(9.35 MB)
    rizin-v0.3.1-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.1-static-x86_64.tar.xz(47.62 MB)
    rizin-windows-static-v0.3.1.zip(63.27 MB)
    rizin_installer-v0.3.1-x86.exe(6.06 MB)
    rizin_installer-v0.3.1-x86_64.exe(6.54 MB)
  • v0.3.0(Sep 25, 2021)

    Rizin v0.3.0

    A new release of Rizin is here, v0.3.0! This release has taken a bit longer than expected, but a lot of things have been done since the last release, including our first GSoC in the Rizin project. Look at our blogpost to know more about GSoC 2021.

    Below we would like to give you a glimpse at what we did, but be aware this is only a small fraction of the changes. You should look at our git history to see everything. Some of our work directly improves our users' experience, while others is more under the hood work, though we are sure it ultimately improves the experience of using and developing Rizin as well.

    Keep reading for some highlights of this new release.

    New

    • New RzType module: We moved all the types related functions from the RzAnalysis module to a new separate module: RzType. Instead of using a custom stripped-down version of the TinyCC, RzType parses C code by using a grammar defined with Tree-Sitter. RzType parser and loader now better validates types, which allowed us to fix several mistakes in the shipped type libraries for Linux, MacOS, and Windows. When a type is unknown or it is a typedef/atomic type without an underlying specification you may also find the special new type unknown_t which is an integer of the current file/platform word size. This new module allows us to better use types in several places of Rizin, Cutter and rz-ghidra!
    • SPDX headers: All files have been marked with SPDX headers that will help you and us check what kind of code we ship, which licenses, copyrights, etc.. Checks are in place in CI to ensure that all files will have SPDX headers going forward. image4
    • rz-diff hexadecimal view: We rewrote big parts of rz-diff tool to remove the dependency on the diff/git diff binary, optimize diffing functions and provide a new hexadecimal diffing view through the new -H option. image2
    • Shell new behavior: Rizin can now be started without any argument and it won't open any file, allowing you to later open a binary with o command as usual. We switched the behavior of - and = when starting Rizin, to better match what Linux users expect from a tool: - now reads the binary from stdin, while = now opens a malloc-ed file in memory. Try things with rizin and rizin =.
    • Global variables: So far you could only define variables local to a function (see afv commands), but we are now introducing global variables that can be defined at any fixed address with a given type. See avg? to see how to handle them. This is still a very early concept, but we plan to use them more and more for disassembly printing, analysis, in Cutter, and in rz-ghidra. They are going to replace the “type link” function you may know under the tl commands.

    Improvements

    • ELF parsing: Code for ELF parsing has been heavily refactored and adjusted to make better use of dynamic info provided in segments instead of relying on untrusted sections. Few new variables have been introduced to alter how ELF files should be parsed and validated, see elf vars with el elf. Support for DT_HASH and DT_GNU_HASH allows to determine more accurately the number of symbols in the dynamic symbol table. As one of the results of this work, a known anti-analysis technique that tries to hide used symbols is now defeated by Rizin. image5 image1
    • No more io.cache required to apply relocations: It was common in Rizin to get warning messages telling you to enable io.cache to fix binary relocations. We think that was unnecessary and wrong in concept as well. With this new release, the most relevant binary plugins were refactored to provide a list of mappings together with changes that should be applied on top, making relocations patching very easy and transparent for the end user. You will not have to set any particular variable nor will you see changes applied by Rizin itself mixed with changes you, as a user, did to the binary. image3
    • Commands ported to Rizin shell: Several commands were ported to Rizin unified shell, making them more consistent and easy to use. These commands have an automatically generated help, their arguments can be wrapped in quotes like you do in bash and they integrate better with Rizin. Some of those commands are: afvxa, afvxv, dts, L, pg, dmh, dm, pt, dc, H, av, ph, avg, i, !.
    • Project migration: With the first release of Rizin we mentioned our new project implementation which would allow our users to keep using older projects as they update their Rizin tools. Even though we are not at release 1.0.0 we already implemented project migrations that automatically update your old projects as you load them! Please report any issue you find with this, so that by the release 1.0.0 we can deliver something as stable as possible!
    • Support for multidex APK files: Initial work to support multidex APK
    • rz-hash: Code related to rz-hash was heavily refactored and it now supports loading of large files as well as HMAC combined with any hash algorithm.

