💾 Archived View for radare.org › book › debugger › migration.gmi captured on 2024-05-10 at 11:03:58. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-11-04)
-=-=-=-=-=-=-
`r2 -d /bin/ls` - start in debugger mode => [video[1]]
`r2 -d <pid>` - attach to process
`r2 ptrace://pid` - same as above, but only for io (not debugger backend hooked)
`[0x7fff6ad90028]> o-225` - close fd=225 (listed in `o~[1]:0`)
`r2 -D gdb gdb://localhost:1234` - attach to gdbserver
Use `rarun2` (`libpath=$PWD:/tmp/lib`, `arg2=hello`, `setenv=FOO=BAR` ...) see `rarun2 -h` / `man rarun2`
`r2 -i <scriptfile> ...` - run a script **after** loading the file => [video[1]]
`r2 -I <scriptfile> ...` - run a script **before** loading the file
`r2 -c $@ | awk $@` - run through awk to get asm from function => [link[1]]
`[0x80480423]> . scriptfile` - interpret this file => [video[1]]
`[0x80480423]> #!c` - enter C repl (see `#!` to list all available RLang plugins) => [video[1]], everything have to be done in a oneliner or a .c file must be passed as an argument.
To get `#!python` and much more, just build radare2-bindings[1]
`CL @ sym.main` - though the feature is highly experimental
| Command | IDA Pro | radare2 | r2 (visual mode) | GDB | WinDbg | | | |**Analysis** | | | |Analysis of everything |`Automatically launched when opening a binary` |`aaa or -A (aaaa or -AA for even experimental analysis)` | `N/A` |N/A |N/A |**Navigation** | | | |xref to |`x` |`axt` | `x` |N/A |N/A |xref from |`ctrl + j` |`axf` | `X` |N/A |N/A |xref to graph |? |`agt [offset]` | ? |N/A |N/A |xref from graph|? |`agf [offset]` | ? |N/A |N/A |list functions |`alt + 1` |`afl;is` | `t` |N/A |N/A |listing |`alt + 2` |`pdf` | `p` |N/A |N/A |hex mode |`alt + 3` |`pxa` | `P` |N/A |N/A |imports |`alt + 6` |`ii` | `:ii` |N/A |N/A |exports |`alt + 7` |`is~FUNC` | ? |N/A |N/A |follow jmp/call|`enter` |`s offset` |`enter` or `0`-`9`|N/A |N/A |undo seek |`esc` |`s-` | `u` |N/A |N/A |redo seek |`ctrl+enter` |`s+` | `U` |N/A |N/A |show graph |`space` |`agv` | `V` |N/A |N/A |**Edit** | | | |rename |`n` |`afn`| `dr` |N/A |N/A |graph view |`space` |`agv` | `V` |N/A |N/A |define as data |`d` |`Cd [size]` | `dd`,`db`,`dw`,`dW`|N/A |N/A |define as code |`c` |`C- [size]` | `d-` or `du` |N/A |N/A |define as undefined|`u` |`C- [size]` | `d-` or `du` |N/A |N/A |define as string|`A` |`Cs [size]` | `ds` |N/A |N/A |define as struct|`Alt+Q` |`Cf [size]` | `dF` |N/A |N/A |**Debugger** | | | | |Start Process/ Continue execution|`F9` |`dc` | `F9` | `r` and `c` | `g` |Terminate Process|`Ctrl+F2` |`dk 9` | ? | `kill` | `q` |Detach |`?` | `o-` | ? | `detach` | |step into |`F7` |`ds` | `s` | `n` | `t` |step into 4 instructions | ? | `ds 4` | F7 | `n 4` | `t 4` |step over |`F8` |`dso` | `S` | `s` | `p` |step until a specific address|?|`dsu <addr>` | ? | `s` | `g <addr>` |Run until return|`Ctrl+F7` |`dcr` | ? | `finish` | `gu` |Run until cursor|`F4` |#249[1]| #249[2] | N/A | N/A |Show Backtrace |`?` |`dbt` | ? | `bt` | |display Register|On register Windows|`dr all` | Shown in Visual mode | `info registers` | `r` |display eax |On register Windows |`dr?eax` | Shown in Visual mode | `info registers eax` | `r rax` |display old state of all registers |? |`dro` | ? | ? | ? |display function addr + N |? |`afi $` - display function information of current offset (`$`) | ? | ? | ? |display frame state |? |`pxw rbp-rsp@rsp`| ? | `i f` | ? |How to step until condition is true |? |`dsi` | ? | ? | ? |Update a register value |? |`dr rip=0x456` | ? | `set $rip=0x456` | `r rip=456` |**Disassembly** | | | | |disassembly forward | N/A | `pd` | `Vp` | `disas` | `uf`, `u` |disassembly N instructions | N/A | `pd X` | Vp | x/<N>i | `u <addr> LX` |disassembly N (backward) | N/A | `pd -X` | `Vp` | `disas <a-o> <a>` | `ub` |**Information on the bin** | | | | |Sections/regions | `Menu sections` | `iS` or `S` (append j for json) | N/A | maint info sections | !address |**Load symbol file** | | | | |Sections/regions | `pdb menu` | `asm.dwarf.file`, `pdb.XX`) | N/A | add-symbol-file | r |**BackTrace** | | | | |Stack Trace | N/A | `dbt` | N/A | `bt` | `k` |Stack Trace in Json | N/A | `dbtj` | N/A | | |Partial Backtrace (innermost) | N/A | `dbt` (`dbg.btdepth` `dbg.btalgo`) | N/A | bt <N> | k <N> |Partial Backtrace (outermost) | N/A | `dbt` (`dbg.btdepth` `dbg.btalgo`) | N/A | bt -<N> | |Stacktrace for all threads | N/A | `dbt@t` | N/A | `thread apply all bt` | `~* k` |**Breakpoints** | | | | | |Breakpoint list |`Ctrl+Alt+B` |`db` | ? | `info breakpoints` | `bl` |add breakpoint |`F2` |`db [offset]` |`F2` | `break`| `bp` |**Threads** | | | | | |Switch to thread |`Thread menu` |`dp` | N/A | `thread <N>`| `~<N>s` |**Frames** | | | | | |Frame Numbers |`N/A` |`?` | N/A | `any bt command`| `kn` |Select Frame |`N/A` |`?` | N/A | `frame`| `.frame` |**Parameters/Locals** | | | | | |Display parameters |`N/A` |`afv` | N/A | `info args`| `dv /t /i /V` |Display parameters |`N/A` |`afv` | N/A | `info locals`| `dv /t /i /V` |Display parameters/locals in json |`N/A` |`afvj` | N/A | `info locals`| `dv /t /i /V` |list addresses where vars are accessed(R/W) |`N/A` |`afvR/afvW` | N/A | `?`| `?` |**Project Related** | | | | |open project | |`Po [file]` | | ? |save project | automatic |`Ps [file]` | | ? |show project informations | |`Pi [file]` | | ? |**Miscellaneous** | | | | |Dump byte char array | `N/A` |`pc?` (json, C, char, etc.) | Vpppp | x/<N>bc | db |options |option menu |`e?` | `e` | |search |search menu |`/?` | Select the zone with the cursor `c` then `/` | | `s`
1. `dcf` - until a fork happen 2. then use `dp` to select what process you want to debug.