TOC

0.0 - Generality on radare2 framework 1.1 - Utility toolsuit 2.1 - Radare2 - Generalities 2.2 - Radare2 - Printing 2.3 - Radare2 - Info Commands 2.4 - Radare2 - Search 2.5 - Analysis 2.6 - Visual Mode(s) 2.7 - Student Practices - IOLI Set - Questions/Answers

1.1 Windows malware example 1.2 Linux malware example

2.1. General MIPS router firmware unpacking (15 minutes) Showing low-hanging vulnerabilities in a classic SOHO router.

2.2 General ARM firmware analysis - bootloaders and android executables (15 minutes)

• Texas Instruments bootrom analysis
• Qualcomm TrustZone analysis
• One of Android executables

2.3 HDD firmware analysis (15 minutes)

• Seagate firmware unpacking and disassembling

1.1 gdb (10 minutes) Since the current native debugger is not perfect (it will be the focus for the next release), Radare2 can use gdb as a backend to debug processes.

1.2 native (10 minutes) We'll show basic on-host debugging case, when you are brave enough to debug executable (or even malware) directly on your machine. Also:

• rarun2 - setup execution environment for a program (chroot, parameters, env, etc.)
• remote r2 debugging r2 -c=h && r2 -C http://.../cmd/

1.3 WinDbg and PDB (10 minutes) Essential part for the windows debuggind is loading PDB files, especially for Windows drivers.

2.1 qemu (10 minutes) Using embedded gdbserver to debug x86 bootloader/bios/uefi, and arm bootloader (see Part II, 2.2 section)

Basic scripting, pipelining radare2 commands, without any external plugins. Using python plugins, high-level analysis using python bindings

Using r2pipe for scripting with python, javascript.

Using 'classic' and 'ctypes' python bindings for the radare2 library

ESIL is an Evaluateable String Intermediate Language

ESIL syntax, opcodes, sources of the ESIL analysis

Using ESIL for the emulation, without qemu/bochs/vbox needed

To be able to use already existing tools based on REIL

THE END