    Fixes

    • Fix debugger in static build: The statically compiled rizin binary provided with last release was not able to debug other binaries, due to it being compiled on Alpine and the code using the ptrace API with the wrong types of arguments.

    • FLIRT decompression: Did you know you could load IDA FLIRT signatures files in Rizin with the zf commands? Now we support z-lib compressed FLIRT signatures as well, so try to load your FLIRT database with Rizin.

    • DEX parsing: Several bug fixes ranging from correctly listing symbols in a dex file, to better printing of methods and fields names, to resolution of invoke-virtual methods. image6

    • Ports: Added CI jobs for NetBSD and Linux PowerPC - all tests pass, various fixes for HaikuOS, DragonFlyBSD.

    There is more in this release and even more to come in the upcoming ones, like a new Intermediate Language, RzIL, that will replace ESIL, improved usage of PDB files, global variables refinement and yet other improvements on ELF parsing. If you wish to help us develop, test, document Rizin or you are just curious about it, look at our website https://rizin.re/community/ to know how to reach out to us!

    Enjoy Rizin v0.3.0,

    The Rizin team

    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.3.0.pkg(7.28 MB)
    rizin-src-v0.3.0.tar.xz(61.12 MB)
    rizin-v0.3.0-android-aarch64.tar.gz(8.84 MB)
    rizin-v0.3.0-android-arm.tar.gz(9.34 MB)
    rizin-v0.3.0-android-x86_64.tar.gz(9.29 MB)
    rizin-v0.3.0-static-x86_64.tar.xz(47.63 MB)
    rizin-windows-static-v0.3.0.zip(63.21 MB)
    rizin_installer-v0.3.0-x86.exe(6.06 MB)
    rizin_installer-v0.3.0-x86_64.exe(6.53 MB)
  • v0.2.1(Apr 22, 2021)

    • Remove unnecessary exit() calls from librz/
    • Fix wrong demangling of __TIFFSwab16BitData
    • Prevent infinite recursion in DWARF parsing
    • Detect presence of extern char **environ (fixes old MacOS build)
    • Fix SDB and SPP linking with RzUtil
    • Fix RzDiff/RzTest to use subprocess API
    • Fetching all references with rz-pm to support release tags
    • Fix FreeBSD 13 build
    • Fix Gentoo SDB build to use proper Python environment
    • Fix the wrong use of wcstombs()
    • Various UAF, OOB, NULL DEREF fixes
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.2.1.pkg(7.01 MB)
    rizin-src-v0.2.1.tar.xz(49.05 MB)
    rizin-v0.2.1-android-aarch64.tar.gz(8.65 MB)
    rizin-v0.2.1-android-arm.tar.gz(9.13 MB)
    rizin-v0.2.1-android-x86_64.tar.gz(9.07 MB)
    rizin-v0.2.1-static-x86_64.tar.xz(46.76 MB)
    rizin-windows-static-v0.2.1.zip(61.79 MB)
    rizin_installer-v0.2.1-x86.exe(5.91 MB)
    rizin_installer-v0.2.1-x86_64.exe(6.37 MB)
  • v0.2.0(Apr 8, 2021)

