Rabin2

Description

Rabin2 –  Extracts information from executable binaries like ELF, PE, Java CLASS, MACH-O. It’s used from the core to get exported symbols, imports, file information, xrefs, library dependencies, sections, …

Usage

Syntax

rabin2 [-ACdehHiIjlLMqrRsSvVxzZ] [[email protected] addr] [-a arch] [-b bits] [-B addr] [-c F:C:D] [-f str] [-m addr] [-n str] [-N len]  [-o str] [-O str] [-k query] file

Options

 [email protected] [addr]       show section, symbol or import at addr
 -A              list archs
 -a [arch]       set arch (x86, arm, .. or <arch>_<bits>)
 -b [bits]       set bits (32, 64 ...)
 -B [addr]       override base address (pie bins)
 -c [fmt:C:D]    create [elf,mach0,pe] with Code and Data hexpairs (see -a)
 -C              list classes
 -d              show debug/dwarf information
 -e              entrypoint
 -f [str]        select sub-bin named str
 -k [query]      perform sdb query on loaded file
 -K [algo]       calculate checksums (md5, sha1, ..)
 -g              same as -SMRevsiz (show all info)
 -h              this help
 -H              header fields
 -i              imports (symbols imported from libraries)
 -I              binary info
 -j              output in json Rabin2 
 -l              linked libraries
 -L              list supported bin plugins
 -m [addr]       show source line at addr
 -M              main (show address of main symbol)
 -n [str]        show section, symbol or import named str
 -N [minlen]     force minimum number of chars per string (see -z)
 -o [str]        output file/folder for write operations (out by default)
 -O [str]        write/extract operations (-O help)
 -p              show physical addresses
 -q              be quiet, just show fewer data
 -r              radare output Rabin2 
 -R              relocations Rabin2 
 -s              symbols (exports)
 -S              sections Rabin2 
 -v              display version and quit
 -x              extract bins contained in file
 -z              strings (from data section)
 -zz             strings (from raw bins [e bin.rawstr=1])
 -Z              guess size of binary program

Example

cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccyborg@cyborg:~$ rabin2 -AIjs /home/cyborg/Downloads/STATIC.ELF 
{"symbols":[],"info":{"type":"","class":"","endian":"little","machine":"","arch":"","os":"","lang":"","pic":false,"canary":false,"nx":false,"crypto":false,"va":false,"bits":32,"stripped":false,"static":true,"linenums":false,"syms":false,"relocs":false},

0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?