[coreboot] radare
Zoran Stojsavljevic
zoran.stojsavljevic at gmail.com
Tue Nov 8 19:32:55 CET 2016
Hello to all radare2 experienced people,
>From my VM Fedora 25 x86_64 on the top of VMWorkstation 12.5.1, on WIN10 64
Pro!
Here is my take on radare2... And I am not getting through. Transcript
follows:
[zoran at localhost bios]$ radare2 -e asm.bits=16 -e io.va=true
BIOS_AMI_BIOS.bin
-- attempt to dissasemble Core IVB AMI BIOS
[0000:0000]> S $s-0x10000 0xF000:0x0000 0x10000 0x10000 bootblk rwx
[0000:0000]> e asm.segoff=true
[0000:0000]> e asm.syntax = intel
[0000:0000]> s 0xf000:0xfff0
[f000:fff0]> pd 16
f000:fff0 ff invalid
f000:fff1 ff invalid
f000:fff2 ff invalid
f000:fff3 ff invalid
f000:fff4 ff invalid
f000:fff5 ff invalid
f000:fff6 ff invalid
f000:fff7 ff invalid
f000:fff8 ff invalid
f000:fff9 ff invalid
f000:fffa ff invalid
f000:fffb ff invalid
f000:fffc ff invalid
f000:fffd ff invalid
f000:fffe ff invalid
f000:ffff ff00 inc word [bx + si]
[f000:fff0]>
Help needed/comments appreciated. What am I doing wrong?
Thank you,
Zoran
On Mon, Nov 7, 2016 at 2:08 AM, Riko Ho <antonius.riko at gmail.com> wrote:
> Hi Zoran,
> I reckon that's the right radare, find *.bin or *.rom or *.hex and run
>
> [zoran at localhost ~]$ radare2 *.bin
> and s command and pD command....for example :
>
> [f000:fff0]> s f000:0
> [f000:0000]> pD 0xffff
>
>
> more info :https://radare.gitbooks.io/radare2book/content/disassembling/intro.html
>
>
> On 7/11/2016 5:41 AM, Zoran Stojsavljevic wrote:
>
> Hello Riko,
>
> I recently also became very interested to start using radare2 (Raphael
> Machado's dissasembly attempts got involved me, to set the tool). Since I
> am very lazy person, the first was to ask my Fedora 25 distro does the
> distro have package radare2?
>
> Yes, it does have it, so I have installed it. And for you, here is the
> transcript of my CLI for you.
>
> CLI traces (radare --help) are worth 1000nd words, don't you agree? ;-)
>
> Best Regards,
> Zoran
> _______
>
> [zoran at localhost ~]$ uname -r
> 4.8.6-300.fc25.x86_64
> [zoran at localhost ~]$ which radare2
> /usr/bin/radare2
> *[zoran at localhost ~]$ radare2 --help*
> radare2: invalid option -- '-'
> r_config_get: variable 'lp' not found
> -- open radare2 on an empty file
> - equivalent of 'r2 malloc://512'
> = read file from stdin (use -i and -c to run cmds)
> -= perform !=! command to run all commands remotely
> -0 print \x00 after init and every command
> -a [arch] set asm.arch
> -A run 'aaa' command to analyze all referenced code
> -b [bits] set asm.bits
> -B [baddr] set base address for PIE binaries
> -c 'cmd..' execute radare command
> -C file is host:port (alias for -c+=http://%s/cmd/)
> -d debug the executable 'file' or running process 'pid'
> -D [backend] enable debug mode (e cfg.debug=true)
> -e k=v evaluate config var
> -f block size = file size
> -F [binplug] force to use that rbin plugin
> -h, -hh show help message, -hh for long
> -i [file] run script file
> -I [file] run script file before the file is opened
> -k [k=v] perform sdb query into core->sdb
> -l [lib] load plugin file
> -L list supported IO plugins
> -m [addr] map file at given address (loadaddr)
> -M do not demangle symbol names
> -n, -nn do not load RBin info (-nn only load bin structures)
> -N do not load user settings and scripts
> -o [OS/kern] set asm.os (linux, macos, w32, netbsd, ...)
> -q quiet mode (no prompt) and quit after -i
> -p [prj] use project, list if no arg, load if no file
> -P [file] apply rapatch file and quit
> -R [rarun2] specify rarun2 profile to load (same as -e dbg.profile=X)
> -s [addr] initial seek
> -S start r2 in sandbox mode
> -t load rabin2 info in thread
> -u set bin.filter=false to get raw sym/sec/cls names
> -v, -V show radare2 version (-V show lib versions)
> -w open file in write mode
> -z, -zz do not load strings or load them even in raw
> Scripts:
> system /usr/share/radare2/radare2rc
> user ~/.radare2rc ${RHOMEDIR}/radare2/radare2rc (and radare2rc.d/)
> file ${filename}.r2
> Plugins:
> plugins /usr/lib/radare2/last
> user ~/.config/radare2/plugins
> LIBR_PLUGINS /usr/lib/radare2/0.10.6-git
> Environment:
> RHOMEDIR /home/zoran/.config/radare2
> RCFILE ~/.radare2rc (user preferences, batch script)
> MAGICPATH /usr/lib64/radare2/0.10.6-git/magic
> R_DEBUG if defined, show error messages and crash signal
> VAPIDIR path to extra vapi directory
> R2_NOPLUGINS do not load r2 shared plugins
> Paths:
> PREFIX /usr
> INCDIR /usr/include/libr
> LIBDIR /usr/lib64
> LIBEXT so
> [zoran at localhost ~]$
>
> On Sat, Nov 5, 2016 at 3:55 AM, Riko Ho <antonius.riko at gmail.com> wrote:
>
>> Hi Rafael,
>>
>> For example I want to see the asm code for the whole 512Kbytes....is that
>> possible ?
>> How ?
>>
>> Thanks
>>
>> On 5/11/2016 3:36 AM, Rafael Machado wrote:
>>
>> Hi
>>
>> You can use the pd command.
>> p = Print
>> d = disassemby
>>
>> You can also add the number of instruction you whant to see. For example:
>>
>> pd 10
>>
>> Thanks
>> Rafael Machado
>>
>> Em qua, 2 de nov de 2016 às 04:01, Riko Ho <antonius.riko at gmail.com>
>> escreveu:
>>
>>> Everyone, Idwer,
>>>
>>> I have radare question :
>>>
>>> I played until this point :
>>> c:>radare2 -e asm.bits=16 -e io.va=true i946gz.bin
>>> -- radare2 is WYSIWYF - what you see is what you fix
>>> [f000:fff0]> S $s-0x10000 0xF000:0x0000 0x10000 0x10000 bootblk rwx
>>> [f000:fff0]> e asm.segoff=true
>>> [f000:fff0]> s 0xf000:0xffff0
>>> [f000:ffff]>
>>>
>>> How can I see the assembler code from there ? It's started from
>>> FFFF0....I'm sure the last byte instruction is jump to 0x00000
>>>
>>> Cheers
>>>
>>> --
>>> coreboot mailing list: coreboot at coreboot.org
>>> https://www.coreboot.org/mailman/listinfo/coreboot
>>>
>>
>>
>> --
>>
>>
>>
>> */*===*/ Kind regards, Riko Ho /*===*/ *
>>
>> --
>> coreboot mailing list: coreboot at coreboot.org
>> https://www.coreboot.org/mailman/listinfo/coreboot
>>
>
>
>
> --
>
>
>
> */*===*/ Kind regards, Riko Ho /*===*/ *
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20161108/79c9c399/attachment.html>
More information about the coreboot
mailing list