(@jeffreycrowell)

More documents

Recommendations

Info

windbg r2 allows to connect WinDBG/KD 2 For example, to debug windows kernel via the serial port: • bcdedit /debug on • bcdedit /dbgsettings serial debugport:1 baudrate:115200 then connect r2: • r2 -a x86 -b 32 -D wind windbg:///tmp/windbg.pipe For now, connecting to the QEMU and VirtualBox are tested 2 WinDbg in radare2 (2014). 72
debugging omap bootrom Just run it in the modified qemu 3 • ./configure –target-list=arm-softmmu ; make ; sudo make install • qemu-system-arm -M milestone -m 256 -L . -bios bootrom.bin -mtdblock mbmloader-1.raw -d in asm,cpu,exec -nographic -s -S • r2 -D gdb -b arm gdb://localhost:9999 Same approach could be used for any customized hardware 3 Anton Kochkov (2013). QEMU patched for loading OMAP bootroms. https://github.com/XVilka/qemu. 73
Page 1 and 2:
adare2 Radare2 - a framework for re
Page 3 and 4:
anton kochkov • Living in Moscow,
Page 5 and 6:
jeffrey crowell • Boston, MA, USA
Page 7 and 8:
installation
Page 9 and 10:
utilities
Page 11 and 12:
utilities • rax2 • rabin2 • r
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
utilities: radiff2 — graph exampl
Page 21 and 22: utilities: rafind2 rafind2 — Adva
Page 23 and 24: utilities: rahash2 rahash2 — bloc
Page 25 and 26: adare2 — command line
Page 27 and 28: the # command — hashing command 1
Page 29 and 30: the i command — information comma
Page 31 and 32: adare2 - types command example Quic
Page 33 and 34: adare2 — visual mode
Page 35 and 36: adare2 — webui
Page 37 and 38: adare2 — debugger
Page 39 and 40: utilities • rax2 • rabin2 • r
Page 41 and 42: debugging • Native local debug (r
Page 43 and 44: now your turn! • Crackmes: IOLI-C
Page 45 and 46: scripting capabilities Available fo
Page 47 and 48: popular tools • gdb + peda - sear
Page 49 and 50: getting binary info 49
Page 51 and 52: ”telescoping” register • we c
Page 53 and 54: pattern generate • DeBruijn patte
Page 55 and 56: debug ’profiles’ • r2 -de dbg
Page 57 and 58: context + patterns • write your o
Page 59 and 60: shellcoding • relocatable • tes
Page 61 and 62: code reuse • return to libc • r
Page 63 and 64: code reuse • demo • r2 -A /path
Page 65 and 66: stack layout • when you ”ret”
Page 67 and 68: demo time • super basic rop expl.
Page 69 and 70: debugging
Page 71: gdb protocol + wine Winedbg allows
Page 75 and 76: firmware analysis
Page 77 and 78: old legacy bios analysis • Load t
Page 79 and 80: searching guids 1. We need r2pipe (
Page 81 and 82: embedded controller - 8051 - esil v
Page 83 and 84: eferences
show all

(@jeffreycrowell)

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?