    Command changes

    • Add exit command to exit Rizin
    • Add dmhv as verbose version of dmh
    • Add afb-* command to delete all basic blocks of a function
    • Support in newshell for <cmd>?*[j] and ?*[j] <command>
    • Extend output of iS to show more information about sections
    • Fix =!= in newshell to support "fd" argument
    • Merge CL and iX into ix
    • Remove ?: because it does not exist and contains :
    • Rename o: to oC to avoid :
    • Rename s: to spad to avoid :
    • Rename =: and =&: to =r and =&r to avoid :
    • Rename sH commands to sh
    • Remove "comment" argument from zi* and f*
    • Remove the command tail
    • Remove tfc, move to tf, add tfk
    • Remove tna and tnn commands
    • Remove join command
    • Remove head command
    • Remove less and directly list ls command
    • Remove touch command
    • Remove axF command
    • Remove afb. and change how afbi commands work to be more consistent with afb
    • Port q commands to newshell
    • Port afb commands to newshell
    • Port afB command to newshell
    • Port afs commands to newshell
    • Port afx command to newshell
    • Port afS command to newshell
    • Port afo command to newshell
    • Port afu command to newshell
    • Port afv commands to newshell
    • Port t commands to newshell
    • Port dsu commands to newshell
    • Port wf commands to newshell

    Analysis improvements

    • Complete acvf command to better lookup function address on vtable offset
    • Better type analysis

    Updates

    • Update rizin-shell-parser to tree-sitter 0.19.4
    • Update embedded SDB

    Architecture changes

    • Java bytecode disassembly/analysis/assembly/binary plugins are rewritten from scratch and covered by tests
    • Implemented Lua 5.4 bytecode disassembly/analysis/binary plugins (luac)
    • Enabled Python bytecode (pyc) support and covered by tests
    • Remove Whitespace Asm+Analysis Plugins (ws) because the Results are wrong

    Debugging

    • Various heap parsing improvements (dmh command)

    Various

    • Performance improvements on loading big files with DWARF information
    • Improve developer and contributor documentation
    • Add tests for different compilers and ABI
    • Better SPDX/REUSE conformance of the source code
    • Cleanup of the code to remove unnecessary parts e.g. some of JSON duplicated code
    • Refactored all dependencies into Meson subprojects (lz4, zip, zlib, yxml, etc)
    • Removed old ACR/Makefile files
    • Refactored to use API calls instead of calling commands (rz_core_cmd*()) inside Rizin codebase
    • Improved static "portable" builds to use relative paths for supplementary files
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.2.0.pkg(6.99 MB)
    rizin-src-v0.2.0.tar.xz(49.05 MB)
    rizin-v0.2.0-android-aarch64.tar.gz(8.65 MB)
    rizin-v0.2.0-android-arm.tar.gz(9.13 MB)
    rizin-v0.2.0-android-x86_64.tar.gz(9.08 MB)
    rizin-v0.2.0-static-x86_64.tar.xz(46.76 MB)
    rizin-windows-static-v0.2.0.zip(61.80 MB)
    rizin_installer-v0.2.0-x86.exe(5.91 MB)
    rizin_installer-v0.2.0-x86_64.exe(6.36 MB)
  • v0.1.1(Mar 27, 2021)

    This is an intermediate bugfix release before the larger 0.2.0.

    Changes

    • Add more config vars to the projects load wxclusions (#911)
    • Rename esil.7 to rz-esil.7 manpage to avoid collisions with r2
    • Fix UAF in rz_bin_reset_strings() (#772)
    • Check if core plugin implements call before calling (#670)
    • Use GZip when compressing android release archives (#575)
    • Provide both x86/x64 windows installers (#548)
    • core/agraph: reintroduce Shift-Tab to move to prev node (#553)
    • Fix io.va being set to true after aaft (#459)
    • Fix "‘%s directive argument is null" warnings (#464)
    • Consider all functions in afl. and print error if no function is there
    • Fix signature in JSON mode in Mach-O and check for NULL signature (#463)
    • #include <errno.h> explicitly in rz_types.h (#452)
    • COFF: set zero size for label-symbols (#448)
    • COFF: handle empty sections (#447)
    • Meson: Escape paths on Windows (#444)
    • Fix memleaks in ESIL op handlers (#438)
    • Prevent FD_ZERO formatting from mangling by clang-format (#437)
    • Fix crash with es without args (#436)
    • Fix crash with el without args (#434)
    • Extend warning when debug on macOS fails
    Source code(tar.gz)
    Source code(zip)
    rizin-0.1.1-android-aarch64.tar.gz(8.56 MB)
    rizin-0.1.1-android-arm.tar.gz(9.05 MB)
    rizin-0.1.1-android-x86_64.tar.gz(8.99 MB)
    rizin-0.1.1-static-x86_64.tar.xz(45.48 MB)
    rizin-macos-0.1.1.pkg(8.54 MB)
    rizin-src-0.1.1.tar.xz(5.22 MB)
    rizin-windows-static-0.1.1.zip(65.58 MB)
    rizin_installer-0.1.1-x86.exe(6.10 MB)
    rizin_installer-0.1.1-x86_64.exe(6.62 MB)
  • v0.1.0(Jan 22, 2021)

    v0.1.0

    Today, we're shipping our first release, Rizin 0.1.0 :rocket:.

    It has been a long ride and we're thankful to all the developers who contributed to Rizin and decided to stick with us. We couldn't have done it without you all.

    We're so excited to bring you the first release of Rizin, which is the opening shot of the project and only the beginning. The release is packed with new and robust features. We now have Projects and a plethora of commands switched to our new unified command parser. Below, you'll find a complete and comprehensive list of what's new and what has changed.

    On this first release of Rizin, we put our efforts in refactoring and discarding parts of the code that are not the focus of Rizin as a reverse engineering framework, and those which were unpurposed, outdated or left as proof of concepts. Along with this refactoring, we improved the building and packaging process (see more in our "Why Meson" blog post). Apart from that, the two biggest changes are new, actually working Projects (see more in our "Introducing new Projects" blog post) and migration of many commands and auto-completion feature to the "newshell" (a tree-sitter-based commands parser) which is now set to default. Some of the unnecessary commands were removed, some commands and configuration variables were changed to pursue a better user experience and to smooth the learning curve.

    See the more detailed list of the changes below:

    • New features

    • Command changes

      • Commands converted to newshell:
        • uniq
        • uname
        • ls
        • *
        • _
        • sleep
        • . subcommands
        • P subcommands
        • = subcommands
        • s subcommands
        • & subcommands
        • w subcommands (not complete)
        • z subcommands
        • e subcommands
      • Relevant changes to commands
        • @@ and @@@ commands were unified under @@ . See @@? for more info.
        • seek history commands were all moved under sH. In particular: s- (seek undo) becomes sHu; s+ (seek redo) becomes sHr; s*, s, s! are grouped under sH; s= is removed
        • sl (seek line) and prl were removed
        • s accepts only an absolute value. Instead of having different behaviour on s +10+3 vs s 10+3, now s behaves the same. If you want to move relative to the current offset, use sd (seek delta).
        • ss (seek silent) subcommands were removed in favour of the new eval var cfg.seek.silent, that is accepted by all seek commands.
        • e? was removed in favour of el (eval list). Other commands that listed evals in different formats (e*, ej, etc.) were moved under el.
        • e, was removed because e can now accept multiple sets/gets in one shot
        • ev and evj were removed in favour of ell and elJ.
        • ed was removed since there can be multiple configuration files
        • e won't accept spaces when assigning a value to a variable. e asm.bytes = true is not valid anymore, while e asm.bytes=true is. This allows the command to support multiple arguments easily, like e asm.bytes=true asm.arch=x86.
        • The commands converted to newshell do not accept the syntax without a space between the command name and the argument anymore, in favor of a more rigid approach that splits them, similar to what's done by other shells (e.g. s+3 , z-zigname won't work anymore)
      • Misc
        • Commands that provide different output modes are grouped together
        • Commands are defined through a YAML file that describe the command, its arguments, a summary and a longer description.
        • The help tree structure is automatically computed based on the YAML definition. For each command, arguments and sub-options in the help are automatically printed most of the times.
    • New commands

      • opr , opn to open next file and opp to open previous file
      • Lp to list parser plugins
      • om.j for JSON output of om. to show the map for the current offset
      • aecb to continue backwards in ESIL emulation mode
      • Add rz-ax -I option to convert from/to LONG and IP address
    • Configuration variables' changes

      • cfg.newshell.autocompletion to enable/disable autocompletion based on newshell data. This uses the information provided in cmd_descs.yaml to know the type of each argument. Those info are the same used by the shell to know how many arguments a command accepts. It supports autocompletion of all the arguments of a command, not just the first. However it works only for commands converted to newshell and it is currently disabled by default
      • cfg.seek.silent when true, seek commands do not save seek movements in the seek history
      • cfg.seek.histsize maximum size of the seek history
      • asm.bytes set to false by default
      • Set asm.tabs to 6 and enable asm.tabs.once by default
      • Rename asm.filter to asm.sub.names
      • Add analysis.cc and analysis.syscc to set the current calling convention and syscall convention, remove hardcoded conventions
      • zign.{graph,bytes,offset,refs,hash,types} moved to zign.match.
      • dbg.create_new_console added, to create a new console window for the debugee on debug start
      • Added cfg.json.* variables for JSON encoding settings
      • Added asm.hint.call.indirect to make indirect calls follow the target address
      • Removed http.sync, http.ui, http.sandbox scr.tts , scr.demo, file.desc, file.md5, file.location, dbg.libc.dbglib, cmd.xterm, lines.*, cmd.pdc, cmd.log
    • Code cleanup

      • Removed WebUI and HTTP server implementation (except pieces required for the RzPipe http:// to work.
      • Removed the sandbox feature, donut printing, stiv (image preview), 2048 game
      • Removed scr.demo mode
      • Removed cfg.r2wars mode
      • Removed snow from Visual Panels mode
      • Removed function folding feature from Visual mode
      • Removed pdc pseudo decompiler in favor of RzGhidra and JSDec (URL)
      • Removed rz-patch tool (former rapatch2)
      • Removed citem (i. command)
      • Removed incomplete TTS support (cfg.fortunes.tts and scr.tts, also |T command)
      • Removed various outdated and unused scripts from sys/
      • Removed MinGW and Cygwin support from ACR/Makefiles
      • Removed Emscripten support
      • Removed (some of them moved to the book (URL)) various outdated documentation files from doc/
      • Removed the REIL support (aetr command)
      • Removed a2f analysis mode (analysis.a2f configuration variable)
      • Removed io.mmap plugin and rely on io.default implementation instead
      • Removed afc= command (use analysis.cc instead)
      • Removed afil command
      • Removed obsolete Windows debugging files (w32.[ch])
      • Removed unused callback.c
      • Removed filesystems mount support (m commands) and outdated GRUB code
      • Removed T commands (logging feature)
      • Removed u commands and Q alias
      • Removed ' and \ (both are an alias for =!) commands
      • Removed : commands
      • Removed p3 command (3D stereogram)
      • Removed /me command (IRC-like feature)
      • Removed support for the multiline comments (/* */)
      • Removed join, head, and less commands in favor of the ~ subcommands
      • Removed afc=, arS
    • Refactoring

      • SDB switched to use submodule instead of embedding into the repository
      • Tree-sitter runtime switched to use submodule instead of embedding into the repository
      • Most of the JSON printing migrated to the PJ API
      • Extract subprocess API used in rz-test to RzUtil, as a preliminary step in re-using those API for all code paths that interact with a child process
      • Reduce coupling between RzCore and Tasks
      • Move seek history processing from RzIO to RzCore
      • Refactoring to reduce code duplication of all binutils-based disassembly and assembly plugins (CRIS, HPPA, Lanai, MIPS, PPC, SPARC plugins)
      • Remove global variables from rz-find tool
      • Set C99 as the minimum required C standard supported. C99 standard has been used to compile SDB for many years, so we are now just taking full advantage of the standard in the whole project.
      • Code style is unified and automated with clang-format tool, see sys/clang-format.py script.
      • License headers updated to use SPDX machine-friendly format
      • Use meson dist to create the source tarball and refactor building release artifacts and corresponding CI logic
    • Assembly improvements

      • New PowerPC assembly plugin (asm.ppc)
    • Analysis improvements

      The basic blocks module was completely rewritten resulting in speed and analysis quality improvements for all supported architectures.

      Detection of the changes upon write and and refreshing the function graph.

      Improved UTF-16 strings autodetection

      Added ESIL sign extension operator ~=

      The analysis of the following architectures was improved significantly:

      • AVR
      • SPC700
      • V850
      • RISC-V (including new asm.pseudo plugin)
      • ARM32 (mostly pseudocode and ESIL improvements, update arm.winedbg)
      • ARM64 (including the major fix for the variable access analysis and syscall support)
      • SystemZ (added calling convention support)
      • Tricore (added instruction descriptions, see asm.describe)
      • PowerPC (libvle updates)
      • x86 (ESIL updates)
    • File formats

      • COFF: add ARMNT and ARM64 support
      • COFF: various small parsing fixes
      • Rewritten *.ar parsing to support multifile archives
      • PE and Windows minidump parsing fixes and performance optimizations
      • PE fixes for delayed imports
      • PE support for the RISC-V target
      • Print additional ELF headers with rz-bin -H option
      • Improvements for DWARF and PDB parsing and information import
    • Debugger

      • WinDbg/KD fixes
      • FreeBSD and DragonFlyBSD fixes
      • dts (debug trace session and reversible debugging feature) improvements
      • Add support and autodetection of the RISC-V targets for the GDB remote server connection
    • IO

      • Cache performance optimizations
    • Tests

      • Add an option to store logs with rz-test (-o option)
    • Misc:

      • Static builds are switched to use Alpine/Musl-based builds to not depend on the GLIBC version
      • Show all possible config variable values in the Ve menu
    Source code(tar.gz)
    Source code(zip)
    rizin-macos-v0.1.0.pkg(8.54 MB)
    rizin-src-v0.1.0.tar.xz(5.21 MB)
    rizin-v0.1.0-android-aarch64.tar.gz(29.09 MB)
    rizin-v0.1.0-android-arm.tar.gz(27.78 MB)
    rizin-v0.1.0-android-x86_64.tar.gz(30.33 MB)
    rizin-v0.1.0-static-x86_64.tar.xz(45.47 MB)
    rizin-windows-static-v0.1.0.zip(65.54 MB)
    rizin_installer-v0.1.0.exe(6.63 MB)
Owner
Rizin Organization
Rizin is a free and open-source Reverse Engineering framework
Rizin Organization
led is a line-oriented text editor in command line

led is a line-oriented text editor in command line. This editor is similar to the standard program on unix systems - GNU ed. But i'm not going to make an exact clone of that program, it's just a pet project.

Artem Mironov 13 Oct 4, 2022
Simple Unix Terminal Football Manager-like game.

Superleage 2020/2021 It is a "work in progress" simple game based on some mechanics of Football Manager. The game is in a very early stage of Developm

sewe2000 2 Oct 14, 2021
CLI11 is a command line parser for C++11 and beyond that provides a rich feature set with a simple and intuitive interface.

CLI11: Command line parser for C++11 What's new • Documentation • API Reference CLI11 is a command line parser for C++11 and beyond that provides a ri

null 2.4k Nov 28, 2022
A simple to use, composable, command line parser for C++ 11 and beyond

Clara v1.1.5 !! This repository is unmaintained. Go here for a fork that is somewhat maintained. !! A simple to use, composable, command line parser f

Catch Org 650 Nov 28, 2022
A simple to use, composable, command line parser for C++ 11 and beyond

Lyra A simple to use, composing, header only, command line arguments parser for C++ 11 and beyond. Obtain License Standards Stats Tests License Distri

Build Frameworks Group 382 Nov 29, 2022
A single header C++ library for parsing command line arguments and options with minimal amount of code

Quick Arg Parser Tired of unwieldy tools like getopt or argp? Quick Arg Parser is a single header C++ library for parsing command line arguments

null 46 Aug 10, 2022
null 78 Sep 22, 2022
Simple command line utilities for extracting data from Fallout 4 and 76 files

fo76utils Simple command line utilities for extracting data from Fallout 4 and 76 files. baunpack - list the contents of, or extract from .BA2 archive

null 13 Oct 18, 2022
A command line tool for numerically computing Out-of-time-ordered correlations for N=4 supersymmetric Yang-Mills theory and Beta deformed N=4 SYM.

A command line tool to compute OTOC for N=4 supersymmetric Yang–Mills theory This is a command line tool to numerically compute Out-of-time-ordered co

Gaoli Chen 1 Oct 16, 2021
C++ Library for pulling system and hardware information, without hitting the command line.

infoware C++ Library for pulling system and hardware information, without hitting the command line. Requirements No non-built-in ones by default. Some

The Phantom Derpstorm 319 Nov 22, 2022
EAMain provides a multi-platform entry point used for platforms that don't support console output, return codes and command-line arguments.

EAMain provides a multi-platform entry point used for platforms that don't support console output, return codes and command-line arguments.

Electronic Arts 34 Oct 1, 2022
A library for interactive command line interfaces in modern C++

cli A cross-platform header only C++14 library for interactive command line interfaces (Cisco style) Features Header only Cross-platform (linux and wi

Daniele Pallastrelli 874 Nov 30, 2022
Lightweight C++ command line option parser

Release versions Note that master is generally a work in progress, and you probably want to use a tagged release version. Version 3 breaking changes I

null 3.3k Nov 25, 2022
CLIp is a clipboard emulator for a command line interface written in 100% standard C only. Pipe to it to copy, pipe from it to paste.

CLIp v2 About CLIp is a powerful yet easy to use and minimal clipboard manager for a command line environment, with no dependencies or bloat. Usage Sy

A.P. Jo. 12 Sep 18, 2021
pbr2gltf2 is a command line tool for converting PBR images to a glTF 2.0 material.

pbr2gltf2 is a command line tool for converting PBR images to a glTF 2.0 material. The tool is detecting depending on the filename, which PBR information is stored. It swizzles the images and does reassign the channels to a glTF 2.0 image. The tool stores the images plus a minimal, valid glTF 2.0 file containing the required material, textures and images.

UX3D GmbH 23 Jul 31, 2022
A command-line tool to display colorful distro information.

sjfetch A command-line tool to display colorful distro information.

Fikret Musk 6 Apr 6, 2022
LwSHELL is lightweight, platform independent, command line shell for embedded systems.

LwSHELL is lightweight, platform independent, command line shell for embedded systems. It targets communication with embedded systems from remote terminal to quickly send commands and the retrieve data from the device.

Tilen Majerle 78 Nov 30, 2022
Toybox: all-in-one Linux command line.

Toybox: all-in-one Linux command line.

Rob Landley 1.8k Nov 27, 2022
Simple command line tool that processes image files using the FidelityFX Super Resolution (FSR) or Contrast Adaptive Sharpening (CAS) shader systems.

Simple command line tool that processes image files using the FidelityFX Super Resolution (FSR) or Contrast Adaptive Sharpening (CAS) shader systems.

GPUOpen Effects 188 Nov 20, 